|
Log-Analyse und Auswertung: Hackerangriff TrojanervirusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.11.2023, 15:49 | #1 |
| Hackerangriff Trojanervirus Hallo liebes Forum, bei mir ist der Worse-Case eingetreten. Vor einigen Wochen wurde zuerst mein Twitter-Account gehackt, Emailadresse und Passwort geändert, sodass ich mich nicht mehr einloggen kann. Der Account postet nur Werbung für Bitcoins. In den folgenden Wochen waren diverse Dateien auf verschiedenen Festplatten immer wieder schreibgeschützt und die Nutzerberechtigungen wurden wiederholt verändern. Außerdem kam es mehrere Male vor, dass in meinem Emailaccount plötzlich alle Mails weg waren, was ich mir nicht erklären konnte. Wenn ich die Vollständige Virenüberprüfung von Windows 10 ausgeführt habe, tauchten immer wieder einzelne Viren auf. Ich ließ sie entfernen, aber nur einen Tag später wurde wieder irgendein Virus gefunden. Schließlich ist mein PC plötzlich abgestürzt und Windows musste sehr lange laden und irgendeine Überprüfung vornehmen, bevor es wieder startete. Ein Schaden entstand hierdurch, soweit ich es überblicke, nicht, aber es war schon sehr seltsam. Schließlich erhielt ich gestern eine Email, in der mir gesagt wurde, dass mein Systeme gehackt wurden und ein Trojaner darauf installiert wurde, mit dem alles kontrolliert würde und der unauffindbar wäre, da er sich ständig aktualisiere. Meine Accounts würden alle gehackt, da man mein Passwort wüsste. Dann wurde dieses Passwort genannt und es war richtig. Antworten konnte ich auf diese Mail nicht, da sie mir von meiner eigenen Emailadresse gesendet wurde laut Absender. In der Mail wurde gesagt, dass ich schon seit längerem beobachtet würde und dann wurden zutreffende Dinge über mich gesagt, was sehr unheimlich war. Es hieß, man hätte Zugriff auf meine Kamera und mein Mikrofon. Schließlich wird in der Email gefordert, dass ich 600 Dollar auf ein Bitcoinkonto überweisen soll, damit der Trojaner entfernt wird. Der Link dazu war in der Email angegeben. Es wurde gesagt, wenn ich zur Polizei gehe oder irgendjemand davon erzähle, verlöre ich alle meine Daten und Accounts usw. Er sagt in der Mail außerdem, dass sein Trojanervirus über eine Fernsteuerungsfunktion, ähnlich wie TeamViewer, verfüge. Ich habe meinen Computer sofort vom Internet getrennt und alle meine Passwörter über einen anderen Computer (Laptop) geändert in allen Onlinekonten, die mir eingefallen sind (rund dreißig). Gerade schreibe ich dies auch über meinen Laptop, auf dem keine sensiblen oder lebenswichtigen Daten sind. Mein Desktop-PC ist weiterhin nicht mit dem Internet verbunden. Ein Freund hat mir gesagt, ich solle über die Kommandozeile in Windows 10 eine Überprüfung starten, die gründlicher sei, als die normale Vollständige Virenüberprüfung unter Systemeinstellungen. Dies habe ich gemacht, es wurden 0 Trojaner gefunden. Wie soll ich nun vorgehen, um mein System zu schützen? Das Passwort meines Mailanbieters (mailbox.org) habe ich bereits geändert. Aber reicht das? Ich frage mich außerdem, wie ich meinen Desktop-PC künftig überhaupt noch mit dem Netz verbinden kann. Meine Arbeit aus dem Homeoffice und tägliche Recherchearbeiten machen dies leider nötig. Die Sache hat mich in große Not gebracht, da ich auf meinem Computer so wichtige Daten habe, dass ein Verlust dieser Daten meine Lebensgrundlage und mein Einkommen, eigentlich mein ganzes Leben zunichte machen würden. Wenn also auch nur eine 1%ige Möglichkeit besteht, dass diese Email vom Hacker kein Scam ist, würde ich das Geld wahrscheinlich zahlen. Dummerweise aber habe ich dieses Geld nicht zurzeit. Wenn hier jemand eine Idee hat, was ich machen könnte, wäre ich ihm unendlich dankbar. Ich habe Angst. Im Folgenden noch ein paar Auszüge aus der Email, die ich bekommen habe (die Nennung der sensiblen Daten habe ich weggelassen): -------- WARNING! I'm hacked you and stolen you information Hey ticro.goto@mailbox.org, I have to share bad news with you. Approximately few months ago I have gained access to your devices, which you use for internet browsing. After that, I have started tracking your internet activities. Some time ago I hacked you and got access to your email accounts ticro.goto@mailbox.org . Obviously, I have easily hack to log in to your email. Your password: [Hier steht mein Passwort, das richtig war. Ich habe es inzwischen geändert] One week later, I have already installed Trojan virus to Operating Systems of all the devices that you use to access your email. In fact, it was not really hard at all (since you were following the links from your inbox emails). All ingenious is simple. =) This software provides me with access to all the controllers of your devices (e.g., your microphone, video camera and keyboard). I have downloaded all your information, data, photos, web browsing history to my servers. I have access to all your messengers, social networks, emails, chat history and contacts list. My virus continuously refreshes the signatures (it is driver-based), and hence remains invisible for antivirus software. Likewise, I guess by now you understand why I have stayed undetected until this letter... [Es folgen einige Information über mein Privatleben] Let's settle it this way: You transfer $600 USD to me (in bitcoin equivalent according to the exchange rate at the moment of funds transfer). After that we will forget about each other. I also promise to deactivate and delete all the harmful software from your devices. Trust me, I keep my word. This is a fair deal and the price is quite low, considering that I have been checking out your profile and traffic for some time by now. In case, if you don't know how to purchase and transfer the bitcoins - you can use any modern search engine. Here is my bitcoin wallet: bc1qvuvetcj4u9ppf8ewqh3x9ul4mc2fqe6lalarff Things you need to avoid from doing: *Do not reply me (I have created this email inside your inbox and generated the return address). *Do not try to contact police and other security services. In addition, forget about telling this to you friends. If I discover that (as you can see, it is really not so hard, considering that I control all your systems) - your data will be delete. *Don't try to find me - it is absolutely pointless. All the cryptocurrency transactions are anonymous. *Don't try to reinstall the OS on your devices or throw them away. Things you don't need to worry about: *That I won't be able to receive your funds transfer. - Don't worry, I will see it right away, once you complete the transfer, since I continuously track all your activities (my trojan virus has got a remote-control feature, something like TeamViewer). - Trust me, I have no point to continue creating troubles in your life. If I really wanted that, I would do it long time ago! Everything will be done in a fair manner! One more thing... Don't get caught in similar kind of situations anymore in future! My advice - keep changing all your passwords on a frequent basis |
21.11.2023, 16:03 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hackerangriff TrojanervirusZitat:
Wenn es darum geht, dass der Erpresser deine Daten hat: das lässt sich nicht mehr ändern. Gut möglich, dass er von interessanten Dateien von dir eine Kopie bei sich irgendwo im System hat. Dass er diese Daten nach Erhalt des Geldes, welches du eh nicht hast, löscht, muss ja auch nicht sein.
__________________ |
21.11.2023, 16:15 | #3 |
| Hackerangriff Trojanervirus Natürlich habe ich ein Backup. Ich nutze dafür ein NAS mit zwei Festplatten, außerdem habe ich eine dritte externe Festplatte, auf der die Daten ebenfalls nochmal sind. Allerdings wurden die Berechtigungen zu diesen Dateien ebenfalls wiederholt verändert, weshalb ich den Verdacht habe, dass der Hacker auch auf meine externe Festplatte zugreifen kann, wenn sie angeschlossen ist. Um etwas auf die Festplatte zu kopieren, muss ich sie manchmal mit meinem System verbinden.
__________________Dass der Hacker Daten von mir hat, ist für mich nicht so lebenswichtig, wie der Schutz und Erhalt der Daten auf meinem Computer, sprich der Schutz vor diesem Trojaner, den Windows 10 allerdings nicht findet. |
21.11.2023, 16:46 | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hackerangriff TrojanervirusZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
21.11.2023, 16:59 | #5 |
| Hackerangriff TrojanervirusCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2023 durchgeführt von WORKSTATION (Administrator) auf DESKTOP-HKLF9N7 (ASUS System Product Name) (21-11-2023 16:58:54) Gestartet von C:\Users\ticro\Desktop\FRST64.exe Geladene Profile: WORKSTATION Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3570 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe <6> (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Crash Processor.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe (C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe (C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe <16> (C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\x86\Acrobat\Acrobat.exe <2> (C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <4> (C:\Program Files\Adobe\Adobe InDesign 2024\InDesign.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\CEPHtmlEngine.exe <23> (C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe (C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe (C:\Program Files\iA Writer\iAWriter.exe ->) (Information Architects AG -> The CefSharp Authors) C:\Program Files\iA Writer\CefSharp.BrowserSubprocess.exe <3> (C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe (C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (explorer.exe ->) (6099D0EF-9374-47ED-BDFE-A82136831235 -> File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.2.1.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe (explorer.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe InDesign 2024\InDesign.exe (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe <2> (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (explorer.exe ->) (B8E9A58B-32A7-4C6C-A474-D4BE2A3CEAD8 -> Xander Frangos) C:\Program Files\WindowsApps\38002AlexanderFrangos.TwinkleTray_1.15.2.0_x64__m7qx9dzpwqaze\app\Twinkle Tray.exe <5> (explorer.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\ticro\AppData\Local\FluxSoftware\Flux\flux.exe (explorer.exe ->) (Information Architects AG -> iA) C:\Program Files\iA Writer\iAWriter.exe (explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicStartMenu.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE <2> (explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE (explorer.exe ->) (VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <205> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (services.exe ->) (CleverFiles) [Datei ist nicht signiert] C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_d8d8130c2588d45b\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_08a52cf2f322ba79\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe (services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (sihost.exe ->) (40E66D07-5A3A-4954-9CA3-A1EB15ED0804 -> ) C:\Program Files\WindowsApps\19282JackieLiu.Notepads-Beta_1.4.8.0_x64__echhpq9pdbte8\Notepads.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2342.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe (svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2> (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <10> (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe (svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (svchost.exe ->) (Skype Software Sarl -> ) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (svchost.exe ->) (Skype Software Sarl -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKLM-x32\...\Run: [Drakonia II Gaming Mouse] => C:\Program Files (x86)\Drakonia II Gaming Mouse\hid.exe [794112 2019-03-22] () [Datei ist nicht signiert] HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-04-15] (Power Software Ltd -> Power Software Ltd) HKLM-x32\...\Run: [Logi Tune] => C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe [134023056 2022-12-09] (Logitech Inc -> Logitech) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> ) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2023-09-16] (Adobe Inc. -> Adobe Inc.) HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\MRT: Beschränkung <==== ACHTUNG HKLM\Software\Policies\...\system: [EnableActivityFeed] 0 HKLM\Software\Policies\...\system: [PublishUserActivities] 0 HKLM\Software\Policies\...\system: [UploadUserActivities] 0 HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0 HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0 HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [f.lux] => C:\Users\ticro\AppData\Local\FluxSoftware\Flux\flux.exe [1525880 2023-05-18] (F.lux Software LLC -> f.lux Software LLC) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4377448 2023-10-31] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Opera GX Stable] => C:\Users\ticro\AppData\Local\Programs\Opera GX\launcher.exe [2769312 2023-11-17] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Discord] => C:\Users\ticro\AppData\Local\Discord\Update.exe [1525016 2022-10-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\ticro\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [MicrosoftEdgeAutoLaunch_06E1957EAB573F921F12B105FFB2C315] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Camera Hub] => "C:\Program Files\Elgato\CameraHub\Camera Hub.exe" /b (Keine Datei) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37138384 2023-11-18] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090168 2023-06-29] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13734376 2023-02-28] (GOG Sp. z o.o. -> GOG.com) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2654824 2023-10-27] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11516888 2023-10-09] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Policies\Explorer: [HideSCAMeetNow] 1 HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\MountPoints2: G - "G:\setup.exe" HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2022-11-14] (Adobe Inc. -> Adobe Systems Inc) HKLM\...\Print\Monitors\EPSON ET-M2170 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBVWE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe [2023-11-17] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {6DFB7BD1-CB32-4A3C-835B-1078FA9F1B8A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.) Task: {B243DFFA-6EE8-44C5-83F7-48D68CBEFB9D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {7C692311-D0CE-4B5F-9593-846896F6EBA1} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {455EA75D-7ABB-4AB7-B755-3F8148626D14} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [313192 2023-09-12] (ASUSTeK COMPUTER INC. -> ASUS) Task: {4F6864B4-BF0C-49AC-953D-467ED4AFC413} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1946472 2023-09-12] (ASUSTeK COMPUTER INC. -> ASUS) Task: {FB6E6F84-3532-49C2-9A51-5FF3B6FB961D} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d8ef70f9dc8bf1 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) Task: {7C9E40F9-31B3-4820-87BA-258060515317} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) Task: {2F9D894E-556B-457E-BFE3-EF1B4DE79038} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2023-09-14] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) Task: {DB8EF6E8-4554-467E-901B-3BE0B42B6FD2} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1254760 2022-12-05] (ASUSTeK COMPUTER INC. -> ASUS) Task: {9730E86E-DDE0-4AFE-A659-AB98AA2D627C} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei) Task: {E71998A1-B1B8-41AD-9C5A-1DEFA5BF6DB1} - System32\Tasks\EPSON ET-M2170 Series Update {EE712C26-6847-4484-9034-1F116AFF0323} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVWE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) Task: {DD293FE9-1D46-4CBF-9E8A-229949916DD5} - System32\Tasks\GoogleUpdateTaskMachineCore{735CF719-D2AA-4EC9-9643-868778E0CD5B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-16] (Google LLC -> Google LLC) Task: {A7645D33-0852-4437-9175-3943EF6C562B} - System32\Tasks\GoogleUpdateTaskMachineUA{ABBDF71D-6D2B-46C6-A3D6-886B290C59A5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-16] (Google LLC -> Google LLC) Task: {37C12AF0-AEEC-49C7-A74A-D405E9F7044A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033064 2023-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {16660F2E-B776-4219-A0DD-591047D70372} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033064 2023-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {FC8DDCBB-7334-4F89-A7D1-A120699FCE3B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {A2CC903D-BF29-4857-902A-02347DF21819} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {DB633567-EB35-422E-A7D1-D6C9607081BB} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169656 2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {299E11AC-CA16-4CC4-B7B0-A612C299492F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F358F8B7-51B0-4604-A4FC-FE56B36350FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6541D807-83DA-4F38-9B8D-1830F84FAC10} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0CC7559D-1679-4CCF-BCC2-74C9A0B00283} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8881A74D-2228-4F68-B5A1-DDF0962F7597} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe [11015736 2023-01-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EB3F2107-8E55-4FE3-B117-18D581EB0864} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {D0869EBD-0BCE-4908-89BE-8867403E127F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {36EA9754-95C6-4445-BB07-630C30444677} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {B2DBBB81-244A-4440-AE9F-D28D91C00F68} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {46B578DA-122C-4879-B43D-1AB0F4404F10} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {27312F1C-0984-453A-AB9A-9C9E51060CC9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {453C683F-B3E5-4F07-AF45-5F4D09E70FED} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {971A08DD-7599-4893-B55C-11B098070C98} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {2DC25538-0304-4829-B47A-7BE2324A7DFD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {3D822E22-1C7D-4EFE-AE6C-9CB9838CC6EB} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1671168092 => C:\Users\ticro\AppData\Local\Programs\Opera GX\launcher.exe [2769312 2023-11-17] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\ticro\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {CDBE9A96-47FB-45DB-A71F-96EE0613F9E7} - System32\Tasks\Opera GX scheduled Autoupdate 1668261402 => C:\Users\ticro\AppData\Local\Programs\Opera GX\launcher.exe [2769312 2023-11-17] (Opera Norway AS -> Opera Software) Task: {8A5E4BFE-C27E-4A45-A030-046322F06E60} - System32\Tasks\Opera scheduled Autoupdate 1668199992 => C:\Users\ticro\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\EPSON ET-M2170 Series Update {EE712C26-6847-4484-9034-1F116AFF0323}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVWE.EXE:/EXE:{EE712C26-6847-4484-9034-1F116AFF0323} /F:UpdateWORKGROUP\DESKTOP-HKLF9N7$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{0f641379-587b-4966-b597-38c1516525b1}: [DhcpNameServer] 192.168.178.1 Edge: ======= Edge HomeButtonPage: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001 -> hxxps://www.ya.ru/?win=591&clid=2761555-72 Edge Profile: C:\Users\ticro\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-21] Edge Extension: (Google Docs Offline) - C:\Users\ticro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-07] Edge Extension: (Edge relevant text changes) - C:\Users\ticro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-07] FireFox: ======== FF ProfilePath: C:\Users\ticro\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2023-04-29] FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> hxxps://www.ya.ru/?win=591&clid=2761555-72 FF SearchPlugin: C:\Users\ticro\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.ru-20231929.xml [2023-04-29] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-09-16] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-09-16] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default [2023-11-21] CHR DownloadDir: C:\Users\ticro\Desktop CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://www.facebook.com; hxxps://www.lieferando.de; hxxps://www.sueddeutsche.de CHR Session Restore: Default -> ist aktiviert. CHR Extension: (Pop-up-Blocker für Chrome™ - Poper Blocker) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2023-11-19] CHR Extension: (uBlock Origin) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-11-20] CHR Extension: (change-language) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2023-11-13] CHR Extension: (Just Read) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmanlpmmkibanfdgjocnabmcaclkmod [2023-11-16] CHR Extension: (Reader View) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecabifbgmdmgdllomnfinbmaellmclnh [2023-10-19] CHR Extension: (Session Buddy) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2023-11-10] CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-19] CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2023-07-24] CHR Extension: (I don't care about cookies) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-10-19] CHR Extension: (Google Docs Offline) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-19] CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-16] CHR Extension: (Volume Master - Lautstärkeregler) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2023-03-29] CHR Extension: (Marsala) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjlfmldcaheghnjjpgpoadjfppefjmkj [2023-01-15] CHR Extension: (YouTube™ Repeat Button) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lapfofmpmghklaegbdamgdojjninpnkg [2023-07-24] CHR Extension: (Shazam: Finde Songtitel in deinem Browser) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-10-27] CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2023-10-19] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-03] CHR Extension: (Browse AI: Fast Web Scraping & Monitoring) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpcenkclppghkfpielmefegceegofeh [2023-11-08] CHR Extension: (Mute Tab Shortcuts) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\opcjanmpjbdbdpnjfjbboacibokblbhl [2022-12-16] CHR Extension: (UnDistracted - Hide Facebook, YouTube Feeds) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjgklgkfeoeiebjogplpnibpfnffkng [2023-05-10] CHR Profile: C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-09-22] CHR DefaultSearchURL: Profile 1 -> hxxps://yandex.ru/search/?__PARAM__from=chromesearch&text={searchTerms} CHR DefaultSearchKeyword: Profile 1 -> yandex.ru CHR DefaultSuggestURL: Profile 1 -> hxxps://suggest.yandex.net/suggest-ff.cgi?uil=ru&part={searchTerms} CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-22] CHR Extension: (Яндекс) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fhkbfkkohcdgpckffakhbllifkakihmh [2023-09-22] CHR Extension: (Google Docs Offline) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-22] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-22] CHR Profile: C:\Users\ticro\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-19] CHR HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhkbfkkohcdgpckffakhbllifkakihmh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Opera: ======= OPR Profile: C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable [2023-04-29] OPR Extension: (Rich Hints Agent) - C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-11] OPR Extension: (Opera Wallet) - C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-11] OPR Extension: (Amazon Assistant Promotion) - C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-11-11] StartMenuInternet: (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001) Opera GXStable - "C:\Users\ticro\AppData\Local\Programs\Opera GX\Launcher.exe" Brave: ======= BRA Profile: C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-01-20] BRA Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-01-02] BRA Extension: (Brave Local Data Files Updater) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-01-02] BRA Extension: (Brave NTP background images) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-01-02] BRA Extension: (Wallet Data Files Updater) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-01-02] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-01-02] BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-01-02] BRA Extension: (Brave Ad Block Updater (EasyList Germany (plaintext))) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2023-01-02] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-01-02] BRA Extension: (Brave NTP sponsored images) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2023-01-02] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-01-02] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2023-09-16] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [399984 2023-07-27] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe [896872 2023-07-27] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-05-19] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2022-12-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1157088 2023-10-29] (ASUSTeK COMPUTER INC. -> ) R2 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [278528 2020-12-10] (CleverFiles) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12875960 2023-10-18] (Microsoft Corporation -> Microsoft Corporation) S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11139176 2023-10-27] (Electronic Arts, Inc. -> Electronic Arts) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2317800 2023-02-28] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178728 2023-02-28] (GOG Sp. z o.o. -> GOG.com) R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.) S2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4799336 2023-09-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-10-25] (Logitech Inc -> Logitech) R2 LogiTuneUpdaterService; C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe [7005584 2022-12-09] (Logitech Inc -> Logitech, Inc.) R2 NTKDaemonService; C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe [16784608 2022-12-13] (Native Instruments GmbH -> Native Instruments GmbH) R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [17595136 2023-02-03] (Logitech Inc -> Logitech, Inc.) R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-10-21] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> ) R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [49256 2022-08-15] (ASUSTeK COMPUTER INC. -> ) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2023-10-29] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) S3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43016 2023-10-19] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [32320 2022-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.) R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [386552 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Dokan Project) S3 ElgatoVirtualCamera; C:\WINDOWS\System32\drivers\ElgatoVirtualCamera.sys [14380560 2022-08-16] (WDKTestCert Elgato,132863164269755022 -> Windows (R) Win 7 DDK provider) R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54752 2023-01-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) R3 MpKsld7cf2a68; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F8D5C775-4458-4351-AE20-EB67E11BCAB0}\MpKslDrv.sys [263560 2023-11-20] (Microsoft Windows -> Microsoft Corporation) R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19016 2023-03-12] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) S3 RDID1102; C:\WINDOWS\system32\Drivers\RDWM1102.SYS [55296 2021-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation) U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation) U4 UnlockerDriver5; \??\C:\Users\ticro\Desktop\x86\UnlockerDriver5.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-11-21 16:58 - 2023-11-21 16:59 - 000048520 _____ C:\Users\ticro\Desktop\FRST.txt 2023-11-21 16:58 - 2023-11-21 16:59 - 000000000 ____D C:\FRST 2023-11-21 16:58 - 2023-11-03 16:46 - 002383872 _____ (Farbar) C:\Users\ticro\Desktop\FRST64.exe 2023-11-20 16:33 - 2023-11-20 16:33 - 000059904 _____ C:\Users\ticro\Desktop\Microsoft Publisher Document (neu).pub 2023-11-20 15:15 - 2023-11-20 15:15 - 000000000 _____ C:\Users\ticro\Desktop\~umschlag_pfloecke_~h$fnf4.idlk 2023-11-20 15:15 - 2023-11-20 15:15 - 000000000 _____ C:\Users\ticro\Desktop\~tg_schwerter_des_g~gsv6q-.idlk 2023-11-20 09:30 - 2023-11-20 15:22 - 011427840 _____ C:\Users\ticro\Desktop\TG_Schwerter_des_Geistes_Buch.indd 2023-11-20 07:58 - 2023-11-20 10:16 - 000397738 _____ C:\Users\ticro\Desktop\Umschlag_Pfloecke_WS_mit_Beschnitt.pdf 2023-11-20 07:00 - 2023-11-20 07:00 - 000000000 _____ C:\Users\ticro\Desktop\~tg_pfloecke_12.6x1~0u8dg9.idlk 2023-11-20 06:59 - 2023-11-20 15:25 - 119939072 _____ C:\Users\ticro\Desktop\TG_Pfloecke_12.6x18.8+0.5_Beschnitt_666p_115g.indd 2023-11-20 05:00 - 2023-11-20 15:20 - 002183168 _____ C:\Users\ticro\Desktop\Umschlag_Pfloecke_WS_mit_Beschnitt.indd 2023-11-20 04:45 - 2023-11-20 04:45 - 001137386 _____ C:\Users\ticro\Desktop\ulysses_9783518472255_leseprobe.pdf 2023-11-20 01:57 - 2023-11-20 01:57 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2024.lnk 2023-11-20 01:55 - 2023-11-20 01:55 - 000001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2024.lnk 2023-11-20 01:53 - 2023-11-20 01:53 - 000001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2024.lnk 2023-11-20 01:50 - 2023-11-20 01:50 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2024.lnk 2023-11-20 01:46 - 2023-11-20 01:46 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop (Beta).lnk 2023-11-20 01:29 - 2023-11-20 01:29 - 518089128 _____ C:\Users\ticro\Desktop\20111108-164835-rot-topaz.tiff 2023-11-19 16:43 - 2023-11-19 16:43 - 023885906 _____ C:\Users\ticro\Desktop\OpenKrush-playtest-20220222-3-compat.dmg 2023-11-18 15:17 - 2023-11-18 15:20 - 520362452 _____ C:\Users\ticro\Desktop\Roter_Drache[supervideo.tv].mp4 2023-11-18 11:26 - 2023-11-18 11:26 - 000000000 ___HD C:\$WinREAgent 2023-11-17 14:33 - 2023-11-17 14:33 - 000032288 _____ C:\Users\ticro\Desktop\RE882610078.pdf 2023-11-17 02:15 - 2023-11-17 02:15 - 002555143 _____ C:\Users\ticro\Desktop\2012.10.08 – Basisbuch 2011 [x].pdf 2023-11-16 18:30 - 2023-11-16 18:30 - 000007835 _____ C:\Users\ticro\Desktop\MedGG_9.pdf 2023-11-16 12:47 - 2023-11-16 12:47 - 000057198 _____ C:\Users\ticro\Desktop\testseite.pdf 2023-11-15 09:39 - 2023-11-15 09:39 - 003276442 _____ C:\Users\ticro\Desktop\Tanck 2022.pdf 2023-11-13 21:17 - 2023-11-13 21:17 - 004866460 _____ C:\Users\ticro\Desktop\Istanbul 2015.pdf 2023-11-13 21:16 - 2023-11-13 21:16 - 000918650 _____ C:\Users\ticro\Desktop\Lohse 2021 de.pdf 2023-11-13 21:15 - 2023-11-13 21:15 - 004866460 _____ C:\Users\ticro\Desktop\Yeni-Tıp-Tarihi-Araştırmaları-21-2015.pdf 2023-11-13 21:15 - 2023-11-13 21:15 - 001140297 _____ C:\Users\ticro\Desktop\Lohse 2021.pdf 2023-11-12 12:48 - 2023-11-12 12:48 - 000955631 _____ C:\Users\ticro\Desktop\Greenwood 1928.pdf 2023-11-09 17:35 - 2023-11-09 17:35 - 052119823 _____ C:\Users\ticro\Desktop\Jonas 2017.pdf 2023-11-09 17:23 - 2023-11-09 17:23 - 000000000 ____D C:\Users\ticro\Desktop\Firefly 2023-11-07 20:30 - 2023-11-16 12:55 - 000000000 _____ C:\Users\ticro\Desktop\~tg_seuchen_12.6x18~utq_9b.idlk 2023-11-07 07:23 - 2023-11-07 07:23 - 000077058 _____ C:\Users\ticro\Desktop\Schikowski 2016.pdf 2023-11-07 07:22 - 2023-11-07 07:22 - 003145020 _____ C:\Users\ticro\Desktop\Stompe-Ritter 2014.pdf 2023-11-07 07:20 - 2023-11-07 07:20 - 004375353 _____ C:\Users\ticro\Desktop\Thießen 2021.pdf 2023-11-07 07:18 - 2023-11-07 07:18 - 006436962 _____ C:\Users\ticro\Desktop\Stettler 1979.pdf 2023-11-07 07:18 - 2023-11-07 07:18 - 000326733 _____ C:\Users\ticro\Desktop\Hagner 2018.pdf 2023-11-06 19:01 - 2023-11-06 19:01 - 004993819 _____ C:\Users\ticro\Desktop\Bonah 2011.pdf 2023-11-06 05:52 - 2023-11-06 05:54 - 000000000 ____D C:\Users\ticro\Desktop\PDFs ungeordnet 2023-11-06 05:52 - 2023-11-06 05:53 - 000000000 ____D C:\Users\ticro\Desktop\Bilder ungeordnet 2023-11-06 05:25 - 2023-11-06 05:25 - 087807032 _____ C:\Users\ticro\Desktop\Lena MeyerLandrut öffnet ihre Tasche mit Lieblingsbuch Nagelöl In the Bag VOGUE Germany YouTube1080p.mp4 2023-11-06 04:51 - 2023-11-06 04:51 - 042459453 _____ C:\Users\ticro\Desktop\Adobe InDesign Course Class 29 Creating an Index YouTube1080p.mp4 2023-11-03 21:52 - 2023-11-18 21:41 - 000000000 ____D C:\Users\ticro\Desktop\Gendersprache, Transgender, Frauenquote 2023-10-31 11:24 - 2023-10-31 11:24 - 153316210 _____ C:\Users\ticro\Desktop\lena-desktop-2023-BE-topaz.tiff 2023-10-28 21:19 - 2023-10-28 21:19 - 000000000 ____D C:\Users\ticro\AppData\Roaming\iA Inc 2023-10-27 21:17 - 2023-10-27 21:17 - 000903052 _____ C:\Users\ticro\Desktop\Ulrichs 2012.pdf 2023-10-27 20:16 - 2023-10-27 20:16 - 847000527 _____ C:\WINDOWS\MEMORY.DMP 2023-10-27 20:16 - 2023-10-27 20:16 - 004397476 _____ C:\WINDOWS\Minidump\102723-11359-01.dmp 2023-10-26 05:25 - 2023-10-26 05:25 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2024.lnk 2023-10-25 07:58 - 2023-11-19 21:12 - 120090624 _____ C:\Users\ticro\Desktop\TG_Seuchen_12.6x18.8+0.5_Beschnitt_600p_115g_mit_Farbseiten_WS3-Feinsatz.indd 2023-10-25 07:58 - 2023-11-05 03:57 - 000001084 _____ C:\Users\ticro\Desktop\Adobe InDesign 2024.lnk ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-11-21 16:56 - 2022-11-03 13:39 - 000000000 ____D C:\Users\ticro\AppData\Local\ClassicShell 2023-11-21 16:17 - 2022-11-11 20:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2023-11-21 16:16 - 2022-11-03 11:44 - 000000000 ____D C:\Program Files (x86)\Google 2023-11-21 16:16 - 2022-09-08 04:13 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-11-21 16:07 - 2023-02-20 01:46 - 000000000 ____D C:\Users\ticro\Documents\Assassin's Creed Unity 2023-11-21 13:58 - 2023-01-06 12:26 - 000000000 ____D C:\Users\ticro\AppData\Roaming\vlc 2023-11-21 13:31 - 2022-11-03 11:38 - 000000000 ____D C:\Users\ticro\AppData\Local\LogiOptionsPlus 2023-11-21 12:25 - 2022-11-03 11:33 - 000000000 ____D C:\ProgramData\NVIDIA 2023-11-21 05:35 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-11-20 23:53 - 2022-11-03 11:42 - 000000000 ____D C:\Program Files\ASUS 2023-11-20 18:55 - 2022-11-11 18:12 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-11-20 16:43 - 2022-11-11 20:33 - 000000000 ____D C:\Users\ticro\AppData\Roaming\Microsoft\Word 2023-11-20 15:17 - 2022-11-11 20:49 - 000179201 _____ C:\Users\ticro\Desktop\Notizen.md 2023-11-20 15:17 - 2022-11-11 20:48 - 000000000 ____D C:\Users\ticro\AppData\Roaming\iA Writer 2023-11-20 09:46 - 2022-11-03 11:34 - 000000000 ____D C:\Users\ticro\AppData\Roaming\Adobe 2023-11-20 06:59 - 2022-12-16 06:25 - 000000000 ____D C:\Users\ticro\Desktop\Coronavirus Buch 2023-11-20 05:46 - 2023-07-29 12:13 - 001536000 _____ C:\Users\ticro\Desktop\Umschlag_Beschnitt_0,5cm_für_115g_weiss_600p_29.90x19.indd 2023-11-20 01:57 - 2022-11-11 20:36 - 000000000 ____D C:\Program Files\Adobe 2023-11-20 01:53 - 2022-11-11 20:43 - 000000000 ____D C:\Users\Public\Documents\Adobe 2023-11-20 01:52 - 2022-12-16 06:29 - 017977344 _____ C:\Users\ticro\Desktop\TG_Pflöcke_WS.indd 2023-11-19 12:15 - 2022-11-12 14:56 - 000004276 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1668261402 2023-11-19 12:15 - 2022-11-12 14:56 - 000001438 _____ C:\Users\ticro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk 2023-11-18 11:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-11-18 11:23 - 2022-11-11 18:12 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-11-18 00:38 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-11-18 00:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-11-18 00:26 - 2022-11-03 12:05 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-11-17 07:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2023-11-17 01:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2023-11-17 01:16 - 2023-02-16 14:39 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-11-13 20:10 - 2023-05-09 14:34 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2023.lnk 2023-11-13 20:07 - 2023-09-19 11:26 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2024.lnk 2023-11-13 20:07 - 2022-11-11 20:36 - 000000000 ____D C:\ProgramData\Adobe 2023-11-11 08:10 - 2023-02-16 14:39 - 000004014 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{ABBDF71D-6D2B-46C6-A3D6-886B290C59A5} 2023-11-11 08:10 - 2023-02-16 14:39 - 000003890 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{735CF719-D2AA-4EC9-9643-868778E0CD5B} 2023-11-10 14:52 - 2022-11-11 20:52 - 000000000 ____D C:\Program Files (x86)\Steam 2023-11-10 12:06 - 2022-11-12 15:18 - 000000000 ____D C:\Users\ticro\AppData\Roaming\discord 2023-11-10 12:06 - 2022-11-12 15:18 - 000000000 ____D C:\Users\ticro\AppData\Local\Discord 2023-11-09 09:00 - 2022-12-20 21:48 - 000000000 ____D C:\Users\ticro\AppData\Local\CrashDumps 2023-11-08 18:09 - 2022-12-16 07:04 - 000001456 _____ C:\Users\ticro\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2023-11-07 19:49 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2023-11-07 16:05 - 2022-11-03 12:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-11-06 19:23 - 2022-12-16 06:32 - 000000000 ____D C:\Users\ticro\Desktop\TG_S_BILDER 2023-11-05 03:55 - 2022-11-11 18:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-11-04 16:03 - 2022-11-03 11:43 - 000000000 ____D C:\Program Files (x86)\LightingService 2023-11-04 16:03 - 2022-11-03 11:37 - 000000000 ____D C:\ProgramData\Package Cache 2023-11-01 21:26 - 2022-11-03 12:51 - 001723308 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-11-01 21:26 - 2019-12-07 15:51 - 000743838 _____ C:\WINDOWS\system32\perfh007.dat 2023-11-01 21:26 - 2019-12-07 15:51 - 000150260 _____ C:\WINDOWS\system32\perfc007.dat 2023-11-01 21:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2023-11-01 01:20 - 2022-11-03 12:48 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-11-01 01:20 - 2022-11-03 12:48 - 000003630 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-10-29 23:42 - 2022-12-16 06:25 - 000000000 ____D C:\Users\ticro\Desktop\chap-4-references 2023-10-29 12:13 - 2022-11-11 20:38 - 000000000 ___RD C:\Users\ticro\Creative Cloud Files 2023-10-29 10:34 - 2023-10-19 05:50 - 000000000 ____D C:\Users\ticro\AppData\Roaming\asus_framework 2023-10-29 10:34 - 2022-11-03 12:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-10-29 10:34 - 2022-11-03 12:05 - 000008192 ___SH C:\DumpStack.log.tmp 2023-10-29 10:33 - 2022-11-03 12:05 - 001205104 _____ () C:\WINDOWS\system32\wpbbin.exe 2023-10-29 10:33 - 2022-11-03 12:05 - 001157088 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe 2023-10-29 10:32 - 2022-12-16 06:32 - 000563741 ____H C:\Users\ticro\Desktop\~WRL0004.tmp 2023-10-29 10:32 - 2022-11-03 12:42 - 000000000 ____D C:\Users\ticro 2023-10-29 10:32 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-10-27 20:22 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-10-27 20:18 - 2022-11-03 12:45 - 005178376 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-10-27 20:16 - 2022-12-24 12:56 - 000000000 ____D C:\WINDOWS\Minidump 2023-10-27 20:16 - 2022-11-03 12:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-10-27 20:16 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV 2023-10-27 20:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-10-27 20:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-10-27 20:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-10-27 20:16 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\de 2023-10-27 20:16 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\de 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-10-27 07:47 - 2022-11-11 20:33 - 000000000 ____D C:\Users\ticro\AppData\Roaming\Microsoft\Office ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2022-12-16 07:04 - 2023-11-08 18:09 - 000001456 _____ () C:\Users\ticro\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2022-11-11 20:42 - 2022-11-11 20:42 - 000000000 _____ () C:\Users\ticro\AppData\Local\oobelibMkey.log 2022-12-16 10:22 - 2022-12-16 10:22 - 000007605 _____ () C:\Users\ticro\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
21.11.2023, 17:00 | #6 |
| Hackerangriff TrojanervirusCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-10-2023 durchgeführt von WORKSTATION (21-11-2023 16:59:46) Gestartet von C:\Users\ticro\Desktop Microsoft Windows 10 Pro Version 22H2 19045.3570 (X64) (2022-11-03 11:48:05) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-1068755797-3644653114-3026200473-500 - Administrator - Enabled) DefaultAccount (S-1-5-21-1068755797-3644653114-3026200473-503 - Limited - Disabled) Gast (S-1-5-21-1068755797-3644653114-3026200473-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1068755797-3644653114-3026200473-504 - Limited - Disabled) WORKSTATION (S-1-5-21-1068755797-3644653114-3026200473-1001 - Administrator - Enabled) => C:\Users\ticro ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 23.006.20360 - Adobe) Adobe After Effects 2024 (HKLM-x32\...\AEFT_24_0_3) (Version: 24.0.3 - Adobe Inc.) Adobe Audition 2024 (HKLM-x32\...\AUDT_24_0_3) (Version: 24.0.3 - Adobe Inc.) Adobe Bridge 2023 (HKLM-x32\...\KBRG_13_0_5) (Version: 13.0.5 - Adobe Inc.) Adobe Bridge 2024 (HKLM-x32\...\KBRG_14_0_1) (Version: 14.0.1 - Adobe Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.0.0.571 - Adobe Inc.) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.61 - Adobe Inc.) Adobe Illustrator 2023 (HKLM-x32\...\ILST_27_8) (Version: 27.8 - Adobe Inc.) Adobe InDesign 2024 (HKLM-x32\...\IDSN_19_0) (Version: 19.0 - Adobe Inc.) Adobe Media Encoder 2024 (HKLM-x32\...\AME_24_0_3) (Version: 24.0.3 - Adobe Inc.) Adobe Photoshop (Beta) (HKLM-x32\...\PHSPBETA_25_3) (Version: 25.3.0.2403 - Adobe Inc.) Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_1) (Version: 25.1.0.120 - Adobe Inc.) Adobe Premiere Pro 2024 (HKLM-x32\...\PPRO_24_0_3) (Version: 24.0.3 - Adobe Inc.) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AntConc Version 4.1.4 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\{1FC711C0-DFA6-49BA-87C9-EC7C86DFE265}_is1) (Version: 4.1.4 - AntLab Solutions) A-PRO Driver (HKLM\...\RolandRDID0102) (Version: - Roland Corporation) ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.6.8 - ASUS) Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft) ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.50.0 - ASUSTek COMPUTER INC.) Hidden ASUS AIOFan HAL (HKLM-x32\...\{6aabd550-b97f-4b87-8c12-fb271d7c8047}) (Version: 1.1.50.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.3.9.1 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM-x32\...\{2fc4816b-566a-4170-9b4d-1dc8bad8a164}) (Version: 1.3.9.1 - ASUSTeK COMPUTER INC.) Hidden ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.39 - ASUSTek COMPUTER INC.) Hidden ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.6.3 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA VGA Component (HKLM-x32\...\{20a5b340-899f-4e14-904f-8cb333ce9663}) (Version: 0.0.6.3 - ASUSTek COMPUTER INC. ) Hidden ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.0.1.5 - ASUSTeK Computer Inc.) ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 3.03.09 - ASUSTek Computer Inc.) ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.107 - ASUSTeK Computer Inc.) Hidden Audacity 3.2.5 (HKLM\...\Audacity_is1) (Version: 3.2.5 - Audacity Team) AURA DRAM Component (HKLM\...\{6FB66775-BB93-4D0A-9871-4CC9B2E87BF3}) (Version: 1.1.23 - ASUS) Hidden AURA DRAM Component (HKLM-x32\...\{179f415f-2ff3-4db1-bcc1-d5730f746db8}) (Version: 1.1.23 - ASUS) Hidden AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.36 - ASUS) AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.36 - ASUS) AURA Service (HKLM-x32\...\{0fcadbd2-1a6a-4a4a-a56d-fc7163d9b3fa}) (Version: 3.07.25 - ASUSTeK Computer Inc.) AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.25 - ASUSTeK Computer Inc.) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Catalyst Browse 2023.1 (HKLM\...\{E2E127D1-DAF6-11ED-9C23-5CF9DD6B5363}) (Version: 2023.1.0.975 - Sony) Catalyst Prepare 2023.1 (HKLM\...\{E0DB7FE1-DB0E-11ED-989C-5CF9DD6B5363}) (Version: 2023.1.0.975 - Sony) Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft) Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU) CrystalDiskInfo 8.17.13 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.13 - Crystal Dew World) DeepL (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - DeepL SE) Diablo IV Beta (HKLM-x32\...\Diablo IV Beta) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Discord) (Version: 1.0.9007 - Discord Inc.) Disk Drill 4.1.551.0 (HKLM-x32\...\{a2831651-c6b5-4aac-a467-d9fe836c8701}) (Version: 4.1.551.0 - CleverFiles) Disk Drill 4.1.551.0 (x64) (HKLM\...\{E17DB604-AFC0-4B5E-916D-65D5BFF75774}) (Version: 4.1.551.0 - CleverFiles) Hidden Dokan Library 1.5.1.1000 (x64) (HKLM\...\{65A3A964-3DC3-0105-0001-211126123627}) (Version: 1.5.1.1000 - Dokany Project) Hidden Dokan Library 1.5.1.1000 Bundle (HKLM-x32\...\{05c046de-f751-48c8-b8d3-77259ea88eb7}) (Version: 1.5.1.1000 - Dokany Project) Drakonia II Gaming Mouse (HKLM-x32\...\{74757EB2-1BA0-4242-8F0A-11708D82850B}}_is1) (Version: 1.0.0.0 - Sharkoon) Druckerdeinstallation für EPSON ET-M2170 Series (HKLM\...\EPSON ET-M2170 Series) (Version: - Seiko Epson Corporation) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.52.0.5565 - Electronic Arts) Hidden EA app (HKLM-x32\...\{8b9e6a60-252a-46c7-b3a8-709eac689f45}) (Version: 13.52.0.5565 - Electronic Arts) ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.40.3 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{7f329536-2468-4b20-88dc-5e2defcd5ff3}) (Version: 1.1.40.3 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden Epic Games Launcher (HKLM-x32\...\{3BBD4AB3-079D-43CD-8C93-A2AD929EE15A}) (Version: 1.3.65.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.) Epson Printer Connection Checker (HKLM-x32\...\{562C1C83-6199-49DD-987B-60D5FF7BC971}) (Version: 3.3.2.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) f.lux (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Flux) (Version: 4.124 - f.lux Software LLC) FeelYourSound Chillout Engine (HKLM\...\Chillout Engine_is1) (Version: 1.0.0 - FeelYourSound) FeelYourSound Chord Potion (HKLM\...\Chord Potion_is1) (Version: 2.2.1 - FeelYourSound) FeelYourSound House Engine (HKLM\...\House Engine_is1) (Version: 1.2.0 - FeelYourSound) FeelYourSound Melodic Flow (HKLM\...\Melodic Flow_is1) (Version: 1.1.0 - FeelYourSound) FeelYourSound Sundog (HKLM\...\Sundog_is1) (Version: 3.8.0 - FeelYourSound) FeelYourSound Xoto Pad (HKLM\...\Xoto Pad_is1) (Version: 2.9.0 - FeelYourSound) GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden Generals Evolution Beta 0.3 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Generals Evolution Beta 0.3) (Version: - ) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.60.2 - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 119.0.6045.160 - Google LLC) iA Writer (HKLM\...\{43D19872-0096-433C-B718-7E350F0DF797}) (Version: 1.4.8641.17184 - iA Inc) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden Kingston AURA DRAM Component (HKLM-x32\...\{a9913343-8463-4fd2-8a33-ae89cbbfe139}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logi Firmware Update Tool for C930e (HKLM-x32\...\FWUpdateC930e) (Version: 2.1.14.0 - Logitech Europe S.A.) Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.32.366807 - Logitech) Logi Tune (HKLM-x32\...\{467b811d-8d20-4c9a-810c-37b3293ba815}) (Version: 3.0.180.0 - Logitech) Logi Tune 3.0.180 (HKLM-x32\...\{006206E7-C138-4EA2-A8DB-72BD0016BD53}) (Version: 3.0.180.0 - Logitech) Hidden Logitech Capture (HKLM\...\Capture) (Version: 2.08.11 - Logitech) Logitech Kameraeinstellungen (HKLM-x32\...\LogiUCDPP) (Version: 2.12.20.0 - Logitech Europe S.A.) Magic Bullet Suite (HKLM\...\Magic Bullet Suite v15.1.0) (Version: - Maxon Computer GmbH) Magic Bullet Suite (HKLM\...\Magic Bullet Suite v2023.0.0) (Version: - Maxon Computer GmbH) MAGIX Speed burnR (HKLM\...\{87DA727F-D65B-4B1A-B1AD-C37DD4FD1EC3}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden MAGIX Speed burnR (HKLM-x32\...\MX.{87DA727F-D65B-4B1A-B1AD-C37DD4FD1EC3}) (Version: 7.0.2.6 - MAGIX Software GmbH) Maxon Cinema 4D 2023 (HKLM\...\Maxon Cinema 4D 2023) (Version: 2023 - Maxon) Microsoft .NET Host - 6.0.15 (x64) (HKLM\...\{AC25127C-9BB1-4F9A-9B02-B6B6178DD891}) (Version: 48.63.56695 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.15 (x64) (HKLM\...\{EDD929D3-DFE9-40BA-8A13-30F9CE1E2F18}) (Version: 48.63.56695 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.15 (x64) (HKLM\...\{368BE572-D3CE-47B6-A3B1-DE0270E5C109}) (Version: 48.63.56695 - Microsoft Corporation) Hidden Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.16924.20078 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.72 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.72 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.15 (x64) (HKLM\...\{B353ABAB-7F7C-4605-852D-0E5C3E1FA289}) (Version: 48.63.56729 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.15 (x64) (HKLM-x32\...\{06cd4f51-0a4b-471c-9ccc-e3dd11294c03}) (Version: 6.0.15.32217 - Microsoft Corporation) mp3DirectCut 1.27 (HKLM-x32\...\mp3DirectCut 1.27) (Version: - ) MSVCRT Redists (HKLM\...\{40E9018F-DB42-11ED-AEFC-5CF9DD6B5363}) (Version: 1.0 - Sony Creative Software Inc.) Hidden Native Access 3.1.0 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\c410b7d2-8fce-53b3-8332-e98b6e89a16a) (Version: 3.1.0 - Native Instruments) Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.7.1.0 - Native Instruments) Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.7.3.37 - Native Instruments) Native Instruments Kontakt 7 (HKLM-x32\...\Native Instruments Kontakt 7) (Version: 7.1.8.0 - Native Instruments) Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.9.1.0 - Native Instruments) Neat Video for Premiere (HKLM\...\Neat Video for Premiere_is1) (Version: 5.0.2 - Neat Video team, ABSoft & Team V.R) Neat Video v5.5.9 Demo plug-in (Second Revision) for Premiere (HKLM\...\Neat Video v5 (SR) for Premiere_is1) (Version: - Neat Video team, ABSoft) Notion 2.0.41 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\fcdf0d7f-424b-5f10-a1c7-a8f643f21adf) (Version: 2.0.41 - Notion Labs, Inc) NVIDIA Broadcast 1.4.0.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIABroadcast) (Version: 1.4.0.29 - NVIDIA Corporation) NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation) NVIDIA GeForce Experience 3.26.0.160 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.160 - NVIDIA Corporation) NVIDIA Grafiktreiber 527.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.56 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Video Effects (HKLM-x32\...\NVIDIA Video Effects) (Version: 0.7.2 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 28.1.2 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20054 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20078 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.16827.20122 - Microsoft Corporation) Hidden Opera GX Stable 104.0.4944.70 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Opera GX 104.0.4944.70) (Version: 104.0.4944.70 - Opera Software) Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.6 - Patriot Memory) Hidden Patriot Viper DRAM RGB (HKLM-x32\...\{abe059bb-10a7-4d38-ba59-a4bf3ac7b71a}) (Version: 1.0.9.6 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 221215 - Kakao Corp.) PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd) REDlauncher (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com) ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 4.01.02 - ASUSTek Computer Inc.) ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.1.5.0 - ASUSTek COMPUTER INC.) Samplitude Pro X4 Suite (HKLM\...\{ECEEBE1E-65B2-4136-9C7B-FAC839BE433F}) (Version: 15.0.0.40 - MAGIX Software GmbH) Hidden Samplitude Pro X4 Suite (HKLM\...\MX.{ECEEBE1E-65B2-4136-9C7B-FAC839BE433F}) (Version: 15.0.0.40 - MAGIX Software GmbH) Samplitude Pro X7 Suite (HKLM\...\{3B7DD78F-EB57-4DC8-A462-E2563DCBA942}) (Version: 18.0.0.22190 - MAGIX Software GmbH) Hidden Samplitude Pro X7 Suite (HKLM\...\MX.{3B7DD78F-EB57-4DC8-A462-E2563DCBA942}) (Version: 18.1.1.22392 - MAGIX Software GmbH) Samplitude Pro X7 Suite Update (HKLM\...\{0C0053F1-F049-4F95-BE6F-357273CF970B}) (Version: 18.1.1.22392 - MAGIX Software GmbH) Hidden StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Topaz Photo AI (HKLM\...\{7F8736DE-1FE0-4FDB-A517-6B3891EF8098}) (Version: 1.5.2 - Topaz Labs LLC) Topaz Video AI 3.2.5 (HKLM\...\Topaz Video AI_is1) (Version: 3.2.5 - LR) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 125.1.10585 - Ubisoft) United Plugins Bundle (HKLM\...\{349EC1D2-8D77-40B4-89EE-612E2F1F6E26}_is1) (Version: 2023.2 - United Plugins & Team V.R) Unity 2022.3.10f1 (HKLM-x32\...\Unity 2022.3.10f1) (Version: 2022.3.10f1 - Unity Technologies ApS) Unity Hub 3.5.2 (HKLM\...\Unity Technologies - Hub) (Version: 3.5.2 - Unity Technologies Inc.) Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.5 - PD) Hidden Universal Holtek RGB DRAM (HKLM-x32\...\{fba0580a-1ad3-44e2-b463-13a30387085c}) (Version: 1.0.0.5 - PD) Hidden Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) VGA (HKLM-x32\...\{0f87ebb7-aabb-43e5-9c5d-28744f517468}) (Version: 3.01.05 - ASUSTek Computer Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN) Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.7.0 - Azureus Software, Inc.) Warcraft II (HKLM-x32\...\1418669891_is1) (Version: 2.02 v4 - GOG.com) WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.2183 - Microsoft Corporation) WinRAR 5.00 beta 6 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH) WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH) WinSnap (HKLM-x32\...\WinSnap) (Version: 4.5.2 - NTWind Software) Packages: ========= Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-12-16] (Adobe Systems Incorporated) Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2023-10-19] () Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-11-11] (Adobe Systems Incorporated) Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.4.0.0_x86__kc6t79cpj4tp0 [2023-02-04] (AMZN Mobile LLC) ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.6.8.0_x64__qmba6cd70vzyy [2023-07-27] (ASUSTeK COMPUTER INC.) Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.41.5.0_x64__6rarf9sa4v8jt [2022-11-03] (Disney) EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.2.1.0_x86__1sdd7yawvg6ne [2023-07-27] (File-New-Project) [Startup Task] Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2023-07-27] (INTEL CORP) [Startup Task] LiquidText -> C:\Program Files\WindowsApps\LiquidText.LiquidText_2.6.82.0_x64__rx5mtpcf576t0 [2023-01-03] (LiquidText) Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation) [MS Ad] Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2302.13003.0_x64__8wekyb3d8bbwe [2023-03-24] (Microsoft Corporation) [Startup Task] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Studios) [MS Ad] MSN Wetter -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation) [MS Ad] Notepads App -> C:\Program Files\WindowsApps\19282JackieLiu.Notepads-Beta_1.4.8.0_x64__echhpq9pdbte8 [2023-01-03] (Jackie Liu) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-12-26] (NVIDIA Corp.) Resultivity -> C:\Program Files\WindowsApps\zababahano.3545749027C6F_4.1.77.0_x64__h479t9074rj58 [2023-01-03] (zababahano) Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2022-11-03] (Skype) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0 [2023-07-08] (Spotify AB) [Startup Task] Twinkle Tray -> C:\Program Files\WindowsApps\38002AlexanderFrangos.TwinkleTray_1.15.2.0_x64__m7qx9dzpwqaze [2023-01-03] (Xander Frangos) [Startup Task] WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2342.7.0_x64__cv1g1gvanyjgm [2023-10-31] (WhatsApp Inc.) [Startup Task] ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-246D6BDDE8A9} -> [Creative Cloud Files] => C:\Users\ticro\Creative Cloud Files [2022-11-11 20:38] CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> C:\Users\ticro\AppData\Local\0install.net\implementations\sha256new_UWNGXVK6DRTTECOLMXJSJBKPLJSVPF4RLJDWUUYVXIU4S6CAUU7A\DeepL.exe (DeepL SE -> DeepL SE) CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> ) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\nvshext.dll [2022-12-06] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd) ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2020-02-10 21:36 - 2020-02-10 21:36 - 001221632 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\iA Writer\CefSharp.BrowserSubprocess.Core.dll 2020-02-10 21:36 - 2020-02-10 21:36 - 001861120 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\iA Writer\CefSharp.Core.dll 2023-10-19 05:49 - 2023-09-14 15:02 - 000322048 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node 2023-10-19 05:49 - 2023-09-14 15:02 - 000175616 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node 2023-10-19 05:49 - 2023-04-14 13:18 - 000159744 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ref-napi\prebuilds\win32-ia32\electron.napi.node 2023-10-19 05:49 - 2023-04-14 13:18 - 000319488 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\sharp\build\Release\sharp-win32-ia32.node 2023-10-19 05:49 - 2023-09-14 15:02 - 000541696 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\usb\prebuilds\win32-ia32\node.napi.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000137728 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\22bc2e53-8157-49dd-a028-7321bbb1b2df.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000665088 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\34aeec9b-56c5-41b4-a63f-e27d15ad37b9.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000148480 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\3e12e4f0-8f77-469b-b70f-23935220d58d.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000123392 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\415fc8d1-0306-45f4-b215-2ad059cc5279.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000104960 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\58002dd3-cdd8-4621-bcb6-ff96b8426981.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000118272 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\8c64f8ba-af7a-48e5-a8d2-e9326e948a13.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000109056 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\b99c55fa-22a9-42c1-9710-76a872368c73.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000665088 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\c706961f-9520-492e-9ba6-1543c0cc70c4.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000287744 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\e8945776-6fa4-4812-9715-a63afd0ef0ff.tmp.node 2023-10-09 20:50 - 2023-10-09 20:50 - 003490304 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU 2023-10-09 20:50 - 2023-10-09 20:50 - 000178688 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\Locale\de_de\PDFMaker\PDFMOfficeAddin.DEU 2023-10-19 05:32 - 2023-10-19 05:32 - 000190976 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe InDesign 2024\tbbmalloc.dll 2017-01-04 09:55 - 2017-01-04 09:55 - 001044480 _____ () [Datei ist nicht signiert] C:\Program Files\iA Writer\e_sqlite3.DLL 2020-01-30 07:55 - 2020-01-30 07:55 - 116862464 _____ () [Datei ist nicht signiert] C:\Program Files\iA Writer\libcef.dll 2020-01-30 06:46 - 2020-01-30 06:46 - 000373760 _____ () [Datei ist nicht signiert] C:\Program Files\iA Writer\libegl.dll 2020-01-30 06:46 - 2020-01-30 06:46 - 008005632 _____ () [Datei ist nicht signiert] C:\Program Files\iA Writer\libglesv2.dll 2022-11-14 11:16 - 2022-11-14 11:16 - 000022016 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu 2018-07-15 13:15 - 2018-07-15 13:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicExplorer64.dll 2018-07-15 13:15 - 2018-07-15 13:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll 2018-07-15 13:15 - 2018-07-15 13:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\WINDOWS\system32\StartMenuHelper64.dll 2022-11-11 20:31 - 2022-11-11 20:31 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll 2022-11-11 20:31 - 2022-11-11 20:31 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll 2022-11-11 20:31 - 2022-11-11 20:31 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll 2022-11-11 20:31 - 2022-11-11 20:31 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\c2r64.dll 2015-12-11 16:14 - 2015-12-11 16:14 - 004968448 _____ (Seiko Epson Corporation) [Datei ist nicht signiert] C:\Program Files\EpsonNet\EpsonNet Print\ENSTRMAPIe.dll 2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\WINDOWS\System32\enppmon.dll 2020-01-30 06:47 - 2020-01-30 06:47 - 000969216 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files\iA Writer\chrome_elf.dll 2019-04-22 13:46 - 2019-04-22 13:46 - 000524288 _____ (Thomas Maierhofer) [Datei ist nicht signiert] C:\Program Files\iA Writer\Hunspellx64.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.ya.ru/?win=591&clid=2761555-72 SearchScopes: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001 -> DefaultScope 3914679a-e6cb-11ed-a583-50ebf6945631 URL = hxxps://yandex.ru/search/?win=591&clid=2761556-72&text={searchTerms} SearchScopes: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001 -> 3914679a-e6cb-11ed-a583-50ebf6945631 URL = hxxps://yandex.ru/search/?win=591&clid=2761556-72&text={searchTerms} BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\localhost -> localhost ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\ HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ticro\Desktop\lena-desktop-2023-BE-topaz.tiff DNS Servers: Datenträger ist nicht mit dem Internet verbunden. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run32: => "Drakonia II Gaming Mouse" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKLM\...\StartupApproved\Run32: => "Logi Tune" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\StartupFolder: => "DeepL auto-start.lnk" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Opera GX Stable" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Battle.net" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "GogGalaxy" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_06E1957EAB573F921F12B105FFB2C315" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Wave Link" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "DevEmu_Enabler" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{E467071E-787E-4CFC-9D8F-A0225CA0C063}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{BE7E08EF-6FDB-4038-9CAA-8BB15B8C46EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{5ABE7B84-EB8E-4CA4-8EB2-E2621F2F9279}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{4EB181E2-F4F1-4A60-AD83-EBCDFE19AF60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{42035DFA-B079-452F-8E01-8B23586BC73B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{482870BA-4D39-4519-B605-8DDF745E4E8B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{CD13C8F0-10B3-493D-9535-4738B79E1A5D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{D8DEC60E-F02C-40B7-96BF-473568D9C3C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{64CD89AF-B837-4ACC-BF58-9F1635EFACC6}] => (Allow) C:\Users\ticro\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) FirewallRules: [{4B4BD7BD-8DE2-4E20-9FEF-8745FE5511A2}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [{A4E9BB71-04A4-450F-A257-375C5CDBBC48}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{4E4939BA-3F89-4D6B-A69B-44B878F541D3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{2AFD1823-0B10-4343-916C-8EB4BDBEE839}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{DBC75C1E-1B33-4DFA-8215-45C40E4AE728}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{14280CBA-69E9-4E5B-BA43-C93672918906}] => (Allow) C:\Users\ticro\AppData\Local\Programs\Opera\92.0.4561.43\opera.exe => Keine Datei FirewallRules: [{C432913C-C437-438F-B2AC-1AACF3DA8DF7}] => (Allow) C:\Program Files\MAGIX\Samplitude Pro X4 Suite\Sam.exe => Keine Datei FirewallRules: [TCP Query User{3041F59A-F205-4E89-9669-27A7D4DA4942}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{E90519A3-D25F-401E-9D07-C3B0E4984E85}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{1BDEEFAF-5753-4210-9B36-B8D081A0E906}] => (Allow) C:\Users\ticro\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => Keine Datei FirewallRules: [{8D76F525-218F-43CB-B6C6-859FE8198669}] => (Allow) C:\Users\ticro\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => Keine Datei FirewallRules: [{CEA2CB14-0347-42B0-9911-3492AE03267A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment) FirewallRules: [{E6301D6B-1483-416D-A282-93F4654F16EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment) FirewallRules: [{85D0E562-BB83-4178-AC57-EEB0B4946823}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment) FirewallRules: [{5697DDBE-F0BC-4D32-8FBD-67B9AA1A0EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment) FirewallRules: [{04DD9DF3-2112-4F9E-AF9C-77FD65E58923}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe => Keine Datei FirewallRules: [{43B51A2F-AF30-49DE-9495-304E98A2A46C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe => Keine Datei FirewallRules: [{6122C4A3-167F-4156-A729-50F3A0A2578D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{BF9355D9-AFD0-4564-BB66-48F343AA1F70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{5AA9FF16-5A28-48CA-A96A-B3EFDEFA7116}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{CDAFD7A0-439C-4824-BC99-4954F38857B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{5BE9F168-1754-44DB-B50F-EB8B599C8F26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{10629BCB-ABE4-4758-A4A6-2580950278B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{F5E382A6-BFFE-429F-A7C1-21AD097DBF48}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{85C56D2F-20F7-4566-B60E-B9F19188413D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{ED1ABC48-A0B3-4A6C-90D7-175119903695}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{E58EEC8A-3907-40E8-9DBB-5B13B3A456ED}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{80759BC7-3CCA-466B-B71B-F2ADAC973281}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{61C29E0A-3886-4E96-95AD-0AE30571003C}C:\program files\ea games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files\ea games\mass effect 2\binaries\me2game.exe => Keine Datei FirewallRules: [UDP Query User{0FF59E65-8888-4DE7-B2D5-6A8A1A18EF53}C:\program files\ea games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files\ea games\mass effect 2\binaries\me2game.exe => Keine Datei FirewallRules: [TCP Query User{488489CD-79FC-4372-899A-4E4532A2D630}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) FirewallRules: [UDP Query User{FACD06DA-5DF6-49C3-BA3C-2B102B239A8B}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) FirewallRules: [{4D44169B-9296-4F59-BB26-51A8BA567E63}] => (Allow) C:\Program Files\EA Games\Mass Effect 2\Binaries\MassEffect2.exe => Keine Datei FirewallRules: [{37F89AA8-4FF1-4700-A11E-EFC2390CC6C9}] => (Allow) C:\Program Files\EA Games\Mass Effect 2\Binaries\MassEffect2.exe => Keine Datei FirewallRules: [TCP Query User{F0310B8D-BB9E-4C00-97E2-5743B9B044A2}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{23226AD5-B478-4F39-B042-D73F3A5E724F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{F9143B22-FE08-4D2B-ADBB-50D1357EB292}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc) FirewallRules: [{BFFCDBAE-3D39-4A8D-9610-05022D9A1621}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc) FirewallRules: [{535BB1C2-9201-403D-BC44-93E3221A5DA9}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.4.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (16916B57-7991-4968-B02A-2ADE4B5FB0DE -> Amazon.com Services LLC) FirewallRules: [{E25451A8-C3BB-4AA3-B905-B153077B4DC8}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.4.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (16916B57-7991-4968-B02A-2ADE4B5FB0DE -> Amazon.com Services LLC) FirewallRules: [{8E0AE310-7E11-4B3B-BD2B-8B94EA17049F}] => (Allow) C:\Program Files\Elgato\CameraHub\Camera Hub.exe => Keine Datei FirewallRules: [{25507D72-A6B9-49E3-81FB-2264CE7DF01A}] => (Allow) C:\Program Files\Elgato\WaveLink\WaveLink.exe => Keine Datei FirewallRules: [TCP Query User{D3F40382-A4F6-4A05-8623-DF2362B34877}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{FFEA3775-0066-478B-90C4-2A7F3FF92C70}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{83025C3C-42B9-4715-B447-462E8A5BFB84}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin\FarCry6.exe => Keine Datei FirewallRules: [{0010D7FD-6AEF-4D0F-9F1D-521E4113309B}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin\FarCry6.exe => Keine Datei FirewallRules: [{ABD09784-B90F-450D-8040-A833FF27515F}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin_plus\FarCry6.exe => Keine Datei FirewallRules: [{F3D23AFE-668D-41CD-B119-E61E5D8645B7}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin_plus\FarCry6.exe => Keine Datei FirewallRules: [{AEB1D351-E89A-40B4-BAED-3CEB5954DDA1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{0A4476D0-F16D-4BE5-A35C-39F98E6AA6FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{CD6CCE3C-807B-4BDA-8D88-849B95F0F91E}] => (Allow) C:\Program Files\MAGIX\Samplitude Pro X7 Suite\Sam.exe => Keine Datei FirewallRules: [{D6719EA8-3AA3-4099-8CA5-A1F9C609DC2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\System Shock Demo\SystemShock.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{6F9772D1-48D9-4232-A55A-6C84AFC5E0A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\System Shock Demo\SystemShock.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{EA474D3D-9D35-45A9-B8FC-DFB525E99B2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Concrete Jungle\Concrete Jungle.exe (ColePowered Games Ltd. -> ) [Datei ist nicht signiert] FirewallRules: [{CE430EE6-367B-4020-9E62-B7D5576381C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Concrete Jungle\Concrete Jungle.exe (ColePowered Games Ltd. -> ) [Datei ist nicht signiert] FirewallRules: [{C1277428-7DBB-4125-9932-D12CAA6E3F94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mechabellum Playtest\game.exe => Keine Datei FirewallRules: [{9EC7A4A7-8B7B-4F9C-804D-D3141FF3F6C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mechabellum Playtest\game.exe => Keine Datei FirewallRules: [TCP Query User{74BC57EA-B137-49A0-AD86-6F94732761DC}C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [UDP Query User{3CC76833-CC29-4346-B9FE-9537C037FC70}C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [{7BA482D4-DD69-4296-B9AA-D7B2BF9B47C5}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\Warcraft II BNE\Warcraft II BNE.exe (GOG Sp. z o.o. -> Blizzard Entertainment) FirewallRules: [{F7A1049B-A179-4CFE-AB8E-AA87F02AA8CD}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\Warcraft II BNE\Warcraft II BNE_dx.exe (Blizzard Entertainment) [Datei ist nicht signiert] FirewallRules: [TCP Query User{D932DED3-CEB4-49C1-AF72-12EB0B61D47B}C:\program files (x86)\diablo iv - beta\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv - beta\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{B2287F4E-DC44-46B7-81BB-ACFFAA18932B}C:\program files (x86)\diablo iv - beta\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv - beta\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{D1144B85-2D51-4EB8-92FF-8CB2DE594B43}C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe] => (Allow) C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe => Keine Datei FirewallRules: [UDP Query User{68B42E64-BAA5-4857-A6E3-F760B09B8B2B}C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe] => (Allow) C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe => Keine Datei FirewallRules: [{9BF1A858-1D38-46BE-9381-486CE21E6F63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [Datei ist nicht signiert] FirewallRules: [{C2607182-F8B7-4DF8-988A-AE0F12065733}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{79A8FF7A-F53F-46FC-A47D-C821C8422DB9}C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game] => (Allow) C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game (Electronic Arts Inc.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{B09C4EFB-C981-4FDA-8524-C7B28A3B5705}C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game] => (Allow) C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game (Electronic Arts Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{BDC73CD5-4829-43E5-8679-AE961E1F0CCA}C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe => Keine Datei FirewallRules: [UDP Query User{8C574421-8F5A-4555-B2B3-F047468E5F57}C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe => Keine Datei FirewallRules: [TCP Query User{A062616C-7199-493F-8619-720A068A70A2}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc) FirewallRules: [UDP Query User{E6B532E6-767F-443E-B031-CEB3F5D57630}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc) FirewallRules: [{EAFF1D3A-234C-4CEA-A0F9-EDAF7C1B4EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warzone 2100\bin\warzone2100.exe (Warzone 2100 Project) [Datei ist nicht signiert] FirewallRules: [{A561E583-61CD-4257-97A1-0634974C2DA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warzone 2100\bin\warzone2100.exe (Warzone 2100 Project) [Datei ist nicht signiert] FirewallRules: [{8AFE83B3-7723-4B1E-B84D-F77E9837BC00}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1332A560-C66B-4595-AD58-AAC808FBF584}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{77E5794B-1BE5-49A4-A586-815F6ACB445D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{85E5EB62-8A8F-4E4D-8205-265446F18A5C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{B6C96438-8677-49DC-8B65-6EB5643D3341}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{FBA65EEE-FF7B-44A5-A164-D029CEF4F57E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{478D0F3E-1AA8-4035-B5EC-1797B1D2AE6C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{647DDFFB-B845-4CA1-8CBF-7F23876EEE13}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{DEFA4F63-72AE-46BE-A5FC-1813B94F81A7}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{4138EC57-22F2-43D6-9E67-98AD6FEA90CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AitD Prologue\AitDPrologue.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{C34B8CB7-F634-48BB-B7E4-40AA24875BA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AitD Prologue\AitDPrologue.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{480014BA-0F08-4B0F-9206-EF702303B155}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{E140EBEA-05C9-47C1-A457-02B4847375CC}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{258CC155-829F-4BF9-B1B4-DC0F2FF9736C}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.) FirewallRules: [{87A06BEB-4C1C-4BD8-9282-FB6A9694D6CD}] => (Allow) C:\Program Files\Unity\Hub\Editor\2022.3.10f1\Editor\Unity.exe (Unity Technologies ApS -> Unity Technologies) FirewallRules: [{F9D5B022-6456-4213-BE06-ED58CC4B8986}] => (Block) C:\Program Files\Unity\Hub\Editor\2022.3.10f1\Editor\Unity.exe (Unity Technologies ApS -> Unity Technologies) FirewallRules: [{3AFF3CE1-56DA-4D6E-A6A9-0FFED6D9553B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trepang2 Demo\CPPFPS.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{0A44FBB5-EB03-46E3-9314-6F10DBB41479}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trepang2 Demo\CPPFPS.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{FC0D4E53-09C1-4B65-A0A1-72A442FA611D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) FirewallRules: [{41A6BF3F-3F65-49EE-9058-B5179F4C76AE}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS) FirewallRules: [{298BB7B2-D4E3-45E6-90FC-E307996BD70A}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS) FirewallRules: [TCP Query User{FCC00902-4F5E-405B-90EB-302A23D15FC8}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Block) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [UDP Query User{B5809E4C-CAFB-488D-BDB2-B8CFE2FDDE19}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Block) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{6137EF17-4761-48A7-A2C4-FAD8C962C2F2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{CF12C5CC-7CF9-4D4C-AA28-2B9C8C352BD2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Wiederherstellungspunkte ========================= 18-11-2023 11:25:32 Windows Modules Installer 18-11-2023 11:26:20 Windows Modules Installer ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: Per USB angeschlossenes SCSI (UAS)-Massenspeichergerät Description: Per USB angeschlossenes SCSI (UAS)-Massenspeichergerät Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318} Manufacturer: Per USB angeschlossenes SCSI (UAS)-kompatibles Gerät Service: UASPStor Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47) Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available. Name: SM-Bus-Controller Description: SM-Bus-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI-Gerät Description: PCI-Gerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: USB-Massenspeichergerät Description: USB-Massenspeichergerät Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Kompatibles USB-Speichergerät Service: USBSTOR Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47) Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available. Name: USB-Massenspeichergerät Description: USB-Massenspeichergerät Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Kompatibles USB-Speichergerät Service: USBSTOR Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47) Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available. Name: Intel(R) Ethernet Controller (3) I225-V Description: Intel(R) Ethernet Controller (3) I225-V Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Service: e2fexpress Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: PCI-Gerät Description: PCI-Gerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Netzwerkcontroller Description: Netzwerkcontroller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: RAID-Controller Description: RAID-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI-Gerät Description: PCI-Gerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Realtek Bluetooth 5.1 Adapter Description: Realtek Bluetooth 5.1 Adapter Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Realtek Semiconductor Corp. Service: BTHUSB Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: USB-Massenspeichergerät Description: USB-Massenspeichergerät Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Kompatibles USB-Speichergerät Service: USBSTOR Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47) Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI-Gerät Description: PCI-Gerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (11/20/2023 09:57:24 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: fef0 Startzeit: 01da1b8f8a571382 Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: ec1ea0f9-f205-4634-9a21-79df0b9d974a Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/20/2023 09:30:48 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 78f8 Startzeit: 01da1b8bcfbd150a Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: 6195aec7-fa3d-4575-bd57-65dde5795ab7 Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/20/2023 07:00:28 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: c72c Startzeit: 01da1b76d47a617e Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: 3de7c42b-7ddb-41db-b83d-ce669ec3886c Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/20/2023 04:33:33 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 83d0 Startzeit: 01da1b624fe7f078 Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: 6ad4928f-7dc8-49e9-939f-d13116f0436d Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/20/2023 01:55:50 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: f93c Startzeit: 01da1b4c358cffa1 Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: 2264bd8d-cb99-4cc9-beb3-2f43769021d8 Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/20/2023 12:00:50 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: ec8c Startzeit: 01da1b3c34ba01f4 Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: 9efff9c1-82c2-425d-a5b1-4992ac3bdef6 Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/19/2023 11:46:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 9374 Startzeit: 01da1b3a3ec356c1 Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: 553260af-9289-47dc-9815-934429132f2c Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/18/2023 11:26:15 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig. . Vorgang: Asynchroner Vorgang wird ausgeführt Kontext: Aktueller Status: DoSnapshotSet Systemfehler: ============= Error: (11/20/2023 04:56:50 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:49 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:49 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:48 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:48 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:05 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:05 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:04 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Windows Defender: ================ Date: 2023-11-20 16:57:04 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Keygen&threatid=225063&enterprise=0 Name: PUA:Win32/Keygen Schweregrad: Niedrig Kategorie: Potenziell unerwünschte Software Pfad: file:_E:\Plug-In u. VST\Native Instruments Kontakt 5\Patch x86.x64\Kontakt.v5.2.1-PATCH.exe Erkennungsursprung: Netzwerkfreigabe Erkennungstype: Konkret Erkennungsquelle: Benutzer Benutzer: DESKTOP-HKLF9N7\WORKSTATION Prozessname: Unknown Sicherheitsversion: AV: 1.401.908.0, AS: 1.401.908.0, NIS: 1.401.908.0 Modulversion: AM: 1.1.23100.2009, NIS: 1.1.23100.2009 Date: 2023-11-20 16:17:12 Description: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern. Erkennungszeit: 2023-11-20T15:17:12.067Z Benutzer: DESKTOP-HKLF9N7\WORKSTATION Pfad: %userprofile%\Documents\AdobeGCData\ Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe Sicherheitsversion: 1.401.908.0 Modulversion: 1.1.23100.2009 Produktversion: 4.18.23100.2009 Date: 2023-11-20 16:17:12 Description: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern. Erkennungszeit: 2023-11-20T15:17:12.066Z Benutzer: DESKTOP-HKLF9N7\WORKSTATION Pfad: %userprofile%\Documents\AdobeGCData\ Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe Sicherheitsversion: 1.401.908.0 Modulversion: 1.1.23100.2009 Produktversion: 4.18.23100.2009 Date: 2023-11-20 16:17:12 Description: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern. Erkennungszeit: 2023-11-20T15:17:12.066Z Benutzer: DESKTOP-HKLF9N7\WORKSTATION Pfad: %userprofile%\Documents\AdobeGCData\ Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe Sicherheitsversion: 1.401.908.0 Modulversion: 1.1.23100.2009 Produktversion: 4.18.23100.2009 Date: 2023-11-20 16:17:12 Description: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern. Erkennungszeit: 2023-11-20T15:17:12.065Z Benutzer: DESKTOP-HKLF9N7\WORKSTATION Pfad: %userprofile%\Documents\AdobeGCData\ Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe Sicherheitsversion: 1.401.908.0 Modulversion: 1.1.23100.2009 Produktversion: 4.18.23100.2009 Event[0]: Date: 2023-11-21 13:29:25 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.401.908.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.23100.2009 Fehlercode: 0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". Date: 2023-11-21 13:29:21 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.401.908.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.23100.2009 Fehlercode: 0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". Date: 2023-04-14 07:19:41 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.387.870.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.20200.4 Fehlercode: 0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". Date: 2023-03-11 21:50:56 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.383.1577.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.20000.2 Fehlercode: 0x80240438 Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". CodeIntegrity: =============== Date: 2023-11-20 16:19:24 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_08a52cf2f322ba79\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 2004 08/24/2022 Hauptplatine: ASUSTeK COMPUTER INC. ROG STRIX Z690-F GAMING WIFI Prozessor: 12th Gen Intel(R) Core(TM) i7-12700K Prozentuale Nutzung des RAM: 48% Installierter physikalischer RAM: 65277.42 MB Verfügbarer physikalischer RAM: 33707.99 MB Summe virtueller Speicher: 75005.42 MB Verfügbarer virtueller Speicher: 18687.64 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:930.86 GB) (Free:234.24 GB) (Model: WD_BLACK SN770 1TB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:742.82 GB) (Model: WD_BLACK SN770 1TB) NTFS Drive f: () (Removable) (Total:29.86 GB) (Free:29.86 GB) FAT32 \\?\Volume{ace156fe-f69b-4e11-b3e7-83a1f49cd2df}\ () (Fixed) (Total:0.53 GB) (Free:0.06 GB) NTFS \\?\Volume{d16583dc-1548-43ce-a208-175893b6751a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 59535ABC) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 595365C2) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 29.9 GB) (Disk ID: B2A4EC16) Partition 1: (Active) - (Size=29.9 GB) - (Type=FAT32) ==================== Ende von Addition.txt ======================= |
21.11.2023, 17:03 | #7 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hackerangriff TrojanervirusZitat:
Und warum wird dieser hochwichtige Arbeits-PC als Daddelkiste missbraucht? Cracks, Keygens und andere illegale Software Bitte lesen => Cracks, Keygens und andere illegale Software Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ Logfiles bitte immer in CODE-Tags posten |
21.11.2023, 17:07 | #8 |
| Hackerangriff Trojanervirus Ja, das habe ich auch gesehen. Die Datei ist zehn Jahre alt und wir von mir seitdem auch nicht mehr benutzt. |
21.11.2023, 17:09 | #9 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hackerangriff TrojanervirusZitat:
Du weißt nun, was zu tun ist?
__________________ Logfiles bitte immer in CODE-Tags posten |
21.11.2023, 17:19 | #10 |
| Hackerangriff Trojanervirus Nun habe ich den Ordner samt Inhalt komplett gelöscht. Ich führe nun nochmal die Analyse durch. So, ich hoffe, ich habe alles richtig gemacht. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2023 durchgeführt von WORKSTATION (Administrator) auf DESKTOP-HKLF9N7 (ASUS System Product Name) (21-11-2023 17:17:11) Gestartet von C:\Users\ticro\Desktop\FRST64.exe Geladene Profile: WORKSTATION Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3570 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe <6> (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Crash Processor.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe (C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe (C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe <16> (C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\x86\Acrobat\Acrobat.exe <2> (C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <4> (C:\Program Files\Adobe\Adobe InDesign 2024\InDesign.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\CEPHtmlEngine.exe <23> (C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe (C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe (C:\Program Files\iA Writer\iAWriter.exe ->) (Information Architects AG -> The CefSharp Authors) C:\Program Files\iA Writer\CefSharp.BrowserSubprocess.exe <3> (C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe (C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (explorer.exe ->) (6099D0EF-9374-47ED-BDFE-A82136831235 -> File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.2.1.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe (explorer.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe InDesign 2024\InDesign.exe (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe <2> (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (explorer.exe ->) (B8E9A58B-32A7-4C6C-A474-D4BE2A3CEAD8 -> Xander Frangos) C:\Program Files\WindowsApps\38002AlexanderFrangos.TwinkleTray_1.15.2.0_x64__m7qx9dzpwqaze\app\Twinkle Tray.exe <5> (explorer.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\ticro\AppData\Local\FluxSoftware\Flux\flux.exe (explorer.exe ->) (Information Architects AG -> iA) C:\Program Files\iA Writer\iAWriter.exe (explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicStartMenu.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE <2> (explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE (explorer.exe ->) (VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <205> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (services.exe ->) (CleverFiles) [Datei ist nicht signiert] C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_d8d8130c2588d45b\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_08a52cf2f322ba79\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe (services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (sihost.exe ->) (40E66D07-5A3A-4954-9CA3-A1EB15ED0804 -> ) C:\Program Files\WindowsApps\19282JackieLiu.Notepads-Beta_1.4.8.0_x64__echhpq9pdbte8\Notepads.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2342.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe (svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2> (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <10> (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe (svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (svchost.exe ->) (Skype Software Sarl -> ) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (svchost.exe ->) (Skype Software Sarl -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKLM-x32\...\Run: [Drakonia II Gaming Mouse] => C:\Program Files (x86)\Drakonia II Gaming Mouse\hid.exe [794112 2019-03-22] () [Datei ist nicht signiert] HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-04-15] (Power Software Ltd -> Power Software Ltd) HKLM-x32\...\Run: [Logi Tune] => C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe [134023056 2022-12-09] (Logitech Inc -> Logitech) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> ) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2023-09-16] (Adobe Inc. -> Adobe Inc.) HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\MRT: Beschränkung <==== ACHTUNG HKLM\Software\Policies\...\system: [EnableActivityFeed] 0 HKLM\Software\Policies\...\system: [PublishUserActivities] 0 HKLM\Software\Policies\...\system: [UploadUserActivities] 0 HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0 HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0 HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [f.lux] => C:\Users\ticro\AppData\Local\FluxSoftware\Flux\flux.exe [1525880 2023-05-18] (F.lux Software LLC -> f.lux Software LLC) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4377448 2023-10-31] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Opera GX Stable] => C:\Users\ticro\AppData\Local\Programs\Opera GX\launcher.exe [2769312 2023-11-17] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Discord] => C:\Users\ticro\AppData\Local\Discord\Update.exe [1525016 2022-10-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\ticro\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [MicrosoftEdgeAutoLaunch_06E1957EAB573F921F12B105FFB2C315] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Camera Hub] => "C:\Program Files\Elgato\CameraHub\Camera Hub.exe" /b (Keine Datei) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37138384 2023-11-18] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090168 2023-06-29] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13734376 2023-02-28] (GOG Sp. z o.o. -> GOG.com) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2654824 2023-10-27] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11516888 2023-10-09] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Policies\Explorer: [HideSCAMeetNow] 1 HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\MountPoints2: G - "G:\setup.exe" HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2022-11-14] (Adobe Inc. -> Adobe Systems Inc) HKLM\...\Print\Monitors\EPSON ET-M2170 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBVWE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe [2023-11-17] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {6DFB7BD1-CB32-4A3C-835B-1078FA9F1B8A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.) Task: {B243DFFA-6EE8-44C5-83F7-48D68CBEFB9D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {7C692311-D0CE-4B5F-9593-846896F6EBA1} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {455EA75D-7ABB-4AB7-B755-3F8148626D14} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [313192 2023-09-12] (ASUSTeK COMPUTER INC. -> ASUS) Task: {4F6864B4-BF0C-49AC-953D-467ED4AFC413} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1946472 2023-09-12] (ASUSTeK COMPUTER INC. -> ASUS) Task: {FB6E6F84-3532-49C2-9A51-5FF3B6FB961D} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d8ef70f9dc8bf1 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) Task: {7C9E40F9-31B3-4820-87BA-258060515317} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) Task: {2F9D894E-556B-457E-BFE3-EF1B4DE79038} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2023-09-14] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) Task: {DB8EF6E8-4554-467E-901B-3BE0B42B6FD2} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1254760 2022-12-05] (ASUSTeK COMPUTER INC. -> ASUS) Task: {9730E86E-DDE0-4AFE-A659-AB98AA2D627C} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei) Task: {E71998A1-B1B8-41AD-9C5A-1DEFA5BF6DB1} - System32\Tasks\EPSON ET-M2170 Series Update {EE712C26-6847-4484-9034-1F116AFF0323} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVWE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) Task: {DD293FE9-1D46-4CBF-9E8A-229949916DD5} - System32\Tasks\GoogleUpdateTaskMachineCore{735CF719-D2AA-4EC9-9643-868778E0CD5B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-16] (Google LLC -> Google LLC) Task: {A7645D33-0852-4437-9175-3943EF6C562B} - System32\Tasks\GoogleUpdateTaskMachineUA{ABBDF71D-6D2B-46C6-A3D6-886B290C59A5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-16] (Google LLC -> Google LLC) Task: {37C12AF0-AEEC-49C7-A74A-D405E9F7044A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033064 2023-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {16660F2E-B776-4219-A0DD-591047D70372} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033064 2023-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {FC8DDCBB-7334-4F89-A7D1-A120699FCE3B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {A2CC903D-BF29-4857-902A-02347DF21819} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {DB633567-EB35-422E-A7D1-D6C9607081BB} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169656 2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {299E11AC-CA16-4CC4-B7B0-A612C299492F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F358F8B7-51B0-4604-A4FC-FE56B36350FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6541D807-83DA-4F38-9B8D-1830F84FAC10} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0CC7559D-1679-4CCF-BCC2-74C9A0B00283} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8881A74D-2228-4F68-B5A1-DDF0962F7597} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe [11015736 2023-01-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EB3F2107-8E55-4FE3-B117-18D581EB0864} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {D0869EBD-0BCE-4908-89BE-8867403E127F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {36EA9754-95C6-4445-BB07-630C30444677} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {B2DBBB81-244A-4440-AE9F-D28D91C00F68} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {46B578DA-122C-4879-B43D-1AB0F4404F10} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {27312F1C-0984-453A-AB9A-9C9E51060CC9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {453C683F-B3E5-4F07-AF45-5F4D09E70FED} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {971A08DD-7599-4893-B55C-11B098070C98} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {2DC25538-0304-4829-B47A-7BE2324A7DFD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {3D822E22-1C7D-4EFE-AE6C-9CB9838CC6EB} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1671168092 => C:\Users\ticro\AppData\Local\Programs\Opera GX\launcher.exe [2769312 2023-11-17] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\ticro\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {CDBE9A96-47FB-45DB-A71F-96EE0613F9E7} - System32\Tasks\Opera GX scheduled Autoupdate 1668261402 => C:\Users\ticro\AppData\Local\Programs\Opera GX\launcher.exe [2769312 2023-11-17] (Opera Norway AS -> Opera Software) Task: {8A5E4BFE-C27E-4A45-A030-046322F06E60} - System32\Tasks\Opera scheduled Autoupdate 1668199992 => C:\Users\ticro\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\EPSON ET-M2170 Series Update {EE712C26-6847-4484-9034-1F116AFF0323}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVWE.EXE:/EXE:{EE712C26-6847-4484-9034-1F116AFF0323} /F:UpdateWORKGROUP\DESKTOP-HKLF9N7$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{0f641379-587b-4966-b597-38c1516525b1}: [DhcpNameServer] 192.168.178.1 Edge: ======= Edge HomeButtonPage: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001 -> hxxps://www.ya.ru/?win=591&clid=2761555-72 Edge Profile: C:\Users\ticro\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-21] Edge Extension: (Google Docs Offline) - C:\Users\ticro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-07] Edge Extension: (Edge relevant text changes) - C:\Users\ticro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-07] FireFox: ======== FF ProfilePath: C:\Users\ticro\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2023-04-29] FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> hxxps://www.ya.ru/?win=591&clid=2761555-72 FF SearchPlugin: C:\Users\ticro\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.ru-20231929.xml [2023-04-29] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-09-16] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-09-16] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default [2023-11-21] CHR DownloadDir: C:\Users\ticro\Desktop CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://www.facebook.com; hxxps://www.lieferando.de; hxxps://www.sueddeutsche.de CHR Session Restore: Default -> ist aktiviert. CHR Extension: (Pop-up-Blocker für Chrome™ - Poper Blocker) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2023-11-19] CHR Extension: (uBlock Origin) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-11-20] CHR Extension: (change-language) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2023-11-13] CHR Extension: (Just Read) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmanlpmmkibanfdgjocnabmcaclkmod [2023-11-16] CHR Extension: (Reader View) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecabifbgmdmgdllomnfinbmaellmclnh [2023-10-19] CHR Extension: (Session Buddy) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2023-11-10] CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-19] CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2023-07-24] CHR Extension: (I don't care about cookies) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-10-19] CHR Extension: (Google Docs Offline) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-19] CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-16] CHR Extension: (Volume Master - Lautstärkeregler) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2023-03-29] CHR Extension: (Marsala) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjlfmldcaheghnjjpgpoadjfppefjmkj [2023-01-15] CHR Extension: (YouTube™ Repeat Button) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lapfofmpmghklaegbdamgdojjninpnkg [2023-07-24] CHR Extension: (Shazam: Finde Songtitel in deinem Browser) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-10-27] CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2023-10-19] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-03] CHR Extension: (Browse AI: Fast Web Scraping & Monitoring) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpcenkclppghkfpielmefegceegofeh [2023-11-08] CHR Extension: (Mute Tab Shortcuts) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\opcjanmpjbdbdpnjfjbboacibokblbhl [2022-12-16] CHR Extension: (UnDistracted - Hide Facebook, YouTube Feeds) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjgklgkfeoeiebjogplpnibpfnffkng [2023-05-10] CHR Profile: C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-09-22] CHR DefaultSearchURL: Profile 1 -> hxxps://yandex.ru/search/?__PARAM__from=chromesearch&text={searchTerms} CHR DefaultSearchKeyword: Profile 1 -> yandex.ru CHR DefaultSuggestURL: Profile 1 -> hxxps://suggest.yandex.net/suggest-ff.cgi?uil=ru&part={searchTerms} CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-22] CHR Extension: (Яндекс) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fhkbfkkohcdgpckffakhbllifkakihmh [2023-09-22] CHR Extension: (Google Docs Offline) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-22] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-22] CHR Profile: C:\Users\ticro\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-19] CHR HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhkbfkkohcdgpckffakhbllifkakihmh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Opera: ======= OPR Profile: C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable [2023-04-29] OPR Extension: (Rich Hints Agent) - C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-11] OPR Extension: (Opera Wallet) - C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-11] OPR Extension: (Amazon Assistant Promotion) - C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-11-11] StartMenuInternet: (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001) Opera GXStable - "C:\Users\ticro\AppData\Local\Programs\Opera GX\Launcher.exe" Brave: ======= BRA Profile: C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-01-20] BRA Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-01-02] BRA Extension: (Brave Local Data Files Updater) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-01-02] BRA Extension: (Brave NTP background images) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-01-02] BRA Extension: (Wallet Data Files Updater) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-01-02] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-01-02] BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-01-02] BRA Extension: (Brave Ad Block Updater (EasyList Germany (plaintext))) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2023-01-02] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-01-02] BRA Extension: (Brave NTP sponsored images) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2023-01-02] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-01-02] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2023-09-16] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [399984 2023-07-27] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe [896872 2023-07-27] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-05-19] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2022-12-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1157088 2023-10-29] (ASUSTeK COMPUTER INC. -> ) R2 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [278528 2020-12-10] (CleverFiles) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12875960 2023-10-18] (Microsoft Corporation -> Microsoft Corporation) S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11139176 2023-10-27] (Electronic Arts, Inc. -> Electronic Arts) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2317800 2023-02-28] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178728 2023-02-28] (GOG Sp. z o.o. -> GOG.com) R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.) S2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4799336 2023-09-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-10-25] (Logitech Inc -> Logitech) R2 LogiTuneUpdaterService; C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe [7005584 2022-12-09] (Logitech Inc -> Logitech, Inc.) R2 NTKDaemonService; C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe [16784608 2022-12-13] (Native Instruments GmbH -> Native Instruments GmbH) R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [17595136 2023-02-03] (Logitech Inc -> Logitech, Inc.) R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-10-21] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> ) R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [49256 2022-08-15] (ASUSTeK COMPUTER INC. -> ) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2023-10-29] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) S3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43016 2023-10-19] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [32320 2022-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.) R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [386552 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Dokan Project) S3 ElgatoVirtualCamera; C:\WINDOWS\System32\drivers\ElgatoVirtualCamera.sys [14380560 2022-08-16] (WDKTestCert Elgato,132863164269755022 -> Windows (R) Win 7 DDK provider) R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54752 2023-01-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) R3 MpKsld7cf2a68; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F8D5C775-4458-4351-AE20-EB67E11BCAB0}\MpKslDrv.sys [263560 2023-11-20] (Microsoft Windows -> Microsoft Corporation) R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19016 2023-03-12] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) S3 RDID1102; C:\WINDOWS\system32\Drivers\RDWM1102.SYS [55296 2021-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation) U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation) U4 UnlockerDriver5; \??\C:\Users\ticro\Desktop\x86\UnlockerDriver5.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-11-21 16:59 - 2023-11-21 17:00 - 000089253 _____ C:\Users\ticro\Desktop\Addition.txt 2023-11-21 16:58 - 2023-11-21 17:17 - 000048520 _____ C:\Users\ticro\Desktop\FRST.txt 2023-11-21 16:58 - 2023-11-21 17:17 - 000000000 ____D C:\FRST 2023-11-21 16:58 - 2023-11-03 16:46 - 002383872 _____ (Farbar) C:\Users\ticro\Desktop\FRST64.exe 2023-11-20 16:33 - 2023-11-20 16:33 - 000059904 _____ C:\Users\ticro\Desktop\Microsoft Publisher Document (neu).pub 2023-11-20 15:15 - 2023-11-20 15:15 - 000000000 _____ C:\Users\ticro\Desktop\~umschlag_pfloecke_~h$fnf4.idlk 2023-11-20 15:15 - 2023-11-20 15:15 - 000000000 _____ C:\Users\ticro\Desktop\~tg_schwerter_des_g~gsv6q-.idlk 2023-11-20 09:30 - 2023-11-20 15:22 - 011427840 _____ C:\Users\ticro\Desktop\TG_Schwerter_des_Geistes_Buch.indd 2023-11-20 07:58 - 2023-11-20 10:16 - 000397738 _____ C:\Users\ticro\Desktop\Umschlag_Pfloecke_WS_mit_Beschnitt.pdf 2023-11-20 07:00 - 2023-11-20 07:00 - 000000000 _____ C:\Users\ticro\Desktop\~tg_pfloecke_12.6x1~0u8dg9.idlk 2023-11-20 06:59 - 2023-11-20 15:25 - 119939072 _____ C:\Users\ticro\Desktop\TG_Pfloecke_12.6x18.8+0.5_Beschnitt_666p_115g.indd 2023-11-20 05:00 - 2023-11-20 15:20 - 002183168 _____ C:\Users\ticro\Desktop\Umschlag_Pfloecke_WS_mit_Beschnitt.indd 2023-11-20 04:45 - 2023-11-20 04:45 - 001137386 _____ C:\Users\ticro\Desktop\ulysses_9783518472255_leseprobe.pdf 2023-11-20 01:57 - 2023-11-20 01:57 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2024.lnk 2023-11-20 01:55 - 2023-11-20 01:55 - 000001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2024.lnk 2023-11-20 01:53 - 2023-11-20 01:53 - 000001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2024.lnk 2023-11-20 01:50 - 2023-11-20 01:50 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2024.lnk 2023-11-20 01:46 - 2023-11-20 01:46 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop (Beta).lnk 2023-11-20 01:29 - 2023-11-20 01:29 - 518089128 _____ C:\Users\ticro\Desktop\20111108-164835-rot-topaz.tiff 2023-11-19 16:43 - 2023-11-19 16:43 - 023885906 _____ C:\Users\ticro\Desktop\OpenKrush-playtest-20220222-3-compat.dmg 2023-11-18 15:17 - 2023-11-18 15:20 - 520362452 _____ C:\Users\ticro\Desktop\Roter_Drache[supervideo.tv].mp4 2023-11-18 11:26 - 2023-11-18 11:26 - 000000000 ___HD C:\$WinREAgent 2023-11-17 14:33 - 2023-11-17 14:33 - 000032288 _____ C:\Users\ticro\Desktop\RE882610078.pdf 2023-11-17 02:15 - 2023-11-17 02:15 - 002555143 _____ C:\Users\ticro\Desktop\2012.10.08 – Basisbuch 2011 [x].pdf 2023-11-16 18:30 - 2023-11-16 18:30 - 000007835 _____ C:\Users\ticro\Desktop\MedGG_9.pdf 2023-11-16 12:47 - 2023-11-16 12:47 - 000057198 _____ C:\Users\ticro\Desktop\testseite.pdf 2023-11-15 09:39 - 2023-11-15 09:39 - 003276442 _____ C:\Users\ticro\Desktop\Tanck 2022.pdf 2023-11-13 21:17 - 2023-11-13 21:17 - 004866460 _____ C:\Users\ticro\Desktop\Istanbul 2015.pdf 2023-11-13 21:16 - 2023-11-13 21:16 - 000918650 _____ C:\Users\ticro\Desktop\Lohse 2021 de.pdf 2023-11-13 21:15 - 2023-11-13 21:15 - 004866460 _____ C:\Users\ticro\Desktop\Yeni-Tıp-Tarihi-Araştırmaları-21-2015.pdf 2023-11-13 21:15 - 2023-11-13 21:15 - 001140297 _____ C:\Users\ticro\Desktop\Lohse 2021.pdf 2023-11-12 12:48 - 2023-11-12 12:48 - 000955631 _____ C:\Users\ticro\Desktop\Greenwood 1928.pdf 2023-11-09 17:35 - 2023-11-09 17:35 - 052119823 _____ C:\Users\ticro\Desktop\Jonas 2017.pdf 2023-11-09 17:23 - 2023-11-09 17:23 - 000000000 ____D C:\Users\ticro\Desktop\Firefly 2023-11-07 20:30 - 2023-11-16 12:55 - 000000000 _____ C:\Users\ticro\Desktop\~tg_seuchen_12.6x18~utq_9b.idlk 2023-11-07 07:23 - 2023-11-07 07:23 - 000077058 _____ C:\Users\ticro\Desktop\Schikowski 2016.pdf 2023-11-07 07:22 - 2023-11-07 07:22 - 003145020 _____ C:\Users\ticro\Desktop\Stompe-Ritter 2014.pdf 2023-11-07 07:20 - 2023-11-07 07:20 - 004375353 _____ C:\Users\ticro\Desktop\Thießen 2021.pdf 2023-11-07 07:18 - 2023-11-07 07:18 - 006436962 _____ C:\Users\ticro\Desktop\Stettler 1979.pdf 2023-11-07 07:18 - 2023-11-07 07:18 - 000326733 _____ C:\Users\ticro\Desktop\Hagner 2018.pdf 2023-11-06 19:01 - 2023-11-06 19:01 - 004993819 _____ C:\Users\ticro\Desktop\Bonah 2011.pdf 2023-11-06 05:52 - 2023-11-06 05:54 - 000000000 ____D C:\Users\ticro\Desktop\PDFs ungeordnet 2023-11-06 05:52 - 2023-11-06 05:53 - 000000000 ____D C:\Users\ticro\Desktop\Bilder ungeordnet 2023-11-06 05:25 - 2023-11-06 05:25 - 087807032 _____ C:\Users\ticro\Desktop\Lena MeyerLandrut öffnet ihre Tasche mit Lieblingsbuch Nagelöl In the Bag VOGUE Germany YouTube1080p.mp4 2023-11-06 04:51 - 2023-11-06 04:51 - 042459453 _____ C:\Users\ticro\Desktop\Adobe InDesign Course Class 29 Creating an Index YouTube1080p.mp4 2023-11-03 21:52 - 2023-11-18 21:41 - 000000000 ____D C:\Users\ticro\Desktop\Gendersprache, Transgender, Frauenquote 2023-10-31 11:24 - 2023-10-31 11:24 - 153316210 _____ C:\Users\ticro\Desktop\lena-desktop-2023-BE-topaz.tiff 2023-10-28 21:19 - 2023-10-28 21:19 - 000000000 ____D C:\Users\ticro\AppData\Roaming\iA Inc 2023-10-27 21:17 - 2023-10-27 21:17 - 000903052 _____ C:\Users\ticro\Desktop\Ulrichs 2012.pdf 2023-10-27 20:16 - 2023-10-27 20:16 - 847000527 _____ C:\WINDOWS\MEMORY.DMP 2023-10-27 20:16 - 2023-10-27 20:16 - 004397476 _____ C:\WINDOWS\Minidump\102723-11359-01.dmp 2023-10-26 05:25 - 2023-10-26 05:25 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2024.lnk 2023-10-25 07:58 - 2023-11-19 21:12 - 120090624 _____ C:\Users\ticro\Desktop\TG_Seuchen_12.6x18.8+0.5_Beschnitt_600p_115g_mit_Farbseiten_WS3-Feinsatz.indd 2023-10-25 07:58 - 2023-11-05 03:57 - 000001084 _____ C:\Users\ticro\Desktop\Adobe InDesign 2024.lnk ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-11-21 17:16 - 2022-11-03 11:44 - 000000000 ____D C:\Program Files (x86)\Google 2023-11-21 17:16 - 2022-09-08 04:13 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-11-21 17:11 - 2022-11-03 13:39 - 000000000 ____D C:\Users\ticro\AppData\Local\ClassicShell 2023-11-21 17:07 - 2023-02-20 01:46 - 000000000 ____D C:\Users\ticro\Documents\Assassin's Creed Unity 2023-11-21 16:17 - 2022-11-11 20:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2023-11-21 13:58 - 2023-01-06 12:26 - 000000000 ____D C:\Users\ticro\AppData\Roaming\vlc 2023-11-21 13:31 - 2022-11-03 11:38 - 000000000 ____D C:\Users\ticro\AppData\Local\LogiOptionsPlus 2023-11-21 12:25 - 2022-11-03 11:33 - 000000000 ____D C:\ProgramData\NVIDIA 2023-11-21 05:35 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-11-20 23:53 - 2022-11-03 11:42 - 000000000 ____D C:\Program Files\ASUS 2023-11-20 18:55 - 2022-11-11 18:12 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-11-20 16:43 - 2022-11-11 20:33 - 000000000 ____D C:\Users\ticro\AppData\Roaming\Microsoft\Word 2023-11-20 15:17 - 2022-11-11 20:49 - 000179201 _____ C:\Users\ticro\Desktop\Notizen.md 2023-11-20 15:17 - 2022-11-11 20:48 - 000000000 ____D C:\Users\ticro\AppData\Roaming\iA Writer 2023-11-20 09:46 - 2022-11-03 11:34 - 000000000 ____D C:\Users\ticro\AppData\Roaming\Adobe 2023-11-20 06:59 - 2022-12-16 06:25 - 000000000 ____D C:\Users\ticro\Desktop\Coronavirus Buch 2023-11-20 05:46 - 2023-07-29 12:13 - 001536000 _____ C:\Users\ticro\Desktop\Umschlag_Beschnitt_0,5cm_für_115g_weiss_600p_29.90x19.indd 2023-11-20 01:57 - 2022-11-11 20:36 - 000000000 ____D C:\Program Files\Adobe 2023-11-20 01:53 - 2022-11-11 20:43 - 000000000 ____D C:\Users\Public\Documents\Adobe 2023-11-20 01:52 - 2022-12-16 06:29 - 017977344 _____ C:\Users\ticro\Desktop\TG_Pflöcke_WS.indd 2023-11-19 12:15 - 2022-11-12 14:56 - 000004276 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1668261402 2023-11-19 12:15 - 2022-11-12 14:56 - 000001438 _____ C:\Users\ticro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk 2023-11-18 11:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-11-18 11:23 - 2022-11-11 18:12 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-11-18 00:38 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-11-18 00:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-11-18 00:26 - 2022-11-03 12:05 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-11-17 07:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2023-11-17 01:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2023-11-17 01:16 - 2023-02-16 14:39 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-11-13 20:10 - 2023-05-09 14:34 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2023.lnk 2023-11-13 20:07 - 2023-09-19 11:26 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2024.lnk 2023-11-13 20:07 - 2022-11-11 20:36 - 000000000 ____D C:\ProgramData\Adobe 2023-11-11 08:10 - 2023-02-16 14:39 - 000004014 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{ABBDF71D-6D2B-46C6-A3D6-886B290C59A5} 2023-11-11 08:10 - 2023-02-16 14:39 - 000003890 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{735CF719-D2AA-4EC9-9643-868778E0CD5B} 2023-11-10 14:52 - 2022-11-11 20:52 - 000000000 ____D C:\Program Files (x86)\Steam 2023-11-10 12:06 - 2022-11-12 15:18 - 000000000 ____D C:\Users\ticro\AppData\Roaming\discord 2023-11-10 12:06 - 2022-11-12 15:18 - 000000000 ____D C:\Users\ticro\AppData\Local\Discord 2023-11-09 09:00 - 2022-12-20 21:48 - 000000000 ____D C:\Users\ticro\AppData\Local\CrashDumps 2023-11-08 18:09 - 2022-12-16 07:04 - 000001456 _____ C:\Users\ticro\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2023-11-07 19:49 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2023-11-07 16:05 - 2022-11-03 12:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-11-06 19:23 - 2022-12-16 06:32 - 000000000 ____D C:\Users\ticro\Desktop\TG_S_BILDER 2023-11-05 03:55 - 2022-11-11 18:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-11-04 16:03 - 2022-11-03 11:43 - 000000000 ____D C:\Program Files (x86)\LightingService 2023-11-04 16:03 - 2022-11-03 11:37 - 000000000 ____D C:\ProgramData\Package Cache 2023-11-01 21:26 - 2022-11-03 12:51 - 001723308 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-11-01 21:26 - 2019-12-07 15:51 - 000743838 _____ C:\WINDOWS\system32\perfh007.dat 2023-11-01 21:26 - 2019-12-07 15:51 - 000150260 _____ C:\WINDOWS\system32\perfc007.dat 2023-11-01 21:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2023-11-01 01:20 - 2022-11-03 12:48 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-11-01 01:20 - 2022-11-03 12:48 - 000003630 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-10-29 23:42 - 2022-12-16 06:25 - 000000000 ____D C:\Users\ticro\Desktop\chap-4-references 2023-10-29 12:13 - 2022-11-11 20:38 - 000000000 ___RD C:\Users\ticro\Creative Cloud Files 2023-10-29 10:34 - 2023-10-19 05:50 - 000000000 ____D C:\Users\ticro\AppData\Roaming\asus_framework 2023-10-29 10:34 - 2022-11-03 12:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-10-29 10:34 - 2022-11-03 12:05 - 000008192 ___SH C:\DumpStack.log.tmp 2023-10-29 10:33 - 2022-11-03 12:05 - 001205104 _____ () C:\WINDOWS\system32\wpbbin.exe 2023-10-29 10:33 - 2022-11-03 12:05 - 001157088 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe 2023-10-29 10:32 - 2022-12-16 06:32 - 000563741 ____H C:\Users\ticro\Desktop\~WRL0004.tmp 2023-10-29 10:32 - 2022-11-03 12:42 - 000000000 ____D C:\Users\ticro 2023-10-29 10:32 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-10-27 20:22 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-10-27 20:18 - 2022-11-03 12:45 - 005178376 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-10-27 20:16 - 2022-12-24 12:56 - 000000000 ____D C:\WINDOWS\Minidump 2023-10-27 20:16 - 2022-11-03 12:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-10-27 20:16 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV 2023-10-27 20:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-10-27 20:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-10-27 20:16 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-10-27 20:16 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\de 2023-10-27 20:16 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\de 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-10-27 07:47 - 2022-11-11 20:33 - 000000000 ____D C:\Users\ticro\AppData\Roaming\Microsoft\Office ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2022-12-16 07:04 - 2023-11-08 18:09 - 000001456 _____ () C:\Users\ticro\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2022-11-11 20:42 - 2022-11-11 20:42 - 000000000 _____ () C:\Users\ticro\AppData\Local\oobelibMkey.log 2022-12-16 10:22 - 2022-12-16 10:22 - 000007605 _____ () C:\Users\ticro\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
21.11.2023, 19:03 | #11 |
| Hackerangriff TrojanervirusCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-10-2023 durchgeführt von WORKSTATION (21-11-2023 17:17:56) Gestartet von C:\Users\ticro\Desktop Microsoft Windows 10 Pro Version 22H2 19045.3570 (X64) (2022-11-03 11:48:05) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-1068755797-3644653114-3026200473-500 - Administrator - Enabled) DefaultAccount (S-1-5-21-1068755797-3644653114-3026200473-503 - Limited - Disabled) Gast (S-1-5-21-1068755797-3644653114-3026200473-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1068755797-3644653114-3026200473-504 - Limited - Disabled) WORKSTATION (S-1-5-21-1068755797-3644653114-3026200473-1001 - Administrator - Enabled) => C:\Users\ticro ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 23.006.20360 - Adobe) Adobe After Effects 2024 (HKLM-x32\...\AEFT_24_0_3) (Version: 24.0.3 - Adobe Inc.) Adobe Audition 2024 (HKLM-x32\...\AUDT_24_0_3) (Version: 24.0.3 - Adobe Inc.) Adobe Bridge 2023 (HKLM-x32\...\KBRG_13_0_5) (Version: 13.0.5 - Adobe Inc.) Adobe Bridge 2024 (HKLM-x32\...\KBRG_14_0_1) (Version: 14.0.1 - Adobe Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.0.0.571 - Adobe Inc.) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.61 - Adobe Inc.) Adobe Illustrator 2023 (HKLM-x32\...\ILST_27_8) (Version: 27.8 - Adobe Inc.) Adobe InDesign 2024 (HKLM-x32\...\IDSN_19_0) (Version: 19.0 - Adobe Inc.) Adobe Media Encoder 2024 (HKLM-x32\...\AME_24_0_3) (Version: 24.0.3 - Adobe Inc.) Adobe Photoshop (Beta) (HKLM-x32\...\PHSPBETA_25_3) (Version: 25.3.0.2403 - Adobe Inc.) Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_1) (Version: 25.1.0.120 - Adobe Inc.) Adobe Premiere Pro 2024 (HKLM-x32\...\PPRO_24_0_3) (Version: 24.0.3 - Adobe Inc.) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AntConc Version 4.1.4 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\{1FC711C0-DFA6-49BA-87C9-EC7C86DFE265}_is1) (Version: 4.1.4 - AntLab Solutions) A-PRO Driver (HKLM\...\RolandRDID0102) (Version: - Roland Corporation) ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.6.8 - ASUS) Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft) ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.50.0 - ASUSTek COMPUTER INC.) Hidden ASUS AIOFan HAL (HKLM-x32\...\{6aabd550-b97f-4b87-8c12-fb271d7c8047}) (Version: 1.1.50.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.3.9.1 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM-x32\...\{2fc4816b-566a-4170-9b4d-1dc8bad8a164}) (Version: 1.3.9.1 - ASUSTeK COMPUTER INC.) Hidden ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.39 - ASUSTek COMPUTER INC.) Hidden ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.6.3 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA VGA Component (HKLM-x32\...\{20a5b340-899f-4e14-904f-8cb333ce9663}) (Version: 0.0.6.3 - ASUSTek COMPUTER INC. ) Hidden ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.0.1.5 - ASUSTeK Computer Inc.) ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 3.03.09 - ASUSTek Computer Inc.) ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.107 - ASUSTeK Computer Inc.) Hidden Audacity 3.2.5 (HKLM\...\Audacity_is1) (Version: 3.2.5 - Audacity Team) AURA DRAM Component (HKLM\...\{6FB66775-BB93-4D0A-9871-4CC9B2E87BF3}) (Version: 1.1.23 - ASUS) Hidden AURA DRAM Component (HKLM-x32\...\{179f415f-2ff3-4db1-bcc1-d5730f746db8}) (Version: 1.1.23 - ASUS) Hidden AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.36 - ASUS) AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.36 - ASUS) AURA Service (HKLM-x32\...\{0fcadbd2-1a6a-4a4a-a56d-fc7163d9b3fa}) (Version: 3.07.25 - ASUSTeK Computer Inc.) AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.25 - ASUSTeK Computer Inc.) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Catalyst Browse 2023.1 (HKLM\...\{E2E127D1-DAF6-11ED-9C23-5CF9DD6B5363}) (Version: 2023.1.0.975 - Sony) Catalyst Prepare 2023.1 (HKLM\...\{E0DB7FE1-DB0E-11ED-989C-5CF9DD6B5363}) (Version: 2023.1.0.975 - Sony) Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft) Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU) CrystalDiskInfo 8.17.13 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.13 - Crystal Dew World) DeepL (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - DeepL SE) Diablo IV Beta (HKLM-x32\...\Diablo IV Beta) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Discord) (Version: 1.0.9007 - Discord Inc.) Disk Drill 4.1.551.0 (HKLM-x32\...\{a2831651-c6b5-4aac-a467-d9fe836c8701}) (Version: 4.1.551.0 - CleverFiles) Disk Drill 4.1.551.0 (x64) (HKLM\...\{E17DB604-AFC0-4B5E-916D-65D5BFF75774}) (Version: 4.1.551.0 - CleverFiles) Hidden Dokan Library 1.5.1.1000 (x64) (HKLM\...\{65A3A964-3DC3-0105-0001-211126123627}) (Version: 1.5.1.1000 - Dokany Project) Hidden Dokan Library 1.5.1.1000 Bundle (HKLM-x32\...\{05c046de-f751-48c8-b8d3-77259ea88eb7}) (Version: 1.5.1.1000 - Dokany Project) Drakonia II Gaming Mouse (HKLM-x32\...\{74757EB2-1BA0-4242-8F0A-11708D82850B}}_is1) (Version: 1.0.0.0 - Sharkoon) Druckerdeinstallation für EPSON ET-M2170 Series (HKLM\...\EPSON ET-M2170 Series) (Version: - Seiko Epson Corporation) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.52.0.5565 - Electronic Arts) Hidden EA app (HKLM-x32\...\{8b9e6a60-252a-46c7-b3a8-709eac689f45}) (Version: 13.52.0.5565 - Electronic Arts) ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.40.3 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{7f329536-2468-4b20-88dc-5e2defcd5ff3}) (Version: 1.1.40.3 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden Epic Games Launcher (HKLM-x32\...\{3BBD4AB3-079D-43CD-8C93-A2AD929EE15A}) (Version: 1.3.65.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.) Epson Printer Connection Checker (HKLM-x32\...\{562C1C83-6199-49DD-987B-60D5FF7BC971}) (Version: 3.3.2.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) f.lux (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Flux) (Version: 4.124 - f.lux Software LLC) FeelYourSound Chillout Engine (HKLM\...\Chillout Engine_is1) (Version: 1.0.0 - FeelYourSound) FeelYourSound Chord Potion (HKLM\...\Chord Potion_is1) (Version: 2.2.1 - FeelYourSound) FeelYourSound House Engine (HKLM\...\House Engine_is1) (Version: 1.2.0 - FeelYourSound) FeelYourSound Melodic Flow (HKLM\...\Melodic Flow_is1) (Version: 1.1.0 - FeelYourSound) FeelYourSound Sundog (HKLM\...\Sundog_is1) (Version: 3.8.0 - FeelYourSound) FeelYourSound Xoto Pad (HKLM\...\Xoto Pad_is1) (Version: 2.9.0 - FeelYourSound) GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden Generals Evolution Beta 0.3 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Generals Evolution Beta 0.3) (Version: - ) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.60.2 - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 119.0.6045.160 - Google LLC) iA Writer (HKLM\...\{43D19872-0096-433C-B718-7E350F0DF797}) (Version: 1.4.8641.17184 - iA Inc) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden Kingston AURA DRAM Component (HKLM-x32\...\{a9913343-8463-4fd2-8a33-ae89cbbfe139}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logi Firmware Update Tool for C930e (HKLM-x32\...\FWUpdateC930e) (Version: 2.1.14.0 - Logitech Europe S.A.) Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.32.366807 - Logitech) Logi Tune (HKLM-x32\...\{467b811d-8d20-4c9a-810c-37b3293ba815}) (Version: 3.0.180.0 - Logitech) Logi Tune 3.0.180 (HKLM-x32\...\{006206E7-C138-4EA2-A8DB-72BD0016BD53}) (Version: 3.0.180.0 - Logitech) Hidden Logitech Capture (HKLM\...\Capture) (Version: 2.08.11 - Logitech) Logitech Kameraeinstellungen (HKLM-x32\...\LogiUCDPP) (Version: 2.12.20.0 - Logitech Europe S.A.) Magic Bullet Suite (HKLM\...\Magic Bullet Suite v15.1.0) (Version: - Maxon Computer GmbH) Magic Bullet Suite (HKLM\...\Magic Bullet Suite v2023.0.0) (Version: - Maxon Computer GmbH) MAGIX Speed burnR (HKLM\...\{87DA727F-D65B-4B1A-B1AD-C37DD4FD1EC3}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden MAGIX Speed burnR (HKLM-x32\...\MX.{87DA727F-D65B-4B1A-B1AD-C37DD4FD1EC3}) (Version: 7.0.2.6 - MAGIX Software GmbH) Maxon Cinema 4D 2023 (HKLM\...\Maxon Cinema 4D 2023) (Version: 2023 - Maxon) Microsoft .NET Host - 6.0.15 (x64) (HKLM\...\{AC25127C-9BB1-4F9A-9B02-B6B6178DD891}) (Version: 48.63.56695 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.15 (x64) (HKLM\...\{EDD929D3-DFE9-40BA-8A13-30F9CE1E2F18}) (Version: 48.63.56695 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.15 (x64) (HKLM\...\{368BE572-D3CE-47B6-A3B1-DE0270E5C109}) (Version: 48.63.56695 - Microsoft Corporation) Hidden Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.16924.20078 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.72 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.72 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.15 (x64) (HKLM\...\{B353ABAB-7F7C-4605-852D-0E5C3E1FA289}) (Version: 48.63.56729 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.15 (x64) (HKLM-x32\...\{06cd4f51-0a4b-471c-9ccc-e3dd11294c03}) (Version: 6.0.15.32217 - Microsoft Corporation) mp3DirectCut 1.27 (HKLM-x32\...\mp3DirectCut 1.27) (Version: - ) MSVCRT Redists (HKLM\...\{40E9018F-DB42-11ED-AEFC-5CF9DD6B5363}) (Version: 1.0 - Sony Creative Software Inc.) Hidden Native Access 3.1.0 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\c410b7d2-8fce-53b3-8332-e98b6e89a16a) (Version: 3.1.0 - Native Instruments) Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.7.1.0 - Native Instruments) Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.7.3.37 - Native Instruments) Native Instruments Kontakt 7 (HKLM-x32\...\Native Instruments Kontakt 7) (Version: 7.1.8.0 - Native Instruments) Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.9.1.0 - Native Instruments) Neat Video for Premiere (HKLM\...\Neat Video for Premiere_is1) (Version: 5.0.2 - Neat Video team, ABSoft & Team V.R) Neat Video v5.5.9 Demo plug-in (Second Revision) for Premiere (HKLM\...\Neat Video v5 (SR) for Premiere_is1) (Version: - Neat Video team, ABSoft) Notion 2.0.41 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\fcdf0d7f-424b-5f10-a1c7-a8f643f21adf) (Version: 2.0.41 - Notion Labs, Inc) NVIDIA Broadcast 1.4.0.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIABroadcast) (Version: 1.4.0.29 - NVIDIA Corporation) NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation) NVIDIA GeForce Experience 3.26.0.160 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.160 - NVIDIA Corporation) NVIDIA Grafiktreiber 527.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.56 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Video Effects (HKLM-x32\...\NVIDIA Video Effects) (Version: 0.7.2 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 28.1.2 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20054 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20078 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.16827.20122 - Microsoft Corporation) Hidden Opera GX Stable 104.0.4944.70 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Opera GX 104.0.4944.70) (Version: 104.0.4944.70 - Opera Software) Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.6 - Patriot Memory) Hidden Patriot Viper DRAM RGB (HKLM-x32\...\{abe059bb-10a7-4d38-ba59-a4bf3ac7b71a}) (Version: 1.0.9.6 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 221215 - Kakao Corp.) PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd) REDlauncher (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com) ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 4.01.02 - ASUSTek Computer Inc.) ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.1.5.0 - ASUSTek COMPUTER INC.) Samplitude Pro X4 Suite (HKLM\...\{ECEEBE1E-65B2-4136-9C7B-FAC839BE433F}) (Version: 15.0.0.40 - MAGIX Software GmbH) Hidden Samplitude Pro X4 Suite (HKLM\...\MX.{ECEEBE1E-65B2-4136-9C7B-FAC839BE433F}) (Version: 15.0.0.40 - MAGIX Software GmbH) Samplitude Pro X7 Suite (HKLM\...\{3B7DD78F-EB57-4DC8-A462-E2563DCBA942}) (Version: 18.0.0.22190 - MAGIX Software GmbH) Hidden Samplitude Pro X7 Suite (HKLM\...\MX.{3B7DD78F-EB57-4DC8-A462-E2563DCBA942}) (Version: 18.1.1.22392 - MAGIX Software GmbH) Samplitude Pro X7 Suite Update (HKLM\...\{0C0053F1-F049-4F95-BE6F-357273CF970B}) (Version: 18.1.1.22392 - MAGIX Software GmbH) Hidden StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Topaz Photo AI (HKLM\...\{7F8736DE-1FE0-4FDB-A517-6B3891EF8098}) (Version: 1.5.2 - Topaz Labs LLC) Topaz Video AI 3.2.5 (HKLM\...\Topaz Video AI_is1) (Version: 3.2.5 - LR) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 125.1.10585 - Ubisoft) United Plugins Bundle (HKLM\...\{349EC1D2-8D77-40B4-89EE-612E2F1F6E26}_is1) (Version: 2023.2 - United Plugins & Team V.R) Unity 2022.3.10f1 (HKLM-x32\...\Unity 2022.3.10f1) (Version: 2022.3.10f1 - Unity Technologies ApS) Unity Hub 3.5.2 (HKLM\...\Unity Technologies - Hub) (Version: 3.5.2 - Unity Technologies Inc.) Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.5 - PD) Hidden Universal Holtek RGB DRAM (HKLM-x32\...\{fba0580a-1ad3-44e2-b463-13a30387085c}) (Version: 1.0.0.5 - PD) Hidden Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) VGA (HKLM-x32\...\{0f87ebb7-aabb-43e5-9c5d-28744f517468}) (Version: 3.01.05 - ASUSTek Computer Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN) Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.7.0 - Azureus Software, Inc.) Warcraft II (HKLM-x32\...\1418669891_is1) (Version: 2.02 v4 - GOG.com) WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.2183 - Microsoft Corporation) WinRAR 5.00 beta 6 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH) WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH) WinSnap (HKLM-x32\...\WinSnap) (Version: 4.5.2 - NTWind Software) Packages: ========= Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-12-16] (Adobe Systems Incorporated) Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2023-10-19] () Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-11-11] (Adobe Systems Incorporated) Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.4.0.0_x86__kc6t79cpj4tp0 [2023-02-04] (AMZN Mobile LLC) ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.6.8.0_x64__qmba6cd70vzyy [2023-07-27] (ASUSTeK COMPUTER INC.) Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.41.5.0_x64__6rarf9sa4v8jt [2022-11-03] (Disney) EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.2.1.0_x86__1sdd7yawvg6ne [2023-07-27] (File-New-Project) [Startup Task] Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2023-07-27] (INTEL CORP) [Startup Task] LiquidText -> C:\Program Files\WindowsApps\LiquidText.LiquidText_2.6.82.0_x64__rx5mtpcf576t0 [2023-01-03] (LiquidText) Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation) [MS Ad] Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2302.13003.0_x64__8wekyb3d8bbwe [2023-03-24] (Microsoft Corporation) [Startup Task] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Studios) [MS Ad] MSN Wetter -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation) [MS Ad] Notepads App -> C:\Program Files\WindowsApps\19282JackieLiu.Notepads-Beta_1.4.8.0_x64__echhpq9pdbte8 [2023-01-03] (Jackie Liu) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-12-26] (NVIDIA Corp.) Resultivity -> C:\Program Files\WindowsApps\zababahano.3545749027C6F_4.1.77.0_x64__h479t9074rj58 [2023-01-03] (zababahano) Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2022-11-03] (Skype) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0 [2023-07-08] (Spotify AB) [Startup Task] Twinkle Tray -> C:\Program Files\WindowsApps\38002AlexanderFrangos.TwinkleTray_1.15.2.0_x64__m7qx9dzpwqaze [2023-01-03] (Xander Frangos) [Startup Task] WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2342.7.0_x64__cv1g1gvanyjgm [2023-10-31] (WhatsApp Inc.) [Startup Task] ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-246D6BDDE8A9} -> [Creative Cloud Files] => C:\Users\ticro\Creative Cloud Files [2022-11-11 20:38] CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> C:\Users\ticro\AppData\Local\0install.net\implementations\sha256new_UWNGXVK6DRTTECOLMXJSJBKPLJSVPF4RLJDWUUYVXIU4S6CAUU7A\DeepL.exe (DeepL SE -> DeepL SE) CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> ) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\nvshext.dll [2022-12-06] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd) ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2020-02-10 21:36 - 2020-02-10 21:36 - 001221632 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\iA Writer\CefSharp.BrowserSubprocess.Core.dll 2020-02-10 21:36 - 2020-02-10 21:36 - 001861120 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\iA Writer\CefSharp.Core.dll 2023-10-19 05:49 - 2023-09-14 15:02 - 000322048 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node 2023-10-19 05:49 - 2023-09-14 15:02 - 000175616 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node 2023-10-19 05:49 - 2023-04-14 13:18 - 000159744 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ref-napi\prebuilds\win32-ia32\electron.napi.node 2023-10-19 05:49 - 2023-04-14 13:18 - 000319488 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\sharp\build\Release\sharp-win32-ia32.node 2023-10-19 05:49 - 2023-09-14 15:02 - 000541696 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\usb\prebuilds\win32-ia32\node.napi.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000137728 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\22bc2e53-8157-49dd-a028-7321bbb1b2df.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000665088 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\34aeec9b-56c5-41b4-a63f-e27d15ad37b9.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000148480 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\3e12e4f0-8f77-469b-b70f-23935220d58d.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000123392 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\415fc8d1-0306-45f4-b215-2ad059cc5279.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000104960 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\58002dd3-cdd8-4621-bcb6-ff96b8426981.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000118272 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\8c64f8ba-af7a-48e5-a8d2-e9326e948a13.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000109056 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\b99c55fa-22a9-42c1-9710-76a872368c73.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000665088 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\c706961f-9520-492e-9ba6-1543c0cc70c4.tmp.node 2023-10-29 10:34 - 2023-10-29 10:34 - 000287744 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\e8945776-6fa4-4812-9715-a63afd0ef0ff.tmp.node 2023-10-09 20:50 - 2023-10-09 20:50 - 003490304 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU 2023-10-09 20:50 - 2023-10-09 20:50 - 000178688 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\Locale\de_de\PDFMaker\PDFMOfficeAddin.DEU 2023-10-19 05:32 - 2023-10-19 05:32 - 000190976 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe InDesign 2024\tbbmalloc.dll 2017-01-04 09:55 - 2017-01-04 09:55 - 001044480 _____ () [Datei ist nicht signiert] C:\Program Files\iA Writer\e_sqlite3.DLL 2020-01-30 07:55 - 2020-01-30 07:55 - 116862464 _____ () [Datei ist nicht signiert] C:\Program Files\iA Writer\libcef.dll 2020-01-30 06:46 - 2020-01-30 06:46 - 000373760 _____ () [Datei ist nicht signiert] C:\Program Files\iA Writer\libegl.dll 2020-01-30 06:46 - 2020-01-30 06:46 - 008005632 _____ () [Datei ist nicht signiert] C:\Program Files\iA Writer\libglesv2.dll 2022-11-14 11:16 - 2022-11-14 11:16 - 000022016 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu 2018-07-15 13:15 - 2018-07-15 13:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicExplorer64.dll 2018-07-15 13:15 - 2018-07-15 13:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll 2018-07-15 13:15 - 2018-07-15 13:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\WINDOWS\system32\StartMenuHelper64.dll 2022-11-11 20:31 - 2022-11-11 20:31 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll 2022-11-11 20:31 - 2022-11-11 20:31 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll 2022-11-11 20:31 - 2022-11-11 20:31 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll 2022-11-11 20:31 - 2022-11-11 20:31 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\c2r64.dll 2015-12-11 16:14 - 2015-12-11 16:14 - 004968448 _____ (Seiko Epson Corporation) [Datei ist nicht signiert] C:\Program Files\EpsonNet\EpsonNet Print\ENSTRMAPIe.dll 2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\WINDOWS\System32\enppmon.dll 2020-01-30 06:47 - 2020-01-30 06:47 - 000969216 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files\iA Writer\chrome_elf.dll 2019-04-22 13:46 - 2019-04-22 13:46 - 000524288 _____ (Thomas Maierhofer) [Datei ist nicht signiert] C:\Program Files\iA Writer\Hunspellx64.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.ya.ru/?win=591&clid=2761555-72 SearchScopes: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001 -> DefaultScope 3914679a-e6cb-11ed-a583-50ebf6945631 URL = hxxps://yandex.ru/search/?win=591&clid=2761556-72&text={searchTerms} SearchScopes: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001 -> 3914679a-e6cb-11ed-a583-50ebf6945631 URL = hxxps://yandex.ru/search/?win=591&clid=2761556-72&text={searchTerms} BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-18] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\localhost -> localhost ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\ HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ticro\Desktop\lena-desktop-2023-BE-topaz.tiff DNS Servers: Datenträger ist nicht mit dem Internet verbunden. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run32: => "Drakonia II Gaming Mouse" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKLM\...\StartupApproved\Run32: => "Logi Tune" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\StartupFolder: => "DeepL auto-start.lnk" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Opera GX Stable" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Battle.net" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "GogGalaxy" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_06E1957EAB573F921F12B105FFB2C315" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Wave Link" HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "DevEmu_Enabler" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{E467071E-787E-4CFC-9D8F-A0225CA0C063}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{BE7E08EF-6FDB-4038-9CAA-8BB15B8C46EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{5ABE7B84-EB8E-4CA4-8EB2-E2621F2F9279}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{4EB181E2-F4F1-4A60-AD83-EBCDFE19AF60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{42035DFA-B079-452F-8E01-8B23586BC73B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{482870BA-4D39-4519-B605-8DDF745E4E8B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{CD13C8F0-10B3-493D-9535-4738B79E1A5D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{D8DEC60E-F02C-40B7-96BF-473568D9C3C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{64CD89AF-B837-4ACC-BF58-9F1635EFACC6}] => (Allow) C:\Users\ticro\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) FirewallRules: [{4B4BD7BD-8DE2-4E20-9FEF-8745FE5511A2}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [{A4E9BB71-04A4-450F-A257-375C5CDBBC48}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{4E4939BA-3F89-4D6B-A69B-44B878F541D3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{2AFD1823-0B10-4343-916C-8EB4BDBEE839}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{DBC75C1E-1B33-4DFA-8215-45C40E4AE728}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{14280CBA-69E9-4E5B-BA43-C93672918906}] => (Allow) C:\Users\ticro\AppData\Local\Programs\Opera\92.0.4561.43\opera.exe => Keine Datei FirewallRules: [{C432913C-C437-438F-B2AC-1AACF3DA8DF7}] => (Allow) C:\Program Files\MAGIX\Samplitude Pro X4 Suite\Sam.exe => Keine Datei FirewallRules: [TCP Query User{3041F59A-F205-4E89-9669-27A7D4DA4942}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{E90519A3-D25F-401E-9D07-C3B0E4984E85}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{1BDEEFAF-5753-4210-9B36-B8D081A0E906}] => (Allow) C:\Users\ticro\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => Keine Datei FirewallRules: [{8D76F525-218F-43CB-B6C6-859FE8198669}] => (Allow) C:\Users\ticro\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => Keine Datei FirewallRules: [{CEA2CB14-0347-42B0-9911-3492AE03267A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment) FirewallRules: [{E6301D6B-1483-416D-A282-93F4654F16EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment) FirewallRules: [{85D0E562-BB83-4178-AC57-EEB0B4946823}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment) FirewallRules: [{5697DDBE-F0BC-4D32-8FBD-67B9AA1A0EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment) FirewallRules: [{04DD9DF3-2112-4F9E-AF9C-77FD65E58923}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe => Keine Datei FirewallRules: [{43B51A2F-AF30-49DE-9495-304E98A2A46C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe => Keine Datei FirewallRules: [{6122C4A3-167F-4156-A729-50F3A0A2578D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{BF9355D9-AFD0-4564-BB66-48F343AA1F70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{5AA9FF16-5A28-48CA-A96A-B3EFDEFA7116}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{CDAFD7A0-439C-4824-BC99-4954F38857B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{5BE9F168-1754-44DB-B50F-EB8B599C8F26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{10629BCB-ABE4-4758-A4A6-2580950278B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{F5E382A6-BFFE-429F-A7C1-21AD097DBF48}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{85C56D2F-20F7-4566-B60E-B9F19188413D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{ED1ABC48-A0B3-4A6C-90D7-175119903695}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{E58EEC8A-3907-40E8-9DBB-5B13B3A456ED}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{80759BC7-3CCA-466B-B71B-F2ADAC973281}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{61C29E0A-3886-4E96-95AD-0AE30571003C}C:\program files\ea games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files\ea games\mass effect 2\binaries\me2game.exe => Keine Datei FirewallRules: [UDP Query User{0FF59E65-8888-4DE7-B2D5-6A8A1A18EF53}C:\program files\ea games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files\ea games\mass effect 2\binaries\me2game.exe => Keine Datei FirewallRules: [TCP Query User{488489CD-79FC-4372-899A-4E4532A2D630}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) FirewallRules: [UDP Query User{FACD06DA-5DF6-49C3-BA3C-2B102B239A8B}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) FirewallRules: [{4D44169B-9296-4F59-BB26-51A8BA567E63}] => (Allow) C:\Program Files\EA Games\Mass Effect 2\Binaries\MassEffect2.exe => Keine Datei FirewallRules: [{37F89AA8-4FF1-4700-A11E-EFC2390CC6C9}] => (Allow) C:\Program Files\EA Games\Mass Effect 2\Binaries\MassEffect2.exe => Keine Datei FirewallRules: [TCP Query User{F0310B8D-BB9E-4C00-97E2-5743B9B044A2}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{23226AD5-B478-4F39-B042-D73F3A5E724F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{F9143B22-FE08-4D2B-ADBB-50D1357EB292}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc) FirewallRules: [{BFFCDBAE-3D39-4A8D-9610-05022D9A1621}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc) FirewallRules: [{535BB1C2-9201-403D-BC44-93E3221A5DA9}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.4.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (16916B57-7991-4968-B02A-2ADE4B5FB0DE -> Amazon.com Services LLC) FirewallRules: [{E25451A8-C3BB-4AA3-B905-B153077B4DC8}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.4.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (16916B57-7991-4968-B02A-2ADE4B5FB0DE -> Amazon.com Services LLC) FirewallRules: [{8E0AE310-7E11-4B3B-BD2B-8B94EA17049F}] => (Allow) C:\Program Files\Elgato\CameraHub\Camera Hub.exe => Keine Datei FirewallRules: [{25507D72-A6B9-49E3-81FB-2264CE7DF01A}] => (Allow) C:\Program Files\Elgato\WaveLink\WaveLink.exe => Keine Datei FirewallRules: [TCP Query User{D3F40382-A4F6-4A05-8623-DF2362B34877}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{FFEA3775-0066-478B-90C4-2A7F3FF92C70}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{83025C3C-42B9-4715-B447-462E8A5BFB84}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin\FarCry6.exe => Keine Datei FirewallRules: [{0010D7FD-6AEF-4D0F-9F1D-521E4113309B}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin\FarCry6.exe => Keine Datei FirewallRules: [{ABD09784-B90F-450D-8040-A833FF27515F}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin_plus\FarCry6.exe => Keine Datei FirewallRules: [{F3D23AFE-668D-41CD-B119-E61E5D8645B7}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin_plus\FarCry6.exe => Keine Datei FirewallRules: [{AEB1D351-E89A-40B4-BAED-3CEB5954DDA1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{0A4476D0-F16D-4BE5-A35C-39F98E6AA6FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{CD6CCE3C-807B-4BDA-8D88-849B95F0F91E}] => (Allow) C:\Program Files\MAGIX\Samplitude Pro X7 Suite\Sam.exe => Keine Datei FirewallRules: [{D6719EA8-3AA3-4099-8CA5-A1F9C609DC2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\System Shock Demo\SystemShock.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{6F9772D1-48D9-4232-A55A-6C84AFC5E0A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\System Shock Demo\SystemShock.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{EA474D3D-9D35-45A9-B8FC-DFB525E99B2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Concrete Jungle\Concrete Jungle.exe (ColePowered Games Ltd. -> ) [Datei ist nicht signiert] FirewallRules: [{CE430EE6-367B-4020-9E62-B7D5576381C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Concrete Jungle\Concrete Jungle.exe (ColePowered Games Ltd. -> ) [Datei ist nicht signiert] FirewallRules: [{C1277428-7DBB-4125-9932-D12CAA6E3F94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mechabellum Playtest\game.exe => Keine Datei FirewallRules: [{9EC7A4A7-8B7B-4F9C-804D-D3141FF3F6C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mechabellum Playtest\game.exe => Keine Datei FirewallRules: [TCP Query User{74BC57EA-B137-49A0-AD86-6F94732761DC}C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [UDP Query User{3CC76833-CC29-4346-B9FE-9537C037FC70}C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [{7BA482D4-DD69-4296-B9AA-D7B2BF9B47C5}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\Warcraft II BNE\Warcraft II BNE.exe (GOG Sp. z o.o. -> Blizzard Entertainment) FirewallRules: [{F7A1049B-A179-4CFE-AB8E-AA87F02AA8CD}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\Warcraft II BNE\Warcraft II BNE_dx.exe (Blizzard Entertainment) [Datei ist nicht signiert] FirewallRules: [TCP Query User{D932DED3-CEB4-49C1-AF72-12EB0B61D47B}C:\program files (x86)\diablo iv - beta\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv - beta\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{B2287F4E-DC44-46B7-81BB-ACFFAA18932B}C:\program files (x86)\diablo iv - beta\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv - beta\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{D1144B85-2D51-4EB8-92FF-8CB2DE594B43}C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe] => (Allow) C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe => Keine Datei FirewallRules: [UDP Query User{68B42E64-BAA5-4857-A6E3-F760B09B8B2B}C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe] => (Allow) C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe => Keine Datei FirewallRules: [{9BF1A858-1D38-46BE-9381-486CE21E6F63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [Datei ist nicht signiert] FirewallRules: [{C2607182-F8B7-4DF8-988A-AE0F12065733}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{79A8FF7A-F53F-46FC-A47D-C821C8422DB9}C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game] => (Allow) C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game (Electronic Arts Inc.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{B09C4EFB-C981-4FDA-8524-C7B28A3B5705}C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game] => (Allow) C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game (Electronic Arts Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{BDC73CD5-4829-43E5-8679-AE961E1F0CCA}C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe => Keine Datei FirewallRules: [UDP Query User{8C574421-8F5A-4555-B2B3-F047468E5F57}C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe => Keine Datei FirewallRules: [TCP Query User{A062616C-7199-493F-8619-720A068A70A2}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc) FirewallRules: [UDP Query User{E6B532E6-767F-443E-B031-CEB3F5D57630}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc) FirewallRules: [{EAFF1D3A-234C-4CEA-A0F9-EDAF7C1B4EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warzone 2100\bin\warzone2100.exe (Warzone 2100 Project) [Datei ist nicht signiert] FirewallRules: [{A561E583-61CD-4257-97A1-0634974C2DA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warzone 2100\bin\warzone2100.exe (Warzone 2100 Project) [Datei ist nicht signiert] FirewallRules: [{8AFE83B3-7723-4B1E-B84D-F77E9837BC00}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1332A560-C66B-4595-AD58-AAC808FBF584}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{77E5794B-1BE5-49A4-A586-815F6ACB445D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{85E5EB62-8A8F-4E4D-8205-265446F18A5C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{B6C96438-8677-49DC-8B65-6EB5643D3341}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{FBA65EEE-FF7B-44A5-A164-D029CEF4F57E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{478D0F3E-1AA8-4035-B5EC-1797B1D2AE6C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{647DDFFB-B845-4CA1-8CBF-7F23876EEE13}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{DEFA4F63-72AE-46BE-A5FC-1813B94F81A7}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{4138EC57-22F2-43D6-9E67-98AD6FEA90CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AitD Prologue\AitDPrologue.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{C34B8CB7-F634-48BB-B7E4-40AA24875BA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AitD Prologue\AitDPrologue.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{480014BA-0F08-4B0F-9206-EF702303B155}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{E140EBEA-05C9-47C1-A457-02B4847375CC}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{258CC155-829F-4BF9-B1B4-DC0F2FF9736C}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.) FirewallRules: [{87A06BEB-4C1C-4BD8-9282-FB6A9694D6CD}] => (Allow) C:\Program Files\Unity\Hub\Editor\2022.3.10f1\Editor\Unity.exe (Unity Technologies ApS -> Unity Technologies) FirewallRules: [{F9D5B022-6456-4213-BE06-ED58CC4B8986}] => (Block) C:\Program Files\Unity\Hub\Editor\2022.3.10f1\Editor\Unity.exe (Unity Technologies ApS -> Unity Technologies) FirewallRules: [{3AFF3CE1-56DA-4D6E-A6A9-0FFED6D9553B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trepang2 Demo\CPPFPS.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{0A44FBB5-EB03-46E3-9314-6F10DBB41479}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trepang2 Demo\CPPFPS.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{FC0D4E53-09C1-4B65-A0A1-72A442FA611D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) FirewallRules: [{41A6BF3F-3F65-49EE-9058-B5179F4C76AE}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS) FirewallRules: [{298BB7B2-D4E3-45E6-90FC-E307996BD70A}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS) FirewallRules: [TCP Query User{FCC00902-4F5E-405B-90EB-302A23D15FC8}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Block) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [UDP Query User{B5809E4C-CAFB-488D-BDB2-B8CFE2FDDE19}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Block) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.) FirewallRules: [{6137EF17-4761-48A7-A2C4-FAD8C962C2F2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{CF12C5CC-7CF9-4D4C-AA28-2B9C8C352BD2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Wiederherstellungspunkte ========================= 18-11-2023 11:25:32 Windows Modules Installer 18-11-2023 11:26:20 Windows Modules Installer ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: SM-Bus-Controller Description: SM-Bus-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI-Gerät Description: PCI-Gerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: USB-Massenspeichergerät Description: USB-Massenspeichergerät Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Kompatibles USB-Speichergerät Service: USBSTOR Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47) Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available. Name: USB-Massenspeichergerät Description: USB-Massenspeichergerät Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Kompatibles USB-Speichergerät Service: USBSTOR Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47) Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available. Name: Intel(R) Ethernet Controller (3) I225-V Description: Intel(R) Ethernet Controller (3) I225-V Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Service: e2fexpress Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: PCI-Gerät Description: PCI-Gerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Netzwerkcontroller Description: Netzwerkcontroller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: RAID-Controller Description: RAID-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI-Gerät Description: PCI-Gerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Realtek Bluetooth 5.1 Adapter Description: Realtek Bluetooth 5.1 Adapter Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Realtek Semiconductor Corp. Service: BTHUSB Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: USB-Massenspeichergerät Description: USB-Massenspeichergerät Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Kompatibles USB-Speichergerät Service: USBSTOR Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47) Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI-Gerät Description: PCI-Gerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (11/20/2023 09:57:24 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: fef0 Startzeit: 01da1b8f8a571382 Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: ec1ea0f9-f205-4634-9a21-79df0b9d974a Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/20/2023 09:30:48 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 78f8 Startzeit: 01da1b8bcfbd150a Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: 6195aec7-fa3d-4575-bd57-65dde5795ab7 Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/20/2023 07:00:28 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: c72c Startzeit: 01da1b76d47a617e Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: 3de7c42b-7ddb-41db-b83d-ce669ec3886c Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/20/2023 04:33:33 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 83d0 Startzeit: 01da1b624fe7f078 Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: 6ad4928f-7dc8-49e9-939f-d13116f0436d Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/20/2023 01:55:50 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: f93c Startzeit: 01da1b4c358cffa1 Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: 2264bd8d-cb99-4cc9-beb3-2f43769021d8 Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/20/2023 12:00:50 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: ec8c Startzeit: 01da1b3c34ba01f4 Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: 9efff9c1-82c2-425d-a5b1-4992ac3bdef6 Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/19/2023 11:46:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 9374 Startzeit: 01da1b3a3ec356c1 Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe Bericht-ID: 553260af-9289-47dc-9815-934429132f2c Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Top level window is idle Error: (11/18/2023 11:26:15 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig. . Vorgang: Asynchroner Vorgang wird ausgeführt Kontext: Aktueller Status: DoSnapshotSet Systemfehler: ============= Error: (11/20/2023 04:56:50 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:49 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:49 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:48 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:48 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:05 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:05 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error: (11/20/2023 04:56:04 PM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Windows Defender: ================ Date: 2023-11-20 16:57:04 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Keygen&threatid=225063&enterprise=0 Name: PUA:Win32/Keygen Schweregrad: Niedrig Kategorie: Potenziell unerwünschte Software Pfad: file:_E:\Plug-In u. VST\Native Instruments Kontakt 5\Patch x86.x64\Kontakt.v5.2.1-PATCH.exe Erkennungsursprung: Netzwerkfreigabe Erkennungstype: Konkret Erkennungsquelle: Benutzer Benutzer: DESKTOP-HKLF9N7\WORKSTATION Prozessname: Unknown Sicherheitsversion: AV: 1.401.908.0, AS: 1.401.908.0, NIS: 1.401.908.0 Modulversion: AM: 1.1.23100.2009, NIS: 1.1.23100.2009 Date: 2023-11-20 16:17:12 Description: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern. Erkennungszeit: 2023-11-20T15:17:12.067Z Benutzer: DESKTOP-HKLF9N7\WORKSTATION Pfad: %userprofile%\Documents\AdobeGCData\ Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe Sicherheitsversion: 1.401.908.0 Modulversion: 1.1.23100.2009 Produktversion: 4.18.23100.2009 Date: 2023-11-20 16:17:12 Description: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern. Erkennungszeit: 2023-11-20T15:17:12.066Z Benutzer: DESKTOP-HKLF9N7\WORKSTATION Pfad: %userprofile%\Documents\AdobeGCData\ Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe Sicherheitsversion: 1.401.908.0 Modulversion: 1.1.23100.2009 Produktversion: 4.18.23100.2009 Date: 2023-11-20 16:17:12 Description: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern. Erkennungszeit: 2023-11-20T15:17:12.066Z Benutzer: DESKTOP-HKLF9N7\WORKSTATION Pfad: %userprofile%\Documents\AdobeGCData\ Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe Sicherheitsversion: 1.401.908.0 Modulversion: 1.1.23100.2009 Produktversion: 4.18.23100.2009 Date: 2023-11-20 16:17:12 Description: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern. Erkennungszeit: 2023-11-20T15:17:12.065Z Benutzer: DESKTOP-HKLF9N7\WORKSTATION Pfad: %userprofile%\Documents\AdobeGCData\ Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe Sicherheitsversion: 1.401.908.0 Modulversion: 1.1.23100.2009 Produktversion: 4.18.23100.2009 Event[0]: Date: 2023-11-21 13:29:25 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.401.908.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.23100.2009 Fehlercode: 0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". Date: 2023-11-21 13:29:21 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.401.908.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.23100.2009 Fehlercode: 0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". Date: 2023-04-14 07:19:41 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.387.870.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.20200.4 Fehlercode: 0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". Date: 2023-03-11 21:50:56 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.383.1577.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.20000.2 Fehlercode: 0x80240438 Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". CodeIntegrity: =============== Date: 2023-11-20 16:19:24 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_08a52cf2f322ba79\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 2004 08/24/2022 Hauptplatine: ASUSTeK COMPUTER INC. ROG STRIX Z690-F GAMING WIFI Prozessor: 12th Gen Intel(R) Core(TM) i7-12700K Prozentuale Nutzung des RAM: 48% Installierter physikalischer RAM: 65277.42 MB Verfügbarer physikalischer RAM: 33726.93 MB Summe virtueller Speicher: 75005.42 MB Verfügbarer virtueller Speicher: 18775.09 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:930.86 GB) (Free:233.38 GB) (Model: WD_BLACK SN770 1TB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:742.82 GB) (Model: WD_BLACK SN770 1TB) NTFS Drive f: (STUDIO BASIS) (Fixed) (Total:100.61 GB) (Free:8.68 GB) (Model: ASMT ASM1156-PM SCSI Disk Device) NTFS Drive g: () (Removable) (Total:29.86 GB) (Free:29.86 GB) FAT32 Drive k: (GAMING, STUDIO, CC) (Fixed) (Total:931.51 GB) (Free:27.28 GB) (Model: ASMT ASM1156-PM SCSI Disk Device) NTFS \\?\Volume{ace156fe-f69b-4e11-b3e7-83a1f49cd2df}\ () (Fixed) (Total:0.53 GB) (Free:0.06 GB) NTFS \\?\Volume{d16583dc-1548-43ce-a208-175893b6751a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 59535ABC) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 595365C2) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: BB8F2C62) Partition 1: (Active) - (Size=100.6 GB) - (Type=07 NTFS) ========================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1101698E) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 4 (MBR Code: Windows 7/8/10) (Size: 29.9 GB) (Disk ID: B2A4EC16) Partition 1: (Active) - (Size=29.9 GB) - (Type=FAT32) ==================== Ende von Addition.txt ======================= Ich versuche ihn nochmal über die Vollständige Überprüfung von Win10 zu löschen, wenn die ihn erkennt. Nachdem ich die Datei gelöscht habe und sie trotzdem noch in den FRST-Files auftauchte, habe ich eine Vollständige Überprüfung in der Windows-Sicherheit ausgeführt. Da wurde die Datei gefunden, ich habe dann auf Entfernen und auf Aktion starten geklickt. Danach habe ich die Überprüfung nochmal ausgeführt und die Datei war wieder da. Ich entfernte sie nochmal und wiederholte die Überprüfung. Insgesamt habe ich das dreimal gemacht, aber die Virensuche findet immer wieder diese Datei, obwohl ich sie danach jedes Mal entfernen lassen. Was sollte ich tun? |
21.11.2023, 22:04 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hackerangriff Trojanervirus Willst du mich nicht verstehen? Du hast die Software immer noch installiert. Die und jede andere gecrackte Software muss runter bevor es hier auch nur ansatzweise weitergeht.
__________________ Logfiles bitte immer in CODE-Tags posten |
22.11.2023, 14:24 | #13 |
| Hackerangriff Trojanervirus Ich glaube sogar, es recht gut verstanden zu haben, zumal ich dir völlig Recht gebe, dass so eine Datei nichts auf meinem Rechner zu suchen hat. Also ja, ich habe dich möglicherweise verstanden. Nun zu den Fakten: Ich habe die Datei gelöscht. Nicht nur die Datei, nein, den gesamten Ordner, in welchem sie sich befand. Nun nochmal Fakten: Die Logfiles zeigen die Datei weiterhin an, sogar wenn ich die genannte Festplatte ausstecke, wird sie genannt. Ich habe WIN10-Virenprogramm viele Male laufen lassen, immer angezeigt, immer gelöscht. Die Datei weiterhin genannt. Ich finde die Datei nicht, ich habe sie gelöscht, trotzdem wird sie angezeigt. Gibt es unsichtbare Dateien, gibt es Fehler? Ich weiß es nicht und bat ehrlich und aufrichtig um Hilfe. Das ist alles. Also wenn jemand mir helfen kann, dann wäre ich dankbar. |
22.11.2023, 14:29 | #14 | ||
/// Winkelfunktion /// TB-Süch-Tiger™ | Hackerangriff Trojanervirus Ich fühle mich langsam verschaukelt. Was bitte ist denn an Zitat:
Du gehst jetzt in der Systemsteuerung in die Liste der installierten Programme. Und da DEINSTALLIERST du alles, was gecrackt oder illegal freigeschaltet wurde. Da gehört mindestens das dazu: Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
23.11.2023, 09:53 | #15 |
| Hackerangriff Trojanervirus Das hatte ich bereits getan, als ich die letzte Nachricht geschrieben habe; das Programm deinstalliert und den gesamten Ordner gelöscht. Gibt es sonst noch etwas zu machen? |
Themen zu Hackerangriff Trojanervirus |
antivirus, computer, dateien, detected, diverse, einloggen, entfernen, festplatte, forum, frage, geld, hacked, internet, laptop, opera, passwort, security, software, starten, systeme, trojaner, virus, warning, werbung, windows |