Zurück   Trojaner-Board > Web/PC > Alles rund um Windows
Schwarzer Bildschirm, CMD Fenster geht auf und zu, langsames Internet - Windows 10 Rechner infiziert?

Schwarzer Bildschirm, CMD Fenster geht auf und zu, langsames Internet - Windows 10 Rechner infiziert?


Alles rund um Windows: Schwarzer Bildschirm, CMD Fenster geht auf und zu, langsames Internet - Windows 10 Rechner infiziert?

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 27.11.2023, 20:42   #1
OEM
 
Schwarzer Bildschirm, CMD Fenster geht auf und zu, langsames Internet - Windows 10 Rechner infiziert? - Standard

Problem: Schwarzer Bildschirm, CMD Fenster geht auf und zu, langsames Internet - Windows 10 Rechner infiziert?


Zitat:
Zitat von cosinus Beitrag anzeigen
Leider sieht man auch hier wieder die typischen Laienfehler:



Völlig unsinniger bis kontraproduktiver Avast-Virenscanner installiert, dazu ein Kaputtmacher wie CCleaner und unsinnige VPN-Software. Dazu auch noch ein sehr sinnfreies WinZip

Alles umgehend deinstallieren.

Alles gerade deinstalliert.

Erneut gescannt.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Ran by bseve (administrator) on LAPTOP-DBF6PCMD (Dynabook Inc. SATELLITE PRO C40-G-109) (27-11-2023 20:32:43)
Running from C:\Users\Maslina\Downloads\FRST64.exe
Loaded Profiles: defaultuser0 & bseve & Maslina
Platform: Microsoft Windows 10 Pro Education Version 22H2 19045.3693 (X64) Language: English (United Kingdom)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(5E8CAF4E-19CA-4DD9-B24C-ED3D89361853 -> Dynabook Inc.) C:\Program Files\WindowsApps\7906AAC0.dynabookSupportUtility_1.1.4.0_x64__nvaxck9xhg5vg\dynabook Support Utility\dynabookSupportUtility.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <28>
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_24b5eb49ea57c0a4\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_24b5eb49ea57c0a4\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe
(services.exe ->) (MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Skype Software Sarl -> ) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(svchost.exe ->) (Skype Software Sarl -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-494448607-1303044631-3617626462-1001\...\Run: [MicrosoftEdgeAutoLaunch_FC1CA27929C988F6D051E170E9C0442B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-494448607-1303044631-3617626462-1002\...\Run: [MicrosoftEdgeAutoLaunch_2971F37554576828C45809786ABAFBDF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {D973A38D-76BB-4FB3-94D3-547D033F9F65} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {EEEC1E03-2D53-4F27-B5D8-EA278A20A1D1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F977EAE-1BF8-4CD2-A5B1-24FFE3468EF1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118128 2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFF78479-7E6E-40E8-995C-752B6085A291} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118128 2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {F358D704-2D64-4F21-8EAD-2D6D6F6CFF3F} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\Windows\System32\unifiedconsent.dll [278016 2023-11-26] (Microsoft Windows -> Microsoft Corporation)
Task: {98CB6CCF-0F3C-4E0B-A301-8101B7A1AD42} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-26] (Microsoft Windows -> Microsoft Corporation)
Task: {18B51DC4-D017-4FF6-91BD-0607C749E039} - System32\Tasks\MiniTool ShadowMaker => C:\Program Files\MiniTool ShadowMaker\SMMonitor.exe [1033024 2023-10-23] (MiniTool Software Limited -> )
Task: {49DCFB95-1896-407F-A2CA-D87976E8BEF7} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {BE161B24-06A3-40A0-A237-767481BF483B} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe [1249848 2021-03-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E36E1EAE-E6F9-4E22-BDDF-B83308BE8DC8} - System32\Tasks\WinZip Preloader => "C:\Program Files\WinZip\WzPreloader.exe"  (No File)
Task: {3E58C6BA-7B5D-488C-91F2-3D7C268B39E4} - System32\Tasks\WinZip UN => "C:\Program Files\WinZip\WZUpdateNotifier.exe"  -show (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4f612f0e-e2ae-4c52-845a-92933457c4ae}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\bseve\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-26]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\bseve\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-11-26]
Edge Extension: (Google Docs Offline) - C:\Users\bseve\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-25]
Edge Extension: (Edge relevant text changes) - C:\Users\bseve\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-25]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853384 2020-10-05] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-25] (Malwarebytes Inc. -> Malwarebytes)
R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [732992 2023-10-23] (MiniTool Software Limited -> )
R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [225088 2023-10-23] (MiniTool Software Limited -> )
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16036272 2023-11-03] (ADLICE -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534584 2023-11-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222784 2023-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-11-25] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [200104 2023-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2023-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2023-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188008 2023-11-26] (Malwarebytes Inc. -> Malwarebytes)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2021-03-26] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2021-03-26] (MiniTool Solution Ltd -> )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-27 20:27 - 2023-11-27 20:27 - 000000000 ____D C:\Users\bseve\AppData\Local\PeerDistRepub
2023-11-27 19:09 - 2023-11-27 19:09 - 000001425 _____ C:\Users\Maslina\Downloads\MBAM271123.txt
2023-11-27 19:05 - 2023-11-27 19:05 - 000000000 ____D C:\Users\bseve\AppData\Local\mbam
2023-11-27 17:46 - 2023-11-27 18:55 - 000000000 ____D C:\ProgramData\RogueKiller
2023-11-27 17:46 - 2023-11-27 17:46 - 000054208 _____ C:\Windows\system32\Drivers\truesight.sys
2023-11-27 17:46 - 2023-11-27 17:46 - 000000910 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2023-11-27 17:46 - 2023-11-27 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2023-11-27 17:45 - 2023-11-27 17:46 - 000000000 ____D C:\Program Files\RogueKiller
2023-11-27 17:37 - 2023-11-27 17:44 - 047819824 _____ (Adlice Software ) C:\Users\Maslina\Downloads\RogueKiller_setup.exe
2023-11-27 16:52 - 2023-11-27 16:52 - 000000000 ____D C:\Users\bseve\AppData\Local\system_backup_gui
2023-11-27 16:46 - 2023-11-27 16:53 - 000000000 ____D C:\Users\bseve\AppData\Local\WinZip
2023-11-27 16:46 - 2023-11-27 16:51 - 000000000 ____D C:\Users\bseve\Documents\treesizefree-portable
2023-11-26 18:20 - 2023-11-26 18:20 - 000188008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-11-26 18:19 - 2023-11-26 18:19 - 000000085 _____ C:\Windows\wininit.ini
2023-11-26 17:58 - 2023-11-26 17:58 - 000000000 ____D C:\Users\bseve\AppData\Roaming\Microsoft\HTML Help
2023-11-26 17:26 - 2023-11-26 17:26 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking
2023-11-26 17:21 - 2023-11-26 18:19 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2023-11-26 17:20 - 2023-11-26 17:20 - 065069568 _____ (Safer-Networking Ltd. ) C:\Users\bseve\Downloads\spybotsd-2.9.85.5 (1).exe
2023-11-26 17:14 - 2023-11-26 17:15 - 000000000 ____D C:\AdwCleaner
2023-11-26 17:14 - 2023-11-26 17:14 - 008791352 _____ (Malwarebytes) C:\Users\bseve\Downloads\adwcleaner.exe
2023-11-26 16:59 - 2023-11-26 16:59 - 000000000 ____D C:\Users\bseve\AppData\Local\Avast Software
2023-11-26 16:39 - 2023-11-26 16:39 - 000000000 ____D C:\Users\bseve\AppData\Roaming\Avast Software
2023-11-26 16:39 - 2023-11-26 16:39 - 000000000 ____D C:\Users\bseve\AppData\Local\CEF
2023-11-26 16:33 - 2023-11-27 19:21 - 000024234 _____ C:\Users\Maslina\Downloads\Addition.txt
2023-11-26 16:17 - 2023-11-27 20:33 - 000013623 _____ C:\Users\Maslina\Downloads\FRST.txt
2023-11-26 16:16 - 2023-11-27 20:33 - 000000000 ____D C:\FRST
2023-11-26 16:16 - 2023-11-26 16:16 - 000000000 ____D C:\Users\Maslina\Downloads\FRST-OlderVersion
2023-11-26 16:15 - 2023-11-26 16:16 - 002383872 _____ (Farbar) C:\Users\Maslina\Downloads\FRST64.exe
2023-11-26 15:32 - 2023-11-26 15:32 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-11-26 14:59 - 2023-11-26 11:28 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-11-26 14:53 - 2023-11-26 15:00 - 000000000 ____D C:\Windows\SystemTemp
2023-11-26 14:53 - 2023-11-26 14:53 - 000000000 ____D C:\Windows\system32\Drivers\mde
2023-11-26 14:33 - 2023-11-27 19:17 - 000000000 ____D C:\Users\bseve\AppData\Roaming\QtProject
2023-11-26 14:32 - 2023-11-26 14:32 - 000003074 _____ C:\Windows\system32\Tasks\MiniTool ShadowMaker
2023-11-26 14:32 - 2023-11-26 14:32 - 000000993 _____ C:\Users\Public\Desktop\MiniTool ShadowMaker.lnk
2023-11-26 14:32 - 2023-11-26 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool ShadowMaker
2023-11-26 14:32 - 2021-03-26 11:07 - 003600896 _____ C:\Windows\system32\pwNative.exe
2023-11-26 14:32 - 2021-03-26 11:07 - 000019152 _____ C:\Windows\system32\pwdrvio.sys
2023-11-26 14:32 - 2021-03-26 11:07 - 000012504 _____ C:\Windows\system32\pwdspio.sys
2023-11-26 14:31 - 2023-11-26 14:31 - 000003276 _____ C:\Windows\system32\Tasks\MiniToolPartitionWizard
2023-11-26 14:31 - 2023-11-26 14:31 - 000001039 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard.lnk
2023-11-26 14:31 - 2023-11-26 14:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12
2023-11-26 14:30 - 2023-11-27 16:53 - 000000000 ____D C:\Program Files\MiniTool ShadowMaker
2023-11-26 14:30 - 2023-11-26 14:33 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12
2023-11-26 14:28 - 2023-11-26 14:28 - 003253368 _____ (MiniTool Software Limited ) C:\Users\Maslina\Downloads\pw-free-online.exe
2023-11-26 14:28 - 2023-11-26 14:28 - 003253368 _____ (MiniTool Software Limited ) C:\Users\Maslina\Downloads\pw-free-online (1).exe
2023-11-26 14:23 - 2023-11-26 14:23 - 000016059 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2023-11-26 12:21 - 2023-11-26 12:21 - 000034356 _____ C:\Users\bseve\Documents\cc_20231126_122140.reg
2023-11-26 12:05 - 2023-11-26 12:05 - 000000000 ___HD C:\$WinREAgent
2023-11-26 11:54 - 2023-11-27 16:47 - 000001021 _____ C:\Users\bseve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TreeSizeFree.lnk
2023-11-26 11:54 - 2023-11-26 11:54 - 000001027 _____ C:\Users\Maslina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TreeSizeFree.lnk
2023-11-26 11:53 - 2023-11-26 12:04 - 000000000 ____D C:\Users\Maslina\Downloads\treesizefree-portable
2023-11-26 11:52 - 2023-11-26 11:53 - 016760573 _____ C:\Users\Maslina\Downloads\treesizefree-portable.zip
2023-11-26 11:52 - 2023-11-26 11:52 - 000000000 ____D C:\ProgramData\UniqueId
2023-11-26 11:31 - 2023-11-26 11:31 - 000000000 ____D C:\Users\Maslina\AppData\Local\Avast Software
2023-11-26 11:30 - 2023-11-26 11:30 - 000000000 ____D C:\Users\Maslina\AppData\Roaming\Avast Software
2023-11-26 11:30 - 2023-11-26 11:30 - 000000000 ____D C:\Users\Maslina\AppData\Local\CEF
2023-11-26 11:28 - 2023-11-26 11:28 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-11-26 11:27 - 2023-11-26 11:27 - 000000000 ____D C:\Program Files\Avast Software
2023-11-26 11:26 - 2023-11-27 20:27 - 000000000 ____D C:\ProgramData\Avast Software
2023-11-26 11:26 - 2023-11-26 11:26 - 000263576 _____ (AVAST Software) C:\Users\Maslina\Downloads\avast_free_antivirus_setup_online.exe
2023-11-26 10:45 - 2023-11-26 10:45 - 000000000 ____D C:\Users\Maslina\AppData\Roaming\Microsoft\MMC
2023-11-26 10:35 - 2023-11-26 10:35 - 000000000 ____D C:\Users\bseve\AppData\Local\ElevatedDiagnostics
2023-11-26 10:04 - 2023-11-27 19:15 - 000000000 ____D C:\Users\bseve\AppData\Local\Malwarebytes
2023-11-26 04:45 - 2023-11-26 14:53 - 000000000 ___SD C:\Windows\system32\AppV
2023-11-26 04:45 - 2023-11-26 14:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-11-26 04:45 - 2023-11-26 04:45 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2023-11-26 04:45 - 2023-11-26 04:45 - 000000000 ____D C:\Windows\RemotePackages
2023-11-26 04:45 - 2023-11-25 12:56 - 000000000 ____D C:\Windows\CSC
2023-11-26 04:38 - 2023-11-26 04:38 - 000000046 _____ C:\Windows\RicaOption.ini
2023-11-26 04:38 - 2023-11-25 23:14 - 000000000 ____D C:\Windows\Panther
2023-11-25 23:20 - 2023-11-26 15:16 - 000000000 ____D C:\Users\Maslina\AppData\Local\CrashDumps
2023-11-25 23:19 - 2023-11-25 23:19 - 000001528 _____ C:\Users\bseve\Documents\startup.txt
2023-11-25 23:11 - 2023-11-25 23:11 - 060967624 _____ (Piriform Software Ltd) C:\Users\Maslina\Downloads\ccsetup617.exe
2023-11-25 23:10 - 2023-11-25 23:10 - 000000000 ____D C:\Users\Maslina\AppData\Roaming\Microsoft\Spelling
2023-11-25 23:01 - 2023-11-27 19:23 - 000000000 ____D C:\Users\Maslina\AppData\Local\Malwarebytes
2023-11-25 23:01 - 2023-11-25 23:01 - 000000000 ____D C:\Users\Maslina\AppData\Local\mbam
2023-11-25 23:00 - 2023-11-25 23:00 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-11-25 23:00 - 2023-11-25 23:00 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-11-25 22:59 - 2023-11-25 22:59 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-11-25 22:59 - 2023-11-25 22:59 - 000000000 ____D C:\Program Files\Malwarebytes
2023-11-25 22:57 - 2023-11-25 23:15 - 000000000 ____D C:\Users\Maslina\AppData\Local\Publishers
2023-11-25 22:57 - 2023-11-25 22:57 - 002606880 _____ (Malwarebytes) C:\Users\Maslina\Downloads\mbsetup.exe
2023-11-25 22:57 - 2023-11-25 22:57 - 000000000 ____D C:\Users\Maslina\AppData\Local\Comms
2023-11-25 22:55 - 2023-11-27 17:10 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-494448607-1303044631-3617626462-1002
2023-11-25 22:54 - 2023-11-27 17:10 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-494448607-1303044631-3617626462-1002
2023-11-25 22:54 - 2023-11-26 11:29 - 000000000 ____D C:\Users\Maslina\AppData\Local\D3DSCache
2023-11-25 22:54 - 2023-11-25 22:54 - 000000000 ___RD C:\Users\Maslina\OneDrive
2023-11-25 22:52 - 2023-11-27 20:23 - 000000000 ____D C:\Users\Maslina\AppData\Local\Packages
2023-11-25 22:52 - 2023-11-27 19:23 - 000000000 __SHD C:\Users\Maslina\IntelGraphicsProfiles
2023-11-25 22:52 - 2023-11-27 17:10 - 000002396 _____ C:\Users\Maslina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-25 22:52 - 2023-11-26 15:05 - 000002359 _____ C:\Users\Maslina\Desktop\Microsoft Edge.lnk
2023-11-25 22:52 - 2023-11-25 22:54 - 000000000 ____D C:\Users\Maslina
2023-11-25 22:52 - 2023-11-25 22:53 - 000000000 ____D C:\Users\Maslina\AppData\Local\Intel
2023-11-25 22:52 - 2023-11-25 22:52 - 000000020 ___SH C:\Users\Maslina\ntuser.ini
2023-11-25 22:52 - 2023-11-25 22:52 - 000000000 ___SD C:\Users\Maslina\AppData\Roaming\Microsoft\SystemCertificates
2023-11-25 22:52 - 2023-11-25 22:52 - 000000000 ___SD C:\Users\Maslina\AppData\Roaming\Microsoft\Protect
2023-11-25 22:52 - 2023-11-25 22:52 - 000000000 ___SD C:\Users\Maslina\AppData\Roaming\Microsoft\Crypto
2023-11-25 22:52 - 2023-11-25 22:52 - 000000000 ___SD C:\Users\Maslina\AppData\Roaming\Microsoft\Credentials
2023-11-25 22:52 - 2023-11-25 22:52 - 000000000 ___RD C:\Users\Maslina\3D Objects
2023-11-25 22:52 - 2023-11-25 22:52 - 000000000 ____D C:\Users\Maslina\AppData\Roaming\Microsoft\Windows
2023-11-25 22:52 - 2023-11-25 22:52 - 000000000 ____D C:\Users\Maslina\AppData\Roaming\Microsoft\Vault
2023-11-25 22:52 - 2023-11-25 22:52 - 000000000 ____D C:\Users\Maslina\AppData\Roaming\Microsoft\Network
2023-11-25 22:52 - 2023-11-25 22:52 - 000000000 ____D C:\Users\Maslina\AppData\Roaming\Adobe
2023-11-25 22:52 - 2023-11-25 22:52 - 000000000 ____D C:\Users\Maslina\AppData\LocalLow\Intel
2023-11-25 22:52 - 2023-11-25 22:52 - 000000000 ____D C:\Users\Maslina\AppData\Local\VirtualStore
2023-11-25 22:52 - 2023-11-25 22:52 - 000000000 ____D C:\Users\Maslina\AppData\Local\ConnectedDevicesPlatform
2023-11-25 22:36 - 2021-09-02 06:21 - 000309688 _____ (Intel Corporation) C:\Windows\system32\libmfxhw64.dll
2023-11-25 22:36 - 2021-09-02 06:21 - 000257072 _____ (Intel Corporation) C:\Windows\SysWOW64\libmfxhw32.dll
2023-11-25 22:36 - 2021-09-02 06:21 - 000173080 _____ (Intel Corporation) C:\Windows\system32\intel_gfx_api-x64.dll
2023-11-25 22:36 - 2021-09-02 06:21 - 000148368 _____ (Intel Corporation) C:\Windows\SysWOW64\intel_gfx_api-x86.dll
2023-11-25 22:36 - 2021-09-02 06:20 - 001859640 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-11-25 22:36 - 2021-09-02 06:20 - 001859640 _____ C:\Windows\system32\vulkaninfo.exe
2023-11-25 22:36 - 2021-09-02 06:20 - 001440304 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-11-25 22:36 - 2021-09-02 06:20 - 001440304 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-11-25 22:36 - 2021-09-02 06:20 - 001102328 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-11-25 22:36 - 2021-09-02 06:20 - 001102328 _____ C:\Windows\system32\vulkan-1.dll
2023-11-25 22:36 - 2021-09-02 06:20 - 000956432 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-11-25 22:36 - 2021-09-02 06:20 - 000956432 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-11-25 22:31 - 2023-11-25 22:31 - 000000000 ____D C:\Users\bseve\AppData\Local\Comms
2023-11-25 22:29 - 2023-11-25 22:30 - 000000000 ____D C:\Windows\system32\MRT
2023-11-25 22:24 - 2023-11-25 22:24 - 000000000 ____D C:\Windows\Firmware
2023-11-25 22:23 - 2023-11-26 16:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-25 22:14 - 2023-11-25 22:15 - 000000000 ____D C:\Users\bseve\AppData\Local\Publishers
2023-11-25 22:12 - 2023-11-26 15:03 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2023-11-25 22:06 - 2023-11-26 10:17 - 000000000 ____D C:\Users\bseve\AppData\Local\D3DSCache
2023-11-25 22:05 - 2023-11-25 22:05 - 000000000 ____D C:\Users\bseve\AppData\Roaming\Microsoft\Spelling
2023-11-25 22:05 - 2023-11-25 22:05 - 000000000 ____D C:\Users\bseve\AppData\Roaming\Microsoft\MMC
2023-11-25 22:04 - 2023-11-25 22:04 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-494448607-1303044631-3617626462-1001
2023-11-25 22:04 - 2023-11-25 22:04 - 000000000 ___RD C:\Users\bseve\OneDrive
2023-11-25 22:04 - 2023-11-25 22:04 - 000000000 ____D C:\Users\bseve\AppData\Roaming\Microsoft\InputMethod
2023-11-25 22:03 - 2023-11-25 22:03 - 000000000 ____D C:\Users\bseve\AppData\LocalLow\Intel
2023-11-25 22:02 - 2023-11-27 19:15 - 000000000 __SHD C:\Users\bseve\IntelGraphicsProfiles
2023-11-25 22:02 - 2023-11-27 16:57 - 000000000 ____D C:\Users\bseve\AppData\Local\Packages
2023-11-25 22:02 - 2023-11-26 16:27 - 000002359 _____ C:\Users\bseve\Desktop\Microsoft Edge.lnk
2023-11-25 22:02 - 2023-11-25 22:13 - 000000000 ____D C:\Users\bseve\AppData\Local\ConnectedDevicesPlatform
2023-11-25 22:02 - 2023-11-25 22:03 - 000000000 ____D C:\Users\bseve\AppData\Local\Intel
2023-11-25 22:02 - 2023-11-25 22:02 - 000000000 ___SD C:\Users\bseve\AppData\Roaming\Microsoft\Crypto
2023-11-25 22:02 - 2023-11-25 22:02 - 000000000 ___RD C:\Users\bseve\3D Objects
2023-11-25 22:02 - 2023-11-25 22:02 - 000000000 ____D C:\Users\bseve\AppData\Roaming\Microsoft\Vault
2023-11-25 22:02 - 2023-11-25 22:02 - 000000000 ____D C:\Users\bseve\AppData\Roaming\Adobe
2023-11-25 22:02 - 2023-11-25 22:02 - 000000000 ____D C:\Users\bseve\AppData\Local\VirtualStore
2023-11-25 22:00 - 2023-11-25 22:04 - 000002374 _____ C:\Users\bseve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-25 22:00 - 2023-11-25 22:04 - 000000000 ____D C:\Users\bseve
2023-11-25 22:00 - 2023-11-25 22:03 - 000000000 ____D C:\Users\bseve\AppData\Roaming\Microsoft\Windows
2023-11-25 22:00 - 2023-11-25 22:00 - 000000020 ___SH C:\Users\bseve\ntuser.ini
2023-11-25 22:00 - 2023-11-25 22:00 - 000000000 ___SD C:\Users\bseve\AppData\Roaming\Microsoft\SystemCertificates
2023-11-25 22:00 - 2023-11-25 22:00 - 000000000 ___SD C:\Users\bseve\AppData\Roaming\Microsoft\Protect
2023-11-25 22:00 - 2023-11-25 22:00 - 000000000 ___SD C:\Users\bseve\AppData\Roaming\Microsoft\Credentials
2023-11-25 21:57 - 2023-11-25 21:57 - 000000000 ___SD C:\Users\defaultuser0\AppData\Roaming\Microsoft\SystemCertificates
2023-11-25 12:56 - 2023-11-25 12:56 - 000000000 ____D C:\Users\defaultuser0\AppData\Roaming\Microsoft\Vault
2023-11-25 12:56 - 2023-11-25 12:56 - 000000000 ____D C:\Users\defaultuser0\AppData\Roaming\Microsoft\Network
2023-11-25 12:55 - 2023-11-25 21:59 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2023-11-25 12:55 - 2023-11-25 12:56 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Intel
2023-11-25 12:55 - 2023-11-25 12:55 - 000000000 __SHD C:\Users\defaultuser0\IntelGraphicsProfiles
2023-11-25 12:55 - 2023-11-25 12:55 - 000000000 ___SD C:\Users\defaultuser0\AppData\Roaming\Microsoft\Crypto
2023-11-25 12:55 - 2023-11-25 12:55 - 000000000 ____D C:\Users\defaultuser0\AppData\Roaming\Microsoft\Spelling
2023-11-25 12:55 - 2023-11-25 12:55 - 000000000 ____D C:\Users\defaultuser0\AppData\LocalLow\Intel
2023-11-25 12:55 - 2023-11-25 12:55 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore
2023-11-25 12:55 - 2023-11-25 12:55 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2023-11-25 12:54 - 2023-11-25 12:55 - 000000000 ____D C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows
2023-11-25 12:54 - 2023-11-25 12:55 - 000000000 ____D C:\Users\defaultuser0
2023-11-25 12:54 - 2023-11-25 12:54 - 000000020 ___SH C:\Users\defaultuser0\ntuser.ini
2023-11-25 12:54 - 2023-11-25 12:54 - 000000000 _SHDL C:\Documents and Settings
2023-11-25 12:54 - 2023-11-25 12:54 - 000000000 ___SD C:\Users\defaultuser0\AppData\Roaming\Microsoft\Protect
2023-11-25 12:54 - 2023-11-25 12:54 - 000000000 ___SD C:\Users\defaultuser0\AppData\Roaming\Microsoft\Credentials
2023-11-25 12:39 - 2023-11-25 12:52 - 000022863 _____ C:\Windows\diagwrn.xml
2023-11-25 12:39 - 2023-11-25 12:52 - 000022863 _____ C:\Windows\diagerr.xml
2023-11-25 12:39 - 2023-11-25 12:39 - 000000206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IOLO.url
2023-11-25 12:39 - 2023-11-25 12:39 - 000000206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.url
2023-11-25 12:38 - 2023-11-25 12:54 - 000002432 _____ C:\Windows\system32\Tasks\WinZip UN
2023-11-25 12:38 - 2023-11-25 12:54 - 000002364 _____ C:\Windows\system32\Tasks\WinZip Preloader
2023-11-25 12:38 - 2023-11-25 12:38 - 000000000 ____D C:\Windows\OEM
2023-11-25 12:37 - 2023-11-25 22:18 - 000000000 ____D C:\ProgramData\Dynabook
2023-11-25 12:37 - 2023-11-25 12:37 - 000000214 _____ C:\Users\Public\Desktop\Dynabook Services.url
2023-11-25 12:36 - 2023-11-25 22:16 - 000000000 ____D C:\ProgramData\Packages
2023-11-25 12:35 - 2023-11-25 12:35 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2023-11-25 12:35 - 2023-11-25 12:35 - 000002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2023-11-25 12:35 - 2023-11-25 12:35 - 000002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-11-25 12:35 - 2023-11-25 12:35 - 000002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-11-25 12:35 - 2023-11-25 12:35 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-11-25 12:35 - 2023-11-25 12:35 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2023-11-25 12:35 - 2023-11-25 12:35 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2023-11-25 12:35 - 2023-11-25 12:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-11-25 12:32 - 2023-11-27 16:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-11-25 12:32 - 2023-11-25 12:32 - 000000000 ____D C:\Program Files\Microsoft Office 15
2023-11-25 12:29 - 2023-11-25 22:26 - 000003366 _____ C:\Windows\system32\Tasks\RtkAudUService64_BG
2023-11-25 12:27 - 2023-11-25 12:27 - 000000000 ____D C:\ProgramData\RealtekLAN
2023-11-25 12:26 - 2023-11-25 22:54 - 000000000 ____D C:\ProgramData\Intel
2023-11-25 12:25 - 2023-11-26 18:20 - 000000000 ____D C:\Intel
2023-11-25 12:25 - 2023-11-25 12:25 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2023-11-25 12:17 - 2023-11-26 15:00 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-25 12:16 - 2023-11-25 21:59 - 000003534 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-11-25 12:16 - 2023-11-25 21:59 - 000003410 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-11-25 11:47 - 2023-11-25 12:54 - 000002854 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-494448607-1303044631-3617626462-500

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-27 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-11-27 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-27 16:52 - 2021-01-14 05:19 - 003854352 _____ C:\Windows\system32\PerfStringBackup.INI
2023-11-27 16:52 - 2020-05-12 04:07 - 000492788 _____ C:\Windows\system32\perfh011.dat
2023-11-27 16:52 - 2020-05-12 04:07 - 000137288 _____ C:\Windows\system32\perfc011.dat
2023-11-27 16:52 - 2020-05-12 04:03 - 000471280 _____ C:\Windows\system32\perfh006.dat
2023-11-27 16:52 - 2020-05-12 04:03 - 000083826 _____ C:\Windows\system32\perfc006.dat
2023-11-27 16:52 - 2020-05-12 04:00 - 000443008 _____ C:\Windows\system32\perfh00B.dat
2023-11-27 16:52 - 2020-05-12 04:00 - 000085860 _____ C:\Windows\system32\perfc00B.dat
2023-11-27 16:52 - 2020-05-12 03:57 - 000456664 _____ C:\Windows\system32\perfh014.dat
2023-11-27 16:52 - 2020-05-12 03:57 - 000081484 _____ C:\Windows\system32\perfc014.dat
2023-11-27 16:52 - 2020-05-12 03:54 - 000719274 _____ C:\Windows\system32\perfh01D.dat
2023-11-27 16:52 - 2020-05-12 03:54 - 000149998 _____ C:\Windows\system32\perfc01D.dat
2023-11-27 16:52 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-11-26 18:20 - 2021-01-14 22:12 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-26 18:20 - 2021-01-14 22:12 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-11-26 18:19 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-11-26 17:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-26 16:27 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-11-26 16:21 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-11-26 14:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-11-26 14:58 - 2021-01-14 22:12 - 000533536 _____ C:\Windows\system32\FNTCACHE.DAT
2023-11-26 14:54 - 2020-05-12 04:07 - 000000000 ____D C:\Windows\SysWOW64\ja
2023-11-26 14:54 - 2020-05-12 04:03 - 000000000 ____D C:\Windows\SysWOW64\da
2023-11-26 14:54 - 2020-05-12 04:00 - 000000000 ____D C:\Windows\SysWOW64\fi
2023-11-26 14:54 - 2020-05-12 03:57 - 000000000 ____D C:\Windows\SysWOW64\no
2023-11-26 14:54 - 2020-05-12 03:54 - 000000000 ____D C:\Windows\SysWOW64\sv
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Keywords
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2023-11-26 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2023-11-26 14:53 - 2021-01-14 22:23 - 000000000 ____D C:\Windows\system32\Sysprep
2023-11-26 14:53 - 2020-05-12 04:07 - 000000000 ____D C:\Windows\system32\ja
2023-11-26 14:53 - 2020-05-12 04:03 - 000000000 ____D C:\Windows\system32\da
2023-11-26 14:53 - 2020-05-12 04:00 - 000000000 ____D C:\Windows\system32\fi
2023-11-26 14:53 - 2020-05-12 03:57 - 000000000 ____D C:\Windows\system32\no
2023-11-26 14:53 - 2020-05-12 03:54 - 000000000 ____D C:\Windows\system32\sv
2023-11-26 14:53 - 2020-05-12 03:51 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2023-11-26 14:53 - 2020-05-12 03:51 - 000000000 ____D C:\Windows\en-GB
2023-11-26 14:53 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-26 14:53 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-26 14:53 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\OpenSSH
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemApps
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Keywords
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\DiagTrack
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\appcompat
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-26 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-26 14:53 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2023-11-26 14:45 - 2019-12-07 10:52 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-11-26 14:45 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-11-26 14:45 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-11-26 14:21 - 2021-01-14 05:16 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-11-26 10:02 - 2021-01-14 22:12 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-11-26 04:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\security
2023-11-26 04:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\schemas
2023-11-26 04:45 - 2019-12-07 10:10 - 000820736 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\ddputils.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ManagedEventLogging.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000280064 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\AuditNativeSnapIn.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\appvetwsharedperformance.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\AppvClientEventLog.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditNativeSnapIn.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000214016 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CmUtil.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smbdirect.sys
2023-11-26 04:45 - 2019-12-07 10:10 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\fveprompt.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000147439 _____ C:\Windows\SysWOW64\gpedit.msc
2023-11-26 04:45 - 2019-12-07 10:10 - 000147439 _____ C:\Windows\system32\gpedit.msc
2023-11-26 04:45 - 2019-12-07 10:10 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\ddptrace.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000137736 _____ (Microsoft Corporation) C:\Windows\system32\iotstartup.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000120458 _____ C:\Windows\system32\secpol.msc
2023-11-26 04:45 - 2019-12-07 10:10 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\baaupdate.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\PackageInspector.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmlib.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\srmlib.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\srmtrace.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncController.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\ddp_ps.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmtrace.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppCore.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\UevAppMonitor.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CabUtil.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.EventLogMessages.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000043566 _____ C:\Windows\SysWOW64\rsop.msc
2023-11-26 04:45 - 2019-12-07 10:10 - 000043566 _____ C:\Windows\system32\rsop.msc
2023-11-26 04:45 - 2019-12-07 10:10 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\UevAgentPolicyGenerator.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\SrpUxNativeSnapIn.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\srm_ps.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SrpUxNativeSnapIn.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\qwinsta.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\msg.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\quser.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.WmiAccess.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppData.WinRT.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NcaApi.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncCommon.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.WinRT.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.LocalSyncProvider.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm_ps.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\RemoteAppLifetimeManagerProxyStub.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernSync.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateBaselineGenerator.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateConfigItemGenerator.exe
2023-11-26 04:45 - 2019-12-07 10:10 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\BdeSysprep.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SmbSyncProvider.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessproviderevents.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.MonitorSyncProvider.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncConditions.dll
2023-11-26 04:45 - 2019-12-07 10:10 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.SecureAssessment.Diagnostics.dll
2023-11-26 04:40 - 2021-01-14 22:11 - 000000002 _____ C:\Windows\system32\Drivers\PREINSTALL_na_SATELLITE PRO C40-G-109_TIH0550200A.MRK
2023-11-26 04:38 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2023-11-26 04:31 - 2021-01-14 22:10 - 000000000 ____D C:\Dynabook
2023-11-26 04:31 - 2019-12-07 10:18 - 000000000 ____D C:\Windows\Setup
2023-11-25 22:52 - 2021-01-14 05:15 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-11-25 22:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-11-25 22:02 - 2021-01-14 22:23 - 000000000 ____D C:\Windows\SysWOW64\sysprep
2023-11-25 12:56 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\system32\FxsTmp
2023-11-25 12:52 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-11-25 12:36 - 2021-01-14 22:11 - 000000000 ____D C:\Program Files\Dynabook
2023-11-25 12:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\spool
2023-11-25 12:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-11-25 12:10 - 2019-12-07 10:52 - 000020908 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2023-11-25 11:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
--- --- ---


[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by bseve (27-11-2023 20:36:20)
Running from C:\Users\Maslina\Downloads
Microsoft Windows 10 Pro Education Version 22H2 19045.3693 (X64) (2023-11-25 11:54:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-494448607-1303044631-3617626462-500 - Administrator - Disabled)
bseve (S-1-5-21-494448607-1303044631-3617626462-1001 - Administrator - Enabled) => C:\Users\bseve
DefaultAccount (S-1-5-21-494448607-1303044631-3617626462-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-494448607-1303044631-3617626462-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-494448607-1303044631-3617626462-501 - Limited - Disabled)
Maslina (S-1-5-21-494448607-1303044631-3617626462-1002 - Limited - Enabled) => C:\Users\Maslina
WDAGUtilityAccount (S-1-5-21-494448607-1303044631-3617626462-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Malwarebytes version 4.6.6.294 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.6.294 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13127.20616 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-494448607-1303044631-3617626462-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-494448607-1303044631-3617626462-1002\...\OneDriveSetup.exe) (Version: 23.226.1031.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 12.8 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.8 - MiniTool Software Limited)
MiniTool ShadowMaker PW Edition (HKLM-x32\...\MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1) (Version: 4.3 - MiniTool Software Limited)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
RogueKiller Version 15.13.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.13.0.0 - Adlice Software)

Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.30781.0_x64__8wekyb3d8bbwe [2023-11-25] (Microsoft Corporation)
dynabook Manual -> C:\Program Files\WindowsApps\7906AAC0.TOSHIBAManual_1.0.10.0_x86__nvaxck9xhg5vg [2023-11-25] (Dynabook Inc.)
dynabook Support Utility -> C:\Program Files\WindowsApps\7906AAC0.dynabookSupportUtility_1.1.4.0_x64__nvaxck9xhg5vg [2023-11-26] (Dynabook Inc.) [Startup Task]
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5237.0_x64__8j3eq9eme6ctt [2023-11-26] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-11-25] (INTEL CORP)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2023-11-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2023-11-25] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_20.10420.5165.0_x64__8wekyb3d8bbwe [2023-11-25] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2023-11-25] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.37.21681.0_x64__8wekyb3d8bbwe [2023-11-25] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.20.238.0_x64__dt26b99r8h8gj [2023-11-25] (Realtek Semiconductor Corp)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2023-11-26] (Skype)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-25] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-25] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} =>  -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\bseve\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [144]
AlternateDataStreams: C:\Users\bseve\Downloads\spybotsd-2.9.85.5 (1).exe:MBAM.Zone.Identifier [131]
AlternateDataStreams: C:\Users\Maslina\Downloads\avast_free_antivirus_setup_online.exe:MBAM.Zone.Identifier [209]
AlternateDataStreams: C:\Users\Maslina\Downloads\ccsetup617.exe:MBAM.Zone.Identifier [166]
AlternateDataStreams: C:\Users\Maslina\Downloads\pw-free-online.exe:MBAM.Zone.Identifier [170]
AlternateDataStreams: C:\Users\Maslina\Downloads\RogueKiller_setup.exe:MBAM.Zone.Identifier [224]
AlternateDataStreams: C:\Users\Maslina\Downloads\treesizefree-portable.zip:MBAM.Zone.Identifier [177]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-25] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-494448607-1303044631-3617626462-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-494448607-1303044631-3617626462-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dynabook\Dynabook_Option3.jpg
HKU\S-1-5-21-494448607-1303044631-3617626462-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dynabook\Dynabook_Option3.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "MTPW"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKU\S-1-5-21-494448607-1303044631-3617626462-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-494448607-1303044631-3617626462-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-494448607-1303044631-3617626462-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_FC1CA27929C988F6D051E170E9C0442B"
HKU\S-1-5-21-494448607-1303044631-3617626462-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_2971F37554576828C45809786ABAFBDF"
HKU\S-1-5-21-494448607-1303044631-3617626462-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-494448607-1303044631-3617626462-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6698EEFC-00CE-4E7E-BD90-9E60AE6C483C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A280B084-9AF6-40CD-AE62-705747E443D0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD992903-B8DC-4693-8252-44971C947622}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
FirewallRules: [{E5908B57-E24A-4515-980E-CC503BFA63EE}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )

==================== Restore Points =========================

26-11-2023 12:05:26 Windows Modules Installer
26-11-2023 16:14:06 Windows Modules Installer
26-11-2023 16:15:55 Windows Modules Installer
27-11-2023 20:24:49 ExpressVPN
27-11-2023 20:28:00 Removed WinZip 25.0.

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/27/2023 08:28:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Tools since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (11/27/2023 08:28:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Firewall Service since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (11/27/2023 08:28:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (11/27/2023 08:28:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (11/27/2023 08:28:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswVmm.

System Error:
The system cannot find the file specified.
.

Error: (11/27/2023 08:28:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
The system cannot find the file specified.
.

Error: (11/27/2023 08:28:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.

System Error:
The system cannot find the file specified.
.

Error: (11/27/2023 08:28:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRvrt.

System Error:
The system cannot find the file specified.
.


System errors:
=============
Error: (11/26/2023 03:16:40 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-DBF6PCMD)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/26/2023 02:59:27 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT AUTHORITY)
Description: The event logging service encountered an error (5) while enabling publisher {a70ff94f-570b-4979-ba5c-e59c9feab61b} to channel Microsoft-Windows-WinINet/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity.

Error: (11/26/2023 02:57:31 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The aswbIDSAgent service did not shut down properly after receiving a pre-shutdown control.

Error: (11/26/2023 02:55:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service UsoSvc with arguments "Unavailable" in order to run the server:
{B91D5831-B1BD-4608-8198-D72E155020F7}

Error: (11/26/2023 02:55:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service UsoSvc with arguments "Unavailable" in order to run the server:
{B91D5831-B1BD-4608-8198-D72E155020F7}

Error: (11/26/2023 02:32:31 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The MTSchedulerService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (11/26/2023 02:32:27 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The MTAgentService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (11/26/2023 11:38:03 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Feature update to Windows 10, version 22H2.


Windows Defender:
================Event[0]:

Date: 2023-11-26 10:37:37
Description: 
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Backup
Error Code: 0x80004004
Error description: Operation aborted 
Security intelligence version: 1.303.25.0;1.303.25.0
Engine version: 1.1.16400.2

Date: 2023-11-26 10:37:36
Description: 
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80004004
Error description: Operation aborted 
Security intelligence version: 1.401.1187.0;1.401.1187.0
Engine version: 1.1.23100.2009

Date: 2023-11-26 10:27:31
Description: 
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x8007041d
Error description: The service did not respond to the start or control request in a timely fashion. 
Reason: The system is missing updates that are required for running Network Inspection System.  Install the required updates and restart the device.

CodeIntegrity:
===============
Date: 2023-11-27 17:09:39
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. CN16SV117 11/03/2021
Motherboard: Dynabook Inc. DBIIP303
Processor: Intel(R) Celeron(R) CPU 5205U @ 1.90GHz
Percentage of memory in use: 86%
Total physical RAM: 3961.05 MB
Available physical RAM: 535.92 MB
Total Virtual: 5551.8 MB
Available Virtual: 999.23 MB

==================== Drives ================================

Drive c: (TIH0550200A) (Fixed) (Total:106.2 GB) (Free:52.04 GB) (Model: PHISON 128GB SSD) NTFS

\\?\Volume{c30857e5-6e43-446f-83ff-5f5faad8fe6f}\ (WinRE) (Fixed) (Total:0.97 GB) (Free:0.39 GB) NTFS
\\?\Volume{48ede880-76aa-11eb-8485-5c857e4c304c}\ (HDDRECOVERY) (Fixed) (Total:11.79 GB) (Free:0.99 GB) FAT32
\\?\Volume{21505616-9db4-4376-8aa7-ae987dfb326f}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================
--- --- ---
Antwort

Themen zu Schwarzer Bildschirm, CMD Fenster geht auf und zu, langsames Internet - Windows 10 Rechner infiziert?
.dll, administrator, avast, bildschirm, browser, defender, desktop, education, firewall, google, infiziert, internet, langsam, log, mozilla, realtek, registry, schwarzer bildschirm, services.exe, software, surfen, svchost.exe, system, updates, virus, windows


« Vorinstalliertes Windows 11 mit Norten 360 Gamers Edition | Vivaldi, Opera, Firefox - Nach jedem Neustart Cookies immer wieder akzeptieren und überall neu anmelden »


Ähnliche Themen: Schwarzer Bildschirm, CMD Fenster geht auf und zu, langsames Internet - Windows 10 Rechner infiziert?


  1. Windows 7 startet nicht (schwarzer Bildschirm), nur der abgesicherte Modus geht, aber ohne Internet
    Alles rund um Windows - 12.09.2017 (31)
  2. Windows 7 schwarzer Bildschirm mit Mauszeiger, es geht nicht weiter
    Plagegeister aller Art und deren Bekämpfung - 16.03.2017 (0)
  3. Windows 10 Cmd Fenster öffnet ständig und schliesst sich wieder
    Log-Analyse und Auswertung - 18.05.2016 (6)
  4. Windows 7 schwarzer Bildschirm, keine Taskleiste aber Fenster "Computer" geöffnet
    Plagegeister aller Art und deren Bekämpfung - 27.03.2015 (9)
  5. Windows 7 schwarzer Bildschirm, keine Taskleiste aber Fenster "Computer" geöffnet 3
    Plagegeister aller Art und deren Bekämpfung - 23.12.2014 (10)
  6. Windows 7: CMD-Fenster öffnet und schließt sich.
    Log-Analyse und Auswertung - 20.12.2014 (10)
  7. Windows 7: Nach Hochfahren schwarzer Bildschirm und das Fenster " Computer" offen
    Plagegeister aller Art und deren Bekämpfung - 14.12.2014 (23)
  8. Windows 8: langsames Internet und Umleitungen auf Werbeseiten
    Log-Analyse und Auswertung - 21.10.2014 (10)
  9. Windows 7: Schwarzer Bildschirm nach ein paar Minuten im Internet, dann geht nichts mehr
    Log-Analyse und Auswertung - 05.10.2014 (24)
  10. Windows 8.0 : Windows öffnet cmd-Fenster und Farmaster in Nightly (Firefox)
    Log-Analyse und Auswertung - 28.09.2014 (15)
  11. Schwarzer bildschirm beim start von windows kurz und links oben ein schwarzer kasten der ladet-keine rechte die anwendungen zu benutzen
    Plagegeister aller Art und deren Bekämpfung - 29.07.2014 (5)
  12. Schwarzer Bildschirm Fenster mit Deutschlandfahne und Aufforderung 100euro bezahlen
    Log-Analyse und Auswertung - 23.05.2012 (1)
  13. Schwarzer bildschirm mit Fenster dass ich angeblich Kinderpornographie auf dem Rechner habe...
    Plagegeister aller Art und deren Bekämpfung - 20.04.2012 (19)
  14. Hilfe!!! Schwarzer Bildschirm Windows 7 gesperrt, da infiziert, Zahlungsaufforderung
    Log-Analyse und Auswertung - 07.02.2012 (2)
  15. cmd.exe startet sich, schwarzer Bildschirm
    Log-Analyse und Auswertung - 29.11.2009 (1)
  16. IE Fenster poppen unkontrollierbar auf - Rechner infiziert?
    Log-Analyse und Auswertung - 19.11.2009 (1)
  17. langsames internet und selbstöffnende fenster
    Log-Analyse und Auswertung - 20.12.2008 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Schwarzer Bildschirm, CMD Fenster geht auf und zu, langsames Internet - Windows 10 Rechner infiziert? - Zitat: Zitat von cosinus Leider sieht man auch hier wieder die typischen Laienfehler: Völlig unsinniger bis kontraproduktiver Avast-Virenscanner installiert, dazu ein Kaputtmacher wie CCleaner und unsinnige VPN-Software. Dazu auch noch - Schwarzer Bildschirm, CMD Fenster geht auf und zu, langsames Internet - Windows 10 Rechner infiziert?...
Archiv
Du betrachtest: Schwarzer Bildschirm, CMD Fenster geht auf und zu, langsames Internet - Windows 10 Rechner infiziert? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55