| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Microsoft Edge öffnet nachts eigenständig WebsitesWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
24.12.2023, 17:13
| #10 |
| |  Microsoft Edge öffnet nachts eigenständig Websites Ok - ist da noch was zu finden oder ist der Fehler damit beseitigt? Danke, Karl FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-12-2023
durchgeführt von PC (Administrator) auf DESKTOP-N67O51V (HP HP 255 G8 Notebook PC) (24-12-2023 17:07:19)
Gestartet von C:\Users\PC\Downloads\FRST64.exe
Geladene Profile: PC
Plattform: Microsoft Windows 11 Pro Version 23H2 22631.2861 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (ACLAP -> Node.js) C:\Program Files\net.downloadhelper.coapp\bin\net.downloadhelper.coapp-win-64.exe
(DriverStore\FileRepository\u0376573.inf_amd64_8aae8753e0431618\B374868\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376573.inf_amd64_8aae8753e0431618\B374868\atieclxx.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\PC\AppData\Local\Programs\signal-desktop\Signal.exe <5>
(explorer.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files\Windscribe\Windscribe.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <22>
(SECOMN64.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376573.inf_amd64_8aae8753e0431618\B374868\atiesrxx.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_2f779d0a8fdf496c\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\SysInfoCap.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d315e0ae42c5f5e6\RtkAudUService64.exe <3>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files\Windscribe\WindscribeService.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.2567_none_e93fb1d442e4b410\TiWorker.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d315e0ae42c5f5e6\RtkAudUService64.exe [1922856 2023-09-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2044568 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\Run: [MicrosoftEdgeAutoLaunch_B47356396DDD0FAAE76D0ED141F5CEA2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\PC\AppData\Local\Programs\signal-desktop\Signal.exe [163723200 2023-11-30] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\PC\AppData\Local\Microsoft\Teams\Update.exe [2589872 2023-12-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\Run: [Windscribe] => C:\Program Files\Windscribe\Windscribe.exe [5820256 2023-08-20] (Windscribe Limited -> Windscribe Limited)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.129\Installer\chrmstp.exe [2023-12-21] (Google LLC -> Google LLC)
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {F1A96586-FD36-4B63-AA09-F8A507206F80} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-21] (Adobe Inc. -> Adobe Inc.)
Task: {2055F9FC-CAA6-4C13-B096-A3E1686766C1} - System32\Tasks\GoogleUpdateTaskMachineCore{EC1159AD-2AA5-4980-9CD9-AE9146ECA513} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-06-08] (Google LLC -> Google LLC)
Task: {A23628F5-2E87-416C-8431-5312AAC7799E} - System32\Tasks\GoogleUpdateTaskMachineUA{5847186A-3DEB-4816-960D-47E75862EA08} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-06-08] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {E8D753ED-28DC-4D37-84B0-B0A0FC6BFBC3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28C5EA0A-1E8A-45E5-91E2-B5367569A7DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {86ABCC80-CCAD-4286-8027-F683F2C5A871} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C73EB65-2DAF-4B85-9B49-406555A08758} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A7DDEB2D-04D1-417B-ADFA-FBA9FE3FAAAA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-19] (Mozilla Corporation -> Mozilla Foundation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{46fed04a-97b3-4d2f-ba03-2efce39b3323}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{91d464f8-e578-4053-982a-0ceae5058406}: [DhcpNameServer] 200.73.96.146 190.104.12.42
Tcpip\..\Interfaces\{f4ee2eeb-1fc4-404e-b303-917efd9b6667}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{f4ee2eeb-1fc4-404e-b303-917efd9b6667}: [DhcpDomain] fritz.box
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-23]
Edge Extension: (Google Docs Offline) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-15]
Edge Extension: (Edge relevant text changes) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-17]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
FireFox:
========
FF DefaultProfile: f7ocj1ka.default
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\f7ocj1ka.default [2023-05-29]
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ec0rkfhe.default-release [2023-12-24]
FF Homepage: Mozilla\Firefox\Profiles\ec0rkfhe.default-release -> hxxps://www.ecosia.org/?c=de
FF Notifications: Mozilla\Firefox\Profiles\ec0rkfhe.default-release -> hxxps://web.instahelp.me
FF Extension: (Facebook Container) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ec0rkfhe.default-release\Extensions\@contain-facebook.xpi [2023-07-20]
FF Extension: (Google Scholar-Schaltfläche) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ec0rkfhe.default-release\Extensions\button@scholar.google.com.xpi [2023-07-04]
FF Extension: (Cisco Webex Extension) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ec0rkfhe.default-release\Extensions\ciscowebexstart1@cisco.com.xpi [2023-07-04]
FF Extension: (Language: Deutsch (German)) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ec0rkfhe.default-release\Extensions\langpack-de@firefox.mozilla.org.xpi [2023-12-22]
FF Extension: (uBlock Origin) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ec0rkfhe.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-12-06]
FF Extension: (Citavi Picker) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ec0rkfhe.default-release\Extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2023-07-04]
FF Extension: (Snowflake) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ec0rkfhe.default-release\Extensions\{b11bea1f-a888-4332-8d8a-cec2be7d24b9}.xpi [2023-07-04]
FF Extension: (Video DownloadHelper) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ec0rkfhe.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-09-01]
FF Extension: (Ecosia – Die Suchmaschine, die Bäume pflanzt) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ec0rkfhe.default-release\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2023-07-04]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ec0rkfhe.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-07-04]
FF Extension: (Citavi Picker) - C:\Program Files\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2023-06-21]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2023-08-14] (FOXIT SOFTWARE INC. -> Foxit Corporation)
Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2023-12-23]
CHR Notifications: Default -> hxxps://clickdoc.elvi.de
CHR Extension: (Avira Password Manager) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-12-23]
CHR Extension: (Avira Safe Shopping) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-12-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-30]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2023-12-23]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-08]
CHR Extension: (Citavi Picker) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2023-07-12]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-21] (Adobe Inc. -> Adobe Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2432608 2023-08-14] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\AppHelperCap.exe [887856 2023-10-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\DiagsCap.exe [886720 2023-10-25] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\NetworkCap.exe [882728 2023-10-25] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2023-11-14] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_30f448e100bbebf7\x64\SysInfoCap.exe [886832 2023-10-25] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_2f779d0a8fdf496c\x64\TouchpointAnalyticsClientService.exe [491648 2023-10-24] (HP Inc. -> HP Inc.)
R2 SECOMNService; C:\WINDOWS\System32\SECOMN64.exe [743904 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files\Windscribe\WindscribeService.exe [1085280 2023-08-20] (Windscribe Limited -> Windscribe Limited)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [310216 2023-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_ea6bfcdad05c0606\amdacpafd.sys [435080 2023-07-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376573.inf_amd64_8aae8753e0431618\B374868\amdkmdag.sys [80558960 2022-02-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2023-08-20] (Windscribe Limited -> The OpenVPN Project)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74064 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-08] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WindscribeSplitTunnel; C:\WINDOWS\system32\DRIVERS\WindscribeSplitTunnel.sys [38152 2023-08-20] (Windscribe Limited -> )
R3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2023-08-20] (Windscribe Limited -> WireGuard LLC)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-12-23 23:20 - 2023-12-23 23:20 - 000722202 _____ C:\WINDOWS\system32\perfh007.dat
2023-12-23 23:20 - 2023-12-23 23:20 - 000149258 _____ C:\WINDOWS\system32\perfc007.dat
2023-12-23 23:14 - 2023-12-23 23:14 - 000000448 __RSH C:\ProgramData\ntuser.pol
2023-12-23 23:07 - 2023-02-23 03:37 - 000053832 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\PTPFilter.sys
2023-12-23 23:07 - 2023-02-23 03:36 - 001245304 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCtrl.exe
2023-12-23 23:07 - 2023-02-23 03:36 - 000646728 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCmds.dll
2023-12-23 23:07 - 2023-02-23 03:36 - 000589384 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2023-12-23 23:07 - 2023-02-23 03:36 - 000495688 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\ETDApix.dll
2023-12-23 23:07 - 2023-02-23 03:36 - 000474184 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDFavorite.dll
2023-12-23 23:07 - 2023-02-23 03:36 - 000402040 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCtrlHelper.exe
2023-12-23 23:07 - 2023-02-23 03:36 - 000202312 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDService.exe
2023-12-23 23:07 - 2023-02-23 03:36 - 000033392 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETDHCF.sys
2023-12-23 23:07 - 2022-09-29 03:18 - 000019872 _____ C:\WINDOWS\system32\RtEventLog.dll
2023-12-23 22:51 - 2023-12-23 22:51 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-12-23 22:50 - 2023-12-23 22:50 - 000000020 ___SH C:\Users\PC\ntuser.ini
2023-12-23 22:49 - 2023-12-23 23:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-23 22:49 - 2023-12-23 22:49 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2023-12-23 22:49 - 2023-12-23 22:49 - 000011433 _____ C:\WINDOWS\diagerr.xml
2023-12-23 22:49 - 2023-12-23 22:49 - 000003682 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-12-23 22:49 - 2023-12-23 22:49 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{5847186A-3DEB-4816-960D-47E75862EA08}
2023-12-23 22:49 - 2023-12-23 22:49 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-12-23 22:49 - 2023-12-23 22:49 - 000003458 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-12-23 22:49 - 2023-12-23 22:49 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{EC1159AD-2AA5-4980-9CD9-AE9146ECA513}
2023-12-23 22:49 - 2023-12-23 22:49 - 000003058 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-350317605-4065228070-467651021-1001
2023-12-23 22:49 - 2023-12-23 22:49 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-350317605-4065228070-467651021-1001
2023-12-23 22:49 - 2023-12-23 22:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-12-23 22:49 - 2023-12-23 22:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2023-12-23 22:49 - 2023-12-23 22:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2023-12-23 22:47 - 2023-12-23 23:20 - 001662892 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-23 22:45 - 2023-12-23 22:45 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2023-12-23 22:44 - 2023-12-23 22:44 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2023-12-23 22:43 - 2023-12-23 22:50 - 000000000 ____D C:\Windows.old
2023-12-23 22:43 - 2023-12-23 22:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-23 22:43 - 2023-12-23 22:43 - 000474176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-23 22:37 - 2023-12-23 22:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Crypto
2023-12-23 22:37 - 2023-12-23 22:37 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\SystemCertificates
2023-12-23 22:37 - 2023-12-23 22:37 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Network
2023-12-23 22:36 - 2023-12-23 22:43 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2023-12-23 22:35 - 2023-12-23 22:51 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows
2023-12-23 22:35 - 2023-12-23 22:50 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Spelling
2023-12-23 22:35 - 2023-12-23 22:50 - 000000000 ____D C:\Users\PC
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 _SHDL C:\Users\PC\Vorlagen
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 _SHDL C:\Users\PC\Startmenü
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 _SHDL C:\Users\PC\Netzwerkumgebung
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 _SHDL C:\Users\PC\Lokale Einstellungen
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 _SHDL C:\Users\PC\Eigene Dateien
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 _SHDL C:\Users\PC\Druckumgebung
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 _SHDL C:\Users\PC\Documents\Eigene Videos
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 _SHDL C:\Users\PC\Documents\Eigene Musik
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 _SHDL C:\Users\PC\Documents\Eigene Bilder
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 _SHDL C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 _SHDL C:\Users\PC\AppData\Local\Verlauf
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 _SHDL C:\Users\PC\AppData\Local\Anwendungsdaten
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 _SHDL C:\Users\PC\Anwendungsdaten
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 ____D C:\WINDOWS\system32\AMD
2023-12-23 22:35 - 2023-12-23 22:35 - 000000000 ____D C:\WINDOWS\Firmware
2023-12-23 22:34 - 2023-12-23 22:36 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-12-23 22:21 - 2023-12-23 22:21 - 000016240 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-23 22:14 - 2023-12-23 22:14 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-12-23 22:14 - 2023-12-23 22:14 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-12-23 22:14 - 2023-12-23 22:14 - 000000000 ____D C:\WINDOWS\addins
2023-12-23 22:01 - 2023-12-23 22:01 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-12-23 21:35 - 2023-12-23 22:50 - 000000000 ___DC C:\WINDOWS\Panther
2023-12-23 21:33 - 2023-12-23 22:49 - 000000000 ___HD C:\$GetCurrent
2023-12-23 21:33 - 2023-12-23 21:33 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
2023-12-23 20:45 - 2023-12-23 21:35 - 000000036 _____ C:\WINDOWS\progress.ini
2023-12-23 20:29 - 2023-12-23 20:29 - 000001330 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2023-12-23 20:29 - 2023-12-23 20:29 - 000000000 ____D C:\Users\PC\AppData\Local\PCHealthCheck
2023-12-23 14:18 - 2023-12-23 14:19 - 000032615 _____ C:\Users\PC\Downloads\Addition.txt
2023-12-23 14:15 - 2023-12-24 17:08 - 000021084 _____ C:\Users\PC\Downloads\FRST.txt
2023-12-23 14:15 - 2023-12-24 17:07 - 000000000 ____D C:\FRST
2023-12-23 14:12 - 2023-12-23 14:12 - 002387456 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe
2023-12-23 13:46 - 2023-12-23 13:46 - 000000000 ____D C:\Users\Public\Security Sessions
2023-12-23 13:45 - 2023-12-23 22:43 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2023-12-23 13:45 - 2023-12-23 20:30 - 002496416 _____ C:\WINDOWS\system32\rtp.db
2023-12-23 13:45 - 2023-12-23 13:45 - 000000000 ____D C:\Users\PC\AppData\Local\AviraWebView2Cache
2023-12-23 13:44 - 2023-12-23 13:46 - 000000000 ____D C:\Users\PC\AppData\Local\Avira
2023-12-23 13:43 - 2023-12-23 21:16 - 000000000 ____D C:\Program Files (x86)\Avira
2023-12-23 13:43 - 2023-12-23 13:43 - 006576104 _____ (Avira Operations GmbH) C:\Users\PC\Downloads\avira_de_sptl1_3276aa397672fa93__pavwws-spotlight-release.exe
2023-12-23 12:08 - 2023-12-23 12:43 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-12-22 03:49 - 2023-12-22 08:53 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-12-19 17:51 - 2023-12-19 17:53 - 000000000 ____D C:\Users\PC\Downloads\Shein fotos
2023-12-19 17:35 - 2023-12-23 12:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-12-14 22:33 - 2023-12-14 22:40 - 000549078 _____ C:\Users\PC\Downloads\Anmeldeformular.pdf
2023-12-07 11:04 - 2023-12-07 11:04 - 000138964 _____ C:\Users\PC\Downloads\Kostenerstattung der medizinischen Behandlung während der Entsendung-1.pdf
2023-12-07 11:02 - 2023-12-07 11:02 - 000150682 _____ C:\Users\PC\Downloads\Kostenerstattung der medizinischen Behandlung während der Entsendung.pdf
2023-12-06 21:54 - 2023-12-06 21:54 - 000059699 _____ C:\Users\PC\Downloads\20231206215449_TK-Behandlung im Ausland - Rechnung einreichen.pdf
2023-12-05 16:30 - 2023-12-23 22:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-12-05 14:41 - 2023-12-05 14:41 - 005790266 _____ C:\Users\PC\Downloads\978-3-662-55379-4-1_compressed_compressed.pdf
2023-12-05 14:35 - 2023-12-05 14:35 - 008201822 _____ C:\Users\PC\Downloads\978-3-662-55379-4-1_compressed.pdf
2023-12-05 14:32 - 2023-12-05 14:32 - 010289435 _____ C:\Users\PC\Downloads\978-3-662-55379-4-1.pdf
2023-12-05 14:10 - 2023-12-05 14:11 - 013674838 _____ C:\Users\PC\Downloads\978-3-662-55379-4.pdf
2023-12-04 16:43 - 2023-12-04 16:43 - 000795918 _____ C:\Users\PC\Downloads\Einladung EG Karina Hagemann.pdf
2023-12-01 15:17 - 2023-12-01 15:20 - 000000000 ____D C:\Program Files\CopyTrans HEIC for Windows
2023-12-01 15:17 - 2023-12-01 15:20 - 000000000 ____D C:\Program Files (x86)\CopyTrans HEIC for Windows
2023-12-01 15:17 - 2023-12-01 15:17 - 000000000 ____D C:\ProgramData\WindSolutions
2023-12-01 15:16 - 2023-12-01 15:16 - 007838192 _____ (Ursa Minor Ltd ) C:\Users\PC\Downloads\CopyTransHEICforWindowsv2.000.exe
2023-12-01 15:14 - 2023-12-01 15:14 - 000151113 _____ C:\Users\PC\Downloads\AMALIA GALINDO 2023.pdf
2023-12-01 12:12 - 2023-12-01 12:12 - 000000000 ___HD C:\OneDriveTemp
2023-12-01 11:23 - 2023-12-23 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMyFone
2023-12-01 11:22 - 2023-12-01 11:22 - 034935032 _____ (Shenzhen iMyFone Technology Co., Ltd. ) C:\Users\PC\Downloads\heic-converter-setup.exe
2023-12-01 11:20 - 2023-12-01 11:20 - 048414720 _____ C:\Users\PC\Downloads\JPEGminiPro_installer_4_0_0_8.msi
2023-12-01 09:51 - 2023-12-01 09:52 - 000051762 _____ C:\Users\PC\Downloads\Steckbrief V. Carré.pdf
2023-12-01 09:51 - 2023-12-01 09:51 - 000259724 _____ C:\Users\PC\Downloads\Steckbrief_NinaPoetzl.pdf
2023-12-01 09:51 - 2023-12-01 09:51 - 000046485 _____ C:\Users\PC\Downloads\Vorlage Steckbrief.pdf
2023-12-01 09:50 - 2023-12-01 09:50 - 000079583 _____ C:\Users\PC\Downloads\Steckbrief Lena Flacke.pdf
2023-12-01 09:50 - 2023-12-01 09:50 - 000071856 _____ C:\Users\PC\Downloads\Steckbrief-1.pdf
2023-12-01 09:47 - 2023-12-01 09:47 - 000052269 _____ C:\Users\PC\Downloads\Steckbrief.pdf
2023-11-29 22:36 - 2023-11-29 22:36 - 006887812 _____ C:\Users\PC\Downloads\combinepdf.pdf
2023-11-29 18:02 - 2023-12-08 19:30 - 000000000 ____D C:\Users\PC\Desktop\Jonael Fotobuch
2023-11-29 18:00 - 2023-11-29 18:00 - 000000000 ____D C:\Program Files\CEWE
2023-11-29 17:59 - 2023-11-29 17:59 - 008168976 _____ C:\Users\PC\Downloads\setup_Mein_CEWE_FOTOBUCH.exe
2023-11-29 14:59 - 2023-11-29 14:59 - 000000165 ____H C:\Users\PC\Documents\~$01_Tagesplan2_2.xlsx
2023-11-27 20:19 - 2023-11-27 20:19 - 000184732 _____ C:\Users\PC\Downloads\978-3-319-71928-3_30.pdf
2023-11-27 19:20 - 2023-11-27 19:20 - 000494584 _____ C:\Users\PC\Downloads\paper0226.pdf
2023-11-27 17:07 - 2023-11-27 17:07 - 000995578 _____ C:\Users\PC\Downloads\Este Tierra Brilliante This Brilliant Earth.pdf
2023-11-27 15:47 - 2023-11-27 15:47 - 002411669 _____ C:\Users\PC\Downloads\Broschüre Folsäure, dt.pdf
2023-11-27 14:47 - 2023-11-27 14:47 - 000388403 _____ C:\Users\PC\Downloads\909862aaa-1.pdf
2023-11-26 21:11 - 2023-11-26 21:11 - 000137024 _____ (Zoom Video Communications, Inc.) C:\Users\PC\Downloads\Zoom_cm_fof5M0usfg0ouwZ9vvrZo4_m90p4i1TXedP-oTdNSPwEfNyFQBWh4yOpbrk@7hGIW7oXx9gRm+Lh_k8c12a4102dcb6480_.exe
2023-11-26 19:01 - 2023-11-26 19:01 - 000161407 _____ C:\Users\PC\Downloads\DE Jabra Elite 8 Active Tech Sheet A4 Web 160823.pdf
2023-11-24 20:42 - 2023-11-24 20:42 - 001589510 _____ (Igor Pavlov) C:\Users\PC\Downloads\7z2301-x64.exe
2023-11-24 20:41 - 2023-11-24 20:41 - 000417232 _____ C:\Users\PC\Downloads\Chat_GPT-5 for PC Installation v1.1.3(1).rar
2023-11-24 20:33 - 2023-11-24 20:33 - 000417232 _____ C:\Users\PC\Downloads\Chat_GPT-5 for PC Installation v1.1.3.rar
2023-11-24 17:26 - 2023-11-24 17:26 - 000407921 _____ C:\Users\PC\Downloads\Erstgespräch_Kinderwunsch.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-12-24 17:07 - 2023-05-29 18:06 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-12-24 17:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-12-24 17:06 - 2023-07-10 16:25 - 000000000 ____D C:\Users\PC\AppData\Roaming\Signal
2023-12-24 17:06 - 2023-06-08 16:22 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-24 17:06 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-23 23:20 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2023-12-23 23:14 - 2023-05-03 09:57 - 000012288 ___SH C:\DumpStack.log.tmp
2023-12-23 23:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-23 23:14 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-12-23 23:08 - 2022-03-25 06:59 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-12-23 23:07 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-23 23:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\appcompat
2023-12-23 23:07 - 2022-03-24 14:29 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2023-12-23 23:07 - 2022-03-24 14:29 - 000000000 ____D C:\ProgramData\Packages
2023-12-23 23:06 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-12-23 23:05 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-12-23 23:01 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-23 22:58 - 2022-03-24 14:29 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2023-12-23 22:50 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-23 22:50 - 2022-03-24 14:29 - 000002348 _____ C:\Users\PC\Desktop\Microsoft Edge.lnk
2023-12-23 22:50 - 2022-03-24 14:29 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-12-23 22:49 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-23 22:49 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows NT
2023-12-23 22:49 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows Defender
2023-12-23 22:49 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-12-23 22:46 - 2023-06-08 16:22 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-23 22:46 - 2023-06-08 16:22 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-12-23 22:45 - 2022-05-07 06:24 - 000000000 __RHD C:\Users\Public\Libraries
2023-12-23 22:45 - 2022-03-24 14:27 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-23 22:43 - 2023-10-06 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Reader
2023-12-23 22:43 - 2023-08-20 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe
2023-12-23 22:43 - 2023-08-10 02:20 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2023-12-23 22:43 - 2023-07-11 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 6
2023-12-23 22:43 - 2022-05-07 06:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-12-23 22:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-12-23 22:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-12-23 22:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\spool
2023-12-23 22:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-12-23 22:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-12-23 22:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-12-23 22:43 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-12-23 22:43 - 2021-06-05 13:10 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-12-23 22:43 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-12-23 22:43 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-12-23 22:36 - 2023-11-10 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2023-12-23 22:36 - 2023-07-11 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2023-12-23 22:35 - 2022-05-07 06:28 - 000000000 ____D C:\WINDOWS\Setup
2023-12-23 22:35 - 2022-05-07 06:24 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2023-12-23 22:33 - 2023-10-01 08:01 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2023-12-23 22:33 - 2022-05-07 11:39 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-12-23 22:33 - 2022-05-07 11:39 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-23 22:33 - 2022-05-07 11:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-12-23 22:33 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2023-12-23 22:33 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\de
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\id-ID
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Globalization
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-23 22:33 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-12-23 22:33 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2023-12-23 22:32 - 2022-05-07 11:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-12-23 22:32 - 2022-05-07 06:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-12-23 22:32 - 2022-05-07 06:25 - 000076800 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2023-12-23 22:32 - 2022-05-07 06:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-12-23 22:32 - 2022-05-07 06:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2023-12-23 22:15 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\OCR
2023-12-23 22:14 - 2023-07-06 03:17 - 000000000 ____D C:\Users\PC\Documents\Geschenke
2023-12-23 22:13 - 2022-05-07 11:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-12-23 22:13 - 2022-05-07 11:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-12-23 22:13 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-12-23 22:13 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-12-23 22:13 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-12-23 22:13 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-12-23 22:13 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-12-23 22:13 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-12-23 22:13 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-12-23 22:13 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-12-23 22:13 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-12-23 22:13 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-12-23 22:13 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-12-23 22:13 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-12-23 22:13 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-12-23 22:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-12-23 22:13 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-12-23 20:56 - 2023-10-26 18:57 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2023-12-23 13:30 - 2023-08-12 03:14 - 000000000 ____D C:\Users\PC\AppData\Roaming\DeepL_SE
2023-12-23 13:15 - 2023-05-29 18:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-12-23 12:52 - 2022-03-25 07:28 - 000000000 ____D C:\Program Files\Microsoft Office
2023-12-23 12:47 - 2023-07-16 13:09 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Teams
2023-12-22 11:39 - 2023-05-03 10:02 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Word
2023-12-22 09:11 - 2023-05-29 18:06 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-12-22 07:19 - 2023-10-26 18:27 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-12-22 01:31 - 2022-03-24 14:40 - 000000000 ____D C:\Users\PC\AppData\Local\PlaceholderTileLogoFolder
2023-12-19 18:07 - 2022-03-24 14:45 - 000000000 ____D C:\ProgramData\HP
2023-12-14 22:32 - 2022-03-24 14:32 - 000002386 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-12-13 00:04 - 2023-06-08 16:09 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Excel
2023-12-12 23:59 - 2023-07-06 03:37 - 000000000 ____D C:\Users\PC\Documents\Persönliches
2023-12-11 03:29 - 2023-08-20 11:35 - 000000000 ____D C:\Program Files\Windscribe
2023-12-08 17:06 - 2023-07-06 02:52 - 000000000 ____D C:\Users\PC\Documents\00_Bolivien
2023-12-08 16:55 - 2023-07-06 03:39 - 000000000 ____D C:\Users\PC\Documents\Reisen
2023-12-08 01:38 - 2022-03-24 14:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-06 19:07 - 2023-07-06 04:00 - 000000000 ____D C:\Users\PC\Documents\Zoom
2023-12-05 16:30 - 2023-07-17 17:56 - 000000000 ____D C:\Users\PC\AppData\Roaming\Zoom
2023-12-05 15:01 - 2023-07-06 03:16 - 000000000 ____D C:\Users\PC\Documents\Citavi 6
2023-12-04 20:27 - 2023-07-06 02:52 - 000800844 _____ C:\Users\PC\Documents\01_Tagesplan2_2.xlsx
2023-12-04 17:05 - 2023-07-06 02:53 - 000000000 ____D C:\Users\PC\Documents\00_Jonael
2023-12-02 14:17 - 2022-03-24 14:32 - 000000000 ___RD C:\Users\PC\OneDrive
2023-12-01 12:11 - 2022-03-24 14:29 - 000000000 ____D C:\Users\PC\AppData\Local\ConnectedDevicesPlatform
2023-12-01 11:40 - 2022-03-24 14:36 - 000000000 ____D C:\Users\PC\AppData\Local\Comms
2023-12-01 11:33 - 2023-07-16 13:10 - 000002383 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams (work or school).lnk
2023-11-24 20:39 - 2023-10-26 17:58 - 000000000 ____D C:\ProgramData\WinZip
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-12-2023
durchgeführt von PC (24-12-2023 17:12:11)
Gestartet von C:\Users\PC\Downloads
Microsoft Windows 11 Pro Version 23H2 22631.2861 (X64) (2023-12-23 21:50:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-350317605-4065228070-467651021-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-350317605-4065228070-467651021-503 - Limited - Disabled)
Gast (S-1-5-21-350317605-4065228070-467651021-501 - Limited - Disabled)
PC (S-1-5-21-350317605-4065228070-467651021-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-350317605-4065228070-467651021-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.006.20380 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.07061 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{11E16B39-0FA6-4DF0-9736-73BB638C9924}) (Version: 4.10.07061 - Cisco Systems, Inc.) Hidden
Citavi 6 (HKLM-x32\...\{6A331045-8FF4-4BC9-9C56-E593ACAE28C2}) (Version: 6.17.0.0 - Swiss Academic Software)
CopyTrans HEIC for Windows (HKLM\...\CopyTrans HEIC for Windows_is1) (Version: 2.0.0.0 - Ursa Minor Ltd)
Documentos (HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\cd93b26705c340f11fb89a1272d1a9a3) (Version: 1.0 - Google\Chrome)
Foxit PDF Reader (HKLM-x32\...\{58919E0A-3B2E-11EE-AA33-54BF64A63C26}) (Version: 2023.2.0.21408 - Foxit Software Inc.)
Gmail (HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\1182e88030ca76f34631fe25fe5c9c71) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.129 - Google LLC)
Google Drive (HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\c4818ee695088edade03b0e7dd0e4c59) (Version: 1.0 - Google\Chrome)
Hojas de cálculo (HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\b2a229ee517bba9f648c7093450bc695) (Version: 1.0 - Google\Chrome)
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version: 7.3.3 - CEWE Stiftung u Co. KGaA)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.91 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.91 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\Teams) (Version: 1.6.00.29964 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 121.0 (x64 en-US)) (Version: 121.0 - Mozilla)
Mozilla Thunderbird (x64 en-US) (HKLM\...\Mozilla Thunderbird 115.6.0 (x64 en-US)) (Version: 115.6.0 - Mozilla)
Presentaciones (HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\4f8b446637346f455e3e12bcc497a8a6) (Version: 1.0 - Google\Chrome)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.59.0 - Samsung Electronics Co., Ltd.)
Signal 6.40.0 (HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.40.0 - Signal Messenger, LLC)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.23081.1 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.23081.1 - Samsung Electronics Co., Ltd.)
VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Windows*11-Installationsassistent (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.3630 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{4254C1AD-B9B0-4020-A4B1-D8B61D12142A}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Windscribe (HKLM\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 2.6.14 - Windscribe Limited)
YouTube (HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\5871af6285f0460949db70ad593d5a4e) (Version: 1.0 - Google\Chrome)
Zoom (HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\ZoomUMX) (Version: 5.16.2 (22807) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2023-11-15] ()
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m [2023-06-07] (Advanced Micro Devices Inc.) [Startup Task]
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.800.344.0_x64__8wekyb3d8bbwe [2023-12-23] (Microsoft Corporation)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.36.274.0_x64__v10z8vjag6ke6 [2023-12-12] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-14] (HP Inc.)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-12-23] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-12-23] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0 [2023-12-23] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-12-23] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-350317605-4065228070-467651021-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-350317605-4065228070-467651021-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\PC\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-350317605-4065228070-467651021-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23270.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-350317605-4065228070-467651021-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-350317605-4065228070-467651021-1001_Classes\CLSID\{8ecb5a87-c13f-46fe-abd1-b59015f99cda}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-350317605-4065228070-467651021-1001_Classes\CLSID\{9EADBD1A-447B-4240-A9DD-73FE7C53A981}\InprocServer32 -> C:\Program Files\Microsoft Office\Root\Office16\OUTLMIME.DLL => Keine Datei
CustomCLSID: HKU\S-1-5-21-350317605-4065228070-467651021-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> "C:\Users\PC\AppData\Local\0install.net\implementations\sha256new_7ATQFYMYISD5LU42STURHNI33TRSMJBHVQPLEAO3EX4R5WPI6GTQ\DeepL.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-350317605-4065228070-467651021-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\PC\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-02-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Documentos.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Hojas de cálculo.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Presentaciones.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:/Program Files (x86)/Internet Explorer/Citavi Picker/x64/SwissAcademic.Citavi.IEPicker.DLL => Keine Datei
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:/Program Files (x86)/Internet Explorer/Citavi Picker/SwissAcademic.Citavi.IEPicker.DLL => Keine Datei
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-350317605-4065228070-467651021-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\StartupApproved\StartupFolder: => "DeepL auto-start.lnk"
HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B47356396DDD0FAAE76D0ED141F5CEA2"
HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-350317605-4065228070-467651021-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{24EA14FA-2DDC-47AE-94BC-29764B2C259E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5671674A-6FAA-4DFD-A7E1-D2BB35C456F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{48C6AB88-C2C2-411B-B744-39E181C6487C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{706C9566-8991-485F-82CF-FE4C2F69F555}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F9E4A73D-A951-4F80-A195-A6F308AF3B18}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A16F272C-2238-4172-BE66-21B15AAFE328}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7B46B1EE-83D1-48E9-AE8A-2CA3876EA890}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D165DC86-BB3E-415F-A62B-FCA927B800B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{54F23557-9BF0-45C8-8D25-60DBD40BF0D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8A661D53-4B99-4A13-8BFF-C7ED02EF78BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1AC6E210-EFC1-4E8B-84CC-00A58FDBFC9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{35E973FB-BC73-4C9F-B9EE-85123F19F69A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A9C91ABD-6D66-4DA7-802E-D7EF8F5D5824}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9AE1A530-1042-45EE-BBA3-1C802907BCA3}] => (Allow) C:\Users\PC\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8679C26C-D57E-4261-86FB-E25673C0AEFB}] => (Allow) C:\Users\PC\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1B2A0465-6751-4280-A57C-0A11951DF803}] => (Allow) C:\Users\PC\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{AC0FD30C-9034-41C9-9035-7720ED66496C}C:\users\pc\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pc\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{731A0CF2-4227-449A-907B-1AE1E34D3491}C:\users\pc\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pc\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A38E7B1D-E497-4041-BAE7-BC284F357A6C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3B2C740D-1673-4D10-9AD0-821BB4E09CB0}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{701E34F4-DBA0-4AA8-993C-5853AB3B0CD6}] => (Allow) LPort=50053
FirewallRules: [{403B010D-A8DA-4539-97FC-69037DCE83B7}] => (Allow) LPort=50053
FirewallRules: [{FE39E837-EE3F-4BE3-96E0-1A2AF8286F43}] => (Allow) LPort=53016
FirewallRules: [{641838E5-DDBA-470E-B098-40DF73BF99F6}] => (Allow) LPort=53015
FirewallRules: [{7AF2B0E9-C393-4CF4-8F0D-8A8AC98F3A75}] => (Allow) LPort=53014
FirewallRules: [{2F176E02-91A1-41A5-8897-BAEB46514C52}] => (Allow) LPort=43013
FirewallRules: [{FC01329F-5AD7-45AA-9666-5C84EC86FD50}] => (Allow) LPort=43012
FirewallRules: [{2D7E5E24-258B-489D-85C8-E3C3BACBBA57}] => (Allow) LPort=33011
FirewallRules: [{31C88A57-EB31-4104-9AA5-802620102EC2}] => (Allow) LPort=33010
FirewallRules: [{B1399091-09DD-4050-83EC-6E079A33B0A5}] => (Allow) LPort=33009
FirewallRules: [{8C70F163-E381-4DBC-8E2B-9BF5F0AB013D}] => (Allow) LPort=23008
FirewallRules: [{DBCDC1B9-9846-4A99-A6C9-C3B83BB70D21}] => (Allow) LPort=23007
FirewallRules: [{A848EF6B-8296-4CE8-8038-FDEAAC9632D1}] => (Allow) LPort=53016
FirewallRules: [{4178BF93-B5EA-41C2-81B7-DB6752C1A505}] => (Allow) LPort=53015
FirewallRules: [{681AFCD9-FE99-4958-BAA5-B30E1C7A3A61}] => (Allow) LPort=53014
FirewallRules: [{D1E849D9-AA20-42EF-8397-3F26A6EF1FB6}] => (Allow) LPort=43013
FirewallRules: [{A502D5C6-DE43-4E5E-B792-A39161B82F79}] => (Allow) LPort=43012
FirewallRules: [{010B1A40-8C22-4E2A-A52F-B9DE87A7B6EA}] => (Allow) LPort=33011
FirewallRules: [{A938CCE6-621E-4BB8-A9B0-6DB7BA22FDD4}] => (Allow) LPort=33010
FirewallRules: [{53A39332-16D6-4F2C-B4D1-61FF6F773E6E}] => (Allow) LPort=33009
FirewallRules: [{85811004-8D59-434C-949E-E468E7A24161}] => (Allow) LPort=23008
FirewallRules: [{F966E350-48E4-4163-AAF8-4C15FBAB93AB}] => (Allow) LPort=23007
FirewallRules: [{519F97DB-4861-491A-82CB-BD4F1AFB0FDB}] => (Allow) LPort=57218
FirewallRules: [{C71F71A1-2321-4DB0-B06A-105E3DF5B367}] => (Allow) LPort=57217
FirewallRules: [{E49C6559-EDFC-40CF-A138-C7D3BE479D22}] => (Allow) LPort=57216
FirewallRules: [{47CA2657-2D31-4552-B507-1C260F6A86B0}] => (Allow) LPort=57215
FirewallRules: [{768E49AC-47CE-40AD-8FFD-38B677F4E2F5}] => (Allow) LPort=57214
FirewallRules: [{ACAAECB1-DB21-49B1-8AC2-B5332BE84794}] => (Allow) LPort=57213
FirewallRules: [{1E219F24-6D5B-4903-A38D-F3BC80917DB9}] => (Allow) LPort=57212
FirewallRules: [{0F397F98-5C8F-4863-842A-BD05C92F4B0E}] => (Allow) LPort=57211
FirewallRules: [{16D8C32D-D439-4334-B624-FB5264D74EB1}] => (Allow) LPort=57210
FirewallRules: [{50723289-0A46-4E59-A07E-8761218C127A}] => (Allow) LPort=57209
FirewallRules: [{4B4FB4BD-9582-4265-8517-D5D5CF4D764B}] => (Allow) LPort=57218
FirewallRules: [{17D7255C-4335-4467-B836-B2ECE5381C95}] => (Allow) LPort=57217
FirewallRules: [{27C9F9C8-A51D-47CD-A75B-341B93D3876F}] => (Allow) LPort=57216
FirewallRules: [{5C2F4B64-C456-4AEC-9387-88DE0E4F415F}] => (Allow) LPort=57215
FirewallRules: [{587DC5B0-8492-4025-B0C1-45D83A372A8A}] => (Allow) LPort=57214
FirewallRules: [{F0780A09-55FD-46FC-8193-34F5D2ADBEB3}] => (Allow) LPort=57213
FirewallRules: [{FF862496-5DB2-4DBD-9CF6-A65BFE5CF0DD}] => (Allow) LPort=57212
FirewallRules: [{1DB45496-CFCD-4A4F-940A-A501AF296217}] => (Allow) LPort=57211
FirewallRules: [{99051D13-8DEA-4940-A5AB-5EE5A6759D87}] => (Allow) LPort=57210
FirewallRules: [{084959AD-9BC2-4622-8AC8-5472F70C514A}] => (Allow) LPort=57209
FirewallRules: [{7C157381-8488-475C-9E40-93C0ACAF8CCB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4D01583C-F9BE-4AB0-8AB6-4278CCFF2353}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CF27204E-3518-484B-B107-D421C5BFCCC4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.91\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2FC10305-ECD4-40BD-B9BC-A50A7988E303}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{45C7E7DF-D90C-4761-8131-28E894459A37}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFB1140E-7DE1-46A3-BEFE-15FABB054579}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{001D6F80-B70E-4E6D-8CB8-13CC6CDA9526}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1FFBAF21-9EAA-45FE-8A83-32B7D57E28DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5C184FB2-665F-4A55-A7C4-0FEAF198B6CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F65E750E-7E58-43A4-B65A-A7B8A84A41EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AFDAE51D-FC01-42D3-B1B3-2C28791B0D53}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5745784A-56F3-43E8-B897-23A01838A976}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A126C410-0148-40F3-97BF-9E4D56807590}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{842DD470-5012-4292-89EA-7A35369F13F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5DE56330-44B7-43C6-BD1F-0A7A6202A3C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Wiederherstellungspunkte =========================
23-12-2023 23:01:15 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (12/23/2023 11:14:15 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (12/23/2023 11:14:15 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (12/23/2023 11:14:15 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (12/23/2023 11:14:15 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (12/23/2023 10:50:44 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "mapi16://{S-1-5-21-350317605-4065228070-467651021-1001}/">.
Error: (12/23/2023 10:50:44 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80004005, "file:///C:\[66bb18a2-5868-43af-ac0f-ae82e29e7e0e]\Users\">.
Error: (12/23/2023 10:50:44 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80004005, "file:///C:\[66bb18a2-5868-43af-ac0f-ae82e29e7e0e]\ProgramData\Microsoft\Windows\Start Menu\">.
Error: (12/23/2023 10:48:42 PM) (Source: Application Error) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Name der fehlerhaften Anwendung: SECOMN64.exe, Version: 2.0.10.58, Zeitstempel: 0x620de6b5
Name des fehlerhaften Moduls: SECOMN64.dll, Version: 2.0.10.58, Zeitstempel: 0x620de6ae
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000000f0591
ID des fehlerhaften Prozesses: 0x0x1198
Startzeit der fehlerhaften Anwendung: 0x0x1da35e932910df5
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\SECOMN64.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\SECOMN64.dll
Berichtskennung: 664576f9-fa5c-496a-9e8e-48048b85cc6d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (12/23/2023 11:16:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200b fehlgeschlagen: Realtek Semiconductor Corp. - Extension - 6.0.9570.1
Error: (12/23/2023 11:16:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200b fehlgeschlagen: Realtek Semiconductor Corp. - Extension - 6.0.9570.1
Error: (12/23/2023 11:08:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200b fehlgeschlagen: Realtek - AudioProcessingObject - 13.198.1117.186
Error: (12/23/2023 11:08:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200b fehlgeschlagen: Realtek Semiconductor Corp. - Extension - 6.0.9570.1
Error: (12/23/2023 10:49:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Sound Research SECOMN Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/23/2023 10:44:34 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Druckererweiterungen und -benachrichtigungen" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
==================== Speicherinformationen ===========================
BIOS: Insyde F.32 08/02/2022
Hauptplatine: HP 890E
Prozessor: AMD Ryzen 5 5500U with Radeon Graphics
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 15680 MB
Verfügbarer physikalischer RAM: 8065.76 MB
Summe virtueller Speicher: 38559.37 MB
Verfügbarer virtueller Speicher: 29495.43 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:475.89 GB) (Free:66.55 GB) (Model: SSD_M.2_512GB_InnovationIT_QLC) NTFS
\\?\Volume{5bdce1ca-c652-455b-8fbf-d2096c831322}\ () (Fixed) (Total:0.83 GB) (Free:0.08 GB) NTFS
\\?\Volume{d32e5aa6-d023-46c6-a7b0-1a164c5410e3}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: D4572D45)
Partition: GPT.
==================== Ende von Addition.txt =======================
Geändert von kar_y_na (24.12.2023 um 17:41 Uhr) |
| Themen zu Microsoft Edge öffnet nachts eigenständig Websites |
| avira, browser, edge browser, edge öffnet fenster ungewollt, entfernen, firefox, frage, google, homepage, installation, internet, internet explorer, mozilla, netzwerk, prozesse, realtek, registry, scan, schutz, security, services.exe, software, suchmaschine, svchost.exe, udp, usb, windows |
Baum-Darstellung