Trojan:Script/Wacatac.B!ml Windows 11 Windows Defender schlägt Alarm

M-K-D-B · 02.01.2024, 17:04

Vielen Dank für die Logatei.

Hast du den Defender vor dem Fix wie erwähnt deaktiiert gehabt und nach dem Fix wieder aktiviert?

Meldet der Defender immer noch die gleiche Meldung oder ist das jetzt behoben?

Gamerixx91 · 02.01.2024, 17:13

Zitat:

Zitat von M-K-D-B

Vielen Dank für die Logatei.

Hast du den Defender vor dem Fix wie erwähnt deaktiiert gehabt und nach dem Fix wieder aktiviert?

Meldet der Defender immer noch die gleiche Meldung oder ist das jetzt behoben?

Hi ich hatte den Defender aus aber das Malware war immer noch an.. Soll ich dies ausschalten und dann es nochmal ausführen ?

Ich habe heute das Programm FRST erneut laufen lassen und habe leider dieselben Sachen erneut im Defender gefunden... Aber vlt ist dies auch nur eine alte Logdatei und der eigentliche Trojaner ist garnicht (mehr) da ?!

Liebe Grüße

M-K-D-B · 02.01.2024, 17:42

Starte bitte den Rechner neu.

Führe FRST wie folgt aus und poste diese (ganz) neuen Logdateien.

Schritt 1

Starte FRST erneut und klicke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gamerixx91 · 02.01.2024, 18:07

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2024
durchgeführt von Chris (Administrator) auf MININT-87Q8JIO (Micro-Star International Co., Ltd. MS-7D32) (02-01-2024 18:02:30)
Gestartet von C:\Users\Chris\Downloads\FRST64.exe
Geladene Profile: Chris
Plattform: Microsoft Windows 11 Home Version 23H2 22631.2861 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.29.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Corsair\Corsair iCUE5 Software\crashpad_handler.exe
(C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServer.exe
(C:\Program Files\Elgato\WaveLink\WaveLink.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\WaveLink\crashpad_handler.exe
(C:\Program Files\Elgato\WaveLink\WaveLink.exe ->) (Corsair Memory, Inc. -> Elgato Systems) C:\Program Files\Elgato\WaveLink\AudioRoutingHelper.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NvVirtualCamera\NVIDIA Broadcast.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Microsoft Corporation) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe <2>
(explorer.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe
(explorer.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\WaveLink\WaveLinkSE.exe
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc) C:\Program Files\Elgato\WaveLink\WaveLink.exe
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Elgato\ControlCenter\ControlCenter.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CueLLAccessService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e913f9cc84fc282c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (KYOCERA Document Solutions Inc.) [Datei ist nicht signiert] C:\Program Files\KDService\bin\KDService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe <2>
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_677da8a9230cea15\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> wondershare) C:\ProgramData\Wondershare\wsServices\WsidService.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.2567_none_e93fb1d442e4b410\TiWorker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI\MSI Center\LAN Manager\MSI_LAN_Manager_Tool.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Speed Up\StorageMonitor.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\True Color\New\MSI.True Color.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Control Center] => C:\Program Files\Elgato\ControlCenter\ControlCenter.exe [1678376 2023-10-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Run: [Stream Deck] => C:\Program Files\Elgato\StreamDeck\StreamDeck.exe [16501328 2023-10-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Run: [Corsair iCUE5 Software] => C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE Launcher.exe [184872 2023-12-08] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [543736 2023-11-21] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3572488 2023-12-08] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37157328 2023-12-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-11-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [Discord] => C:\Users\Chris\AppData\Local\Discord\Update.exe [1525016 2023-04-26] (Discord Inc. -> GitHub)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [CiscoSpark] => C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [1508 2023-08-08] () [Datei ist nicht signiert]
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [CiscoMeetingDaemon] => C:\Users\Chris\AppData\Local\WebEx\WebexHost.exe [8039008 2023-04-10] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [MicrosoftEdgeAutoLaunch_D3FEFEF9604A334C07E903E221AE7560] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [Camera Hub] => C:\Program Files\Elgato\CameraHub\Camera Hub.exe [34906152 2023-10-16] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [WaveLinkSE] => C:\Program Files\Elgato\WaveLink\WaveLinkSE.exe [281128 2023-09-04] (Corsair Memory, Inc. -> )
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [Volume Controller SD plugin] => C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe [108072 2023-09-18] (Corsair Memory, Inc. -> )
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [Wave Link] => C:\Program Files\Elgato\WaveLink\WaveLink.exe [13369896 2023-09-04] (Corsair Memory, Inc. -> Corsair Memory, Inc)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [Camera Hub] => C:\Program Files\Elgato\CameraHub\Camera Hub.exe [34906152 2023-10-16] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKU\S-1-5-18\...\Run: [RazerAxon] => C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.exe [452904 2023-12-15] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3572488 2023-12-08] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\KX Language Monitor: C:\windows\system32\KXPLM64.DLL [113608 2022-10-03] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.130\Installer\chrmstp.exe [2024-01-01] (Google LLC -> Google LLC)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {67254D86-1204-4389-9CA5-664B6C7140AB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {848A78FA-82F9-4E45-8515-86052EE619BE} - System32\Tasks\Apple Diagnostics => C:\Users\Chris\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2024-01-01] () [symlink -> ]
Task: {E32A9877-664A-4BB3-9207-A3760580C881} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {52AAD740-E2EC-4FF0-81C1-CDFED1BB157E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "6444d7da-b690-4733-ada9-89c63a452aa9" --version "6.19.10858" --silent
Task: {4EA2237F-0F0B-45C9-BF19-7F925B1DA77D} - System32\Tasks\CCleanerSkipUAC - Chris => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D1EE1113-6459-47F1-841B-99F7231089EE} - System32\Tasks\GoogleUpdateTaskMachineCore{AB3514BE-D509-4015-AE58-F62A27866C49} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-25] (Google LLC -> Google LLC)
Task: {C18D5A99-9F13-44EE-B705-6D6B20EBAF86} - System32\Tasks\GoogleUpdateTaskMachineUA{ACAC3B77-7782-4807-B667-76D19CF2E1D3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-25] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {A4B2549F-861A-41B7-96E4-3ADA626E952C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-12-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {FFCE2D4C-E548-4717-A838-BC84B276300B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {97CF77E8-4AC5-427F-BFDF-6E0BE1090940} - System32\Tasks\MSI Task Host - FixNorton.exe => C:\Program Files (x86)\MSI\MSI Center\PushCast\Push20221215131801\FixNorton.exe  (Keine Datei)
Task: {432D1D33-C667-4DEB-8C62-9122A8DE9B23} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2463840 2023-04-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {21DF6971-F9AE-4D96-8401-885EAFB489C3} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe [11015736 2023-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D4EFC33-36B3-4EB7-8D6C-FB54434D15C9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F445CB08-9D01-485D-B18E-73FD9126FF58} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D71A875D-0D25-417D-A4FF-228653C060E3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FAB2A398-5A46-4548-9CC2-B78E3F34B9CB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C959BE6C-1AE2-4620-A10D-49CECED13CFF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B8EE8FD4-1049-484C-AAAB-3B4A86CB98F8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AB1389BC-89A7-4D53-A8ED-F1192297B392} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E0E4959-70AF-4F3E-A375-B6AAF8C7F18E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {41A6449C-4510-4A4E-85B0-6F5EB0D86DDD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6B03316E-B3CD-47B4-8ED3-3436472B41C1} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [543736 2023-11-21] (Razer USA Ltd. -> Razer Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{5c2bf3ff-b8e3-4799-9a41-ef00191f93a7}: [DhcpNameServer] 10.9.7.254
Tcpip\..\Interfaces\{757e4895-4b84-4dfc-ae3c-b1f215ded9ed}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{757e4895-4b84-4dfc-ae3c-b1f215ded9ed}: [DhcpDomain] speedport.ip
Tcpip\..\Interfaces\{757e4895-4b84-4dfc-ae3c-b1f215ded9ed}\54C6761647F602B4569702C4967686470273647383: [DhcpNameServer] 192.168.62.1
Tcpip\..\Interfaces\{757e4895-4b84-4dfc-ae3c-b1f215ded9ed}\960586F6E6560267F6E6023486279637: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{757e4895-4b84-4dfc-ae3c-b1f215ded9ed}\D4167656E6471675C414E4: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{757e4895-4b84-4dfc-ae3c-b1f215ded9ed}\D4167656E6471675C414E4: [DhcpDomain] speedport.ip
Tcpip\..\Interfaces\{92bcb369-be09-4340-8d58-2cb2db4690c3}: [DhcpNameServer] 162.252.172.57 149.154.159.92

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Chris\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-01]
Edge Extension: (Google Docs Offline) - C:\Users\Chris\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
Edge Extension: (Bitcleaner Surfguard) - C:\Users\Chris\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gidnhakgfijhghmilgiiffidakihnbnb [2023-12-02]
Edge Extension: (Edge relevant text changes) - C:\Users\Chris\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-15]
Edge HKU\S-1-5-21-818666927-3340188741-3001556913-1003\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [gidnhakgfijhghmilgiiffidakihnbnb]

FireFox:
========
FF DefaultProfile: cfjoio9m.default
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\cfjoio9m.default [2024-01-01]
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\icis11z4.default-release [2024-01-02]
FF Homepage: Mozilla\Firefox\Profiles\icis11z4.default-release -> www.google.de
FF Extension: (Ecko Graffiti) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\icis11z4.default-release\Extensions\{01c0fd5a-3222-4f0c-b0c7-24cf73ec272a}.xpi [2023-02-25]
FF Extension: (Mark Ecko) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\icis11z4.default-release\Extensions\{03aa1ab1-7785-43d2-88ff-19c69c6fe9c1}.xpi [2023-02-25]
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default [2024-01-01]
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-25]
CHR Extension: (Marc Ecko) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2023-02-25]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-12-03] (BattlEye Innovations e.K. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 CorsairCpuIdService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe [240168 2023-12-08] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 CorsairDeviceListerService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe [151080 2023-12-08] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\Corsair iCUE5 Software\CueLLAccessService.exe [252456 2023-12-08] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe [84008 2023-12-08] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [588712 2023-11-21] (Razer USA Ltd. -> Razer Inc.)
R2 DFWSIDService; C:\ProgramData\Wondershare\wsServices\WsidService.exe [3950832 2023-07-26] (Wondershare Technology Group Co.,Ltd -> wondershare)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2022-09-23] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-12-02] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
R3 iCUEUpdateService; C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe [366120 2023-12-08] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 KDService; C:\Program Files\KDService\bin\KDService.exe [499200 2022-07-28] (KYOCERA Document Solutions Inc.) [Datei ist nicht signiert]
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9405400 2024-01-01] (Malwarebytes Inc. -> Malwarebytes)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150840 2021-06-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150840 2021-06-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe [140528 2022-05-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe [37104 2022-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_677da8a9230cea15\Display.NvContainer\NVDisplay.Container.exe [1275544 2023-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2165168 2023-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [305072 2023-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [362760 2023-06-14] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [297736 2023-12-07] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2023-11-09] (Razer USA Ltd. -> Razer Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 atvi-randgrid; C:\ProgramData\Battle.net_components\randgridauks\randgrid.sys [2786712 2023-09-28] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63008 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess8F050F5E415C1A5882EB9FF7CE2BC59B7BE3A953; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairLLAccess64.sys [23632 2023-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44576 2024-01-02] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R3 e2fexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2f.inf_amd64_0f2d4ef9c63375f3\e2f.sys [527000 2022-09-19] (Intel Corporation -> Intel Corporation)
S3 ElgatoUsbAudio; C:\WINDOWS\System32\drivers\ElgatoUsbAudio.sys [428584 2023-07-06] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ElgatoUsbAudioks; C:\WINDOWS\System32\drivers\ElgatoUsbAudioks.sys [55336 2023-07-06] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ElgatoUsbAudio_mixer; C:\WINDOWS\System32\drivers\ElgatoUsbAudio_mixer.sys [46632 2023-07-06] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ElgatoVirtualCamera; C:\WINDOWS\System32\drivers\ElgatoVirtualCamera.sys [14380560 2022-08-16] (WDKTestCert Elgato,132863164269755022 -> Windows (R) Win 7 DDK provider)
R3 ElgatoVirtUsbAudioEmu; C:\WINDOWS\System32\drivers\ElgatoVirtUsbAudioEmu.sys [97352 2023-06-23] (Microsoft Windows Hardware Compatibility Publisher -> ToriLogic GmbH & Co. KG)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [140928 2022-09-27] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88784 2022-08-10] (Intel Corporation -> Intel Corporation)
S3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [26168 2021-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222784 2024-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-01] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [233704 2024-01-02] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-01-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188008 2024-01-02] (Malwarebytes Inc. -> Malwarebytes)
R3 MpKsl0178eaa5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{346ADBA1-A979-4FE7-8D9D-692777D04744}\MpKslDrv.sys [263560 2024-01-02] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32424 2023-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\MSI Center\Super Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NTIOLib_FWUpdate; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\ResetMCU\JT1Toucher\NTIOLib_X64.sys [28496 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 RtkUsbAD_2342; C:\WINDOWS\System32\DriverStore\FileRepository\rtdusbad_msi.inf_amd64_2173f71dd3f208d8\RtUsbA64.sys [496440 2022-09-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RtkUsbAD_2347; C:\WINDOWS\System32\DriverStore\FileRepository\rtdusbad_msi.inf_amd64_4ef5c78c2dee4eab\RtUsbA64.sys [498016 2022-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_007e; C:\WINDOWS\System32\drivers\RzDev_007e.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0086; C:\WINDOWS\System32\drivers\RzDev_0086.sys [53288 2021-09-28] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0088; C:\WINDOWS\System32\drivers\RzDev_0088.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_024e; C:\WINDOWS\System32\drivers\RzDev_024e.sys [64664 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0c02; C:\WINDOWS\System32\drivers\RzDev_0c02.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-01-02 18:01 - 2024-01-02 18:01 - 000233704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-01-02 18:01 - 2024-01-02 18:01 - 000188008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-01-02 18:01 - 2024-01-02 18:01 - 000000000 ____D C:\Users\Chris\AppData\LocalLow\IGDump
2024-01-02 16:57 - 2024-01-02 16:57 - 000370958 _____ C:\Users\Chris\Downloads\Vertragsinformation vom 29.12.2023.pdf
2024-01-02 12:20 - 2024-01-02 12:20 - 000903580 _____ C:\WINDOWS\system32\perfh00C.dat
2024-01-02 12:20 - 2024-01-02 12:20 - 000887558 _____ C:\WINDOWS\system32\perfh010.dat
2024-01-02 12:20 - 2024-01-02 12:20 - 000869672 _____ C:\WINDOWS\system32\perfh007.dat
2024-01-02 12:20 - 2024-01-02 12:20 - 000197728 _____ C:\WINDOWS\system32\perfc00C.dat
2024-01-02 12:20 - 2024-01-02 12:20 - 000197670 _____ C:\WINDOWS\system32\perfc007.dat
2024-01-02 12:20 - 2024-01-02 12:20 - 000191022 _____ C:\WINDOWS\system32\perfc010.dat
2024-01-01 22:10 - 2024-01-01 22:10 - 002387456 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2024-01-01 22:10 - 2024-01-01 22:10 - 000000000 ____D C:\Users\Chris\Downloads\FRST-OlderVersion
2024-01-01 20:04 - 2024-01-01 20:08 - 000025009 _____ C:\Users\Chris\Downloads\Fixlog.txt
2024-01-01 10:22 - 2024-01-01 10:22 - 000157950 _____ C:\Users\Chris\OneDrive\Desktop\Addition.txt
2024-01-01 10:10 - 2024-01-02 18:02 - 000040884 _____ C:\Users\Chris\Downloads\FRST.txt
2024-01-01 10:10 - 2024-01-01 22:11 - 000042943 _____ C:\Users\Chris\Downloads\Addition.txt
2024-01-01 10:06 - 2024-01-01 10:22 - 000058193 _____ C:\Users\Chris\OneDrive\Desktop\Addition.pdf.txt
2024-01-01 10:05 - 2024-01-02 18:02 - 000000000 ____D C:\FRST
2024-01-01 10:05 - 2024-01-01 10:08 - 000066231 _____ C:\Users\Chris\OneDrive\Desktop\FRST.txt
2024-01-01 09:53 - 2024-01-01 09:53 - 002606880 _____ (Malwarebytes) C:\Users\Chris\Downloads\MBSetup.exe
2024-01-01 09:21 - 2024-01-01 09:21 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2024-01-01 09:06 - 2024-01-01 09:06 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-01-01 08:46 - 2024-01-01 09:06 - 001015776 _____ C:\WINDOWS\ntbtlog.txt
2024-01-01 08:41 - 2024-01-02 18:02 - 000000000 ____D C:\Users\Chris\AppData\Local\Malwarebytes
2024-01-01 08:41 - 2024-01-01 09:54 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-01 08:41 - 2024-01-01 09:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-01 08:41 - 2024-01-01 09:53 - 000000000 ____D C:\Program Files\Malwarebytes
2024-01-01 08:13 - 2024-01-01 08:13 - 000000000 ___HD C:\$SysReset
2024-01-01 00:29 - 2024-01-01 00:29 - 000094048 _____ C:\ProgramData\agent.update.1704065343.bdinstall.v2.bin
2023-12-31 23:56 - 2023-12-31 23:56 - 000697352 _____ C:\ProgramData\cl.1704062596.bdinstall.v2.bin
2023-12-31 23:56 - 2023-12-31 23:56 - 000126564 _____ C:\ProgramData\cl.kit.1704062592.bdinstall.v2.bin
2023-12-31 23:55 - 2023-12-31 23:55 - 000000000 ____D C:\ProgramData\Gemma
2023-12-31 23:55 - 2023-12-31 23:55 - 000000000 ____D C:\ProgramData\Atc
2023-12-31 23:55 - 2023-12-31 23:55 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2023-12-31 23:53 - 2024-01-01 00:04 - 000000000 ____D C:\ProgramData\BDLogging
2023-12-31 23:53 - 2023-12-31 23:53 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Bitdefender Security App
2023-12-31 23:53 - 2023-12-31 23:53 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Bitdefender
2023-12-31 23:52 - 2023-12-31 23:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2023-12-31 23:52 - 2023-12-31 23:52 - 000000000 ____D C:\ProgramData\Bitdefender
2023-12-31 23:52 - 2023-12-31 23:52 - 000000000 ____D C:\Program Files\Bitdefender
2023-12-31 23:43 - 2024-01-01 00:29 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2023-12-31 23:41 - 2024-01-01 08:30 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-12-31 23:41 - 2023-12-31 23:41 - 000143396 _____ C:\ProgramData\agent.1704062480.bdinstall.v2.bin
2023-12-31 23:41 - 2023-12-31 23:41 - 000000000 ____D C:\Users\Chris\AppData\Local\Bitdefender
2023-12-31 23:41 - 2023-12-31 23:41 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2023-12-31 23:33 - 2023-12-31 23:33 - 000000000 ____D C:\Users\Chris\AppData\Local\mbam
2023-12-31 23:26 - 2024-01-01 08:30 - 000000000 ____D C:\Users\Public\Security Sessions
2023-12-31 23:26 - 2023-12-31 23:26 - 000000000 ____D C:\Users\Chris\AppData\Local\AviraWebView2Cache
2023-12-31 23:26 - 2023-12-31 23:26 - 000000000 ____D C:\Users\Chris\AppData\Local\Avira
2023-12-31 23:25 - 2023-12-31 23:53 - 000000000 ____D C:\Program Files (x86)\Avira
2023-12-31 20:42 - 2023-12-31 20:42 - 001121079 _____ C:\Users\Chris\Downloads\MAS3Tech - Kartenmanager V3.0.4.zip
2023-12-31 20:33 - 2023-12-31 20:33 - 000245934 _____ C:\Users\Chris\Downloads\MAS3Tech Update - V3.94.zip
2023-12-31 20:33 - 2023-12-31 20:33 - 000245934 _____ C:\Users\Chris\Downloads\MAS3Tech Update - V3.94(1).zip
2023-12-31 20:33 - 2023-12-31 20:33 - 000000000 ____D C:\Users\Chris\Downloads\MAS3Tech Update - V3.94(1)
2023-12-31 20:27 - 2023-12-31 20:29 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\Daten Aufsteller
2023-12-29 10:48 - 2023-12-29 10:48 - 000033713 _____ C:\Users\Chris\Downloads\DHL-Paketmarke_PAKX7L73RGA4_Jürgen_Mederer.pdf
2023-12-28 08:20 - 2023-12-28 08:20 - 000056571 _____ C:\Users\Chris\Downloads\MD100 Blau Stapler und Dispenser - V1.72.zip
2023-12-28 08:15 - 2023-12-28 08:15 - 005753874 _____ C:\Users\Chris\OneDrive\Desktop\Reinigungshandbuch.pdf
2023-12-28 08:10 - 2023-12-28 08:10 - 000185942 _____ C:\Users\Chris\Downloads\TAIKO_PUB-7_22410_ID062E_EUR2.zip
2023-12-28 08:05 - 2023-12-28 08:26 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\ADP
2023-12-27 10:51 - 2023-12-27 10:51 - 000345193 _____ C:\Users\Chris\Downloads\Rechnung.pdf
2023-12-27 09:42 - 2023-12-27 09:42 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\Blue Wave
2023-12-27 08:08 - 2023-12-27 08:09 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\MAS3 Tech
2023-12-21 09:10 - 2023-12-21 09:10 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\JCM Treiber & Updatesoftware
2023-12-21 09:10 - 2023-12-21 09:10 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\Datensätze & Anleitungen
2023-12-20 09:10 - 2023-12-20 09:12 - 000000000 ___HD C:\$WinREAgent
2023-12-20 07:32 - 2023-12-20 07:35 - 000000000 ____D C:\Users\Chris\AppData\Local\Ubisoft Game Launcher
2023-12-20 07:32 - 2023-12-20 07:32 - 000001319 _____ C:\Users\Chris\OneDrive\Desktop\Ubisoft Connect.lnk
2023-12-20 07:32 - 2023-12-20 07:32 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2023-12-20 07:32 - 2023-12-20 07:32 - 000000000 ____D C:\ProgramData\Ubisoft
2023-12-20 07:32 - 2023-12-20 07:32 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2023-12-20 07:31 - 2023-12-20 07:31 - 118907760 _____ (Ubisoft) C:\Users\Chris\Downloads\UplayInstaller.exe
2023-12-20 07:17 - 2023-12-20 08:44 - 000000128 _____ C:\Users\Chris\AppData\LocalLow\3d7f6f7ed00394a4ac7e10ee7d9a45187fc68fe053d1101fc641a9d25a241958
2023-12-20 07:17 - 2023-12-20 07:17 - 000000026 _____ C:\Users\Chris\AppData\LocalLow\ba30abc8253114aa716dcde816ea6aa550d157f09b7f95fe4ba912cf3598ac83
2023-12-20 07:15 - 2024-01-01 08:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-12-19 08:55 - 2023-12-19 08:55 - 000507304 _____ C:\Users\Chris\Downloads\Magdeburg_OFF2_07230520231218195359.pdf
2023-12-19 08:02 - 2024-01-02 12:14 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-12-19 08:02 - 2023-12-20 07:09 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-12-19 08:02 - 2023-12-19 08:02 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-12-19 07:59 - 2024-01-02 17:11 - 000000128 _____ C:\Users\Chris\AppData\LocalLow\1cb834c15bad7e4ca543a04fc7e033dc83d4c22034941b6cbac2dbe135d72669
2023-12-19 07:59 - 2023-12-19 07:59 - 000000026 _____ C:\Users\Chris\AppData\LocalLow\514f447cfc3db182b2511c170fbd8cb2c131c01322a7703c49bd849b32af8b52
2023-12-18 09:33 - 2023-12-18 09:33 - 000006498 _____ C:\Users\Chris\Downloads\Umsätze.xlsx
2023-12-18 09:33 - 2023-12-18 09:33 - 000000106 ____H C:\Users\Chris\Downloads\.~lock.Umsätze.xlsx#
2023-12-18 08:01 - 2023-12-18 08:01 - 000079081 _____ C:\Users\Chris\Downloads\ebay-label-8ffe7d49-7a02-410c-ac4f-36bedc52bac8.pdf
2023-12-18 08:00 - 2023-12-28 08:49 - 000000128 _____ C:\Users\Chris\AppData\LocalLow\e2ab92fb3990b0b88d9350e4e4abf3109cb5485acd2a79b4725a7d6bad6087f0
2023-12-18 08:00 - 2023-12-18 08:00 - 000002260 _____ C:\Users\Chris\AppData\LocalLow\b777d17da872ed57fdc8f4215421e12d9bc87791279c43e796a84be6b8384754
2023-12-18 08:00 - 2023-12-18 08:00 - 000000026 _____ C:\Users\Chris\AppData\LocalLow\ab095bfdfdcb74ef57c98233f598b26ef64c295450f5a802f43be94154d2092b
2023-12-18 07:47 - 2023-11-04 20:14 - 000606960 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2023-12-18 07:47 - 2023-11-04 20:14 - 000537328 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2023-12-18 07:47 - 2023-11-04 20:13 - 000979368 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2023-12-18 07:47 - 2023-11-04 20:13 - 000737984 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2023-12-18 07:47 - 2023-11-04 20:13 - 000622024 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2023-12-18 07:47 - 2023-11-04 20:13 - 000543064 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2023-12-18 07:47 - 2023-11-04 20:13 - 000480920 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2023-12-18 07:47 - 2023-11-04 20:11 - 000538296 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2023-12-18 07:47 - 2023-11-04 20:11 - 000486184 _____ C:\WINDOWS\system32\ze_loader.dll
2023-12-18 07:47 - 2023-11-04 20:11 - 000326840 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2023-12-18 07:47 - 2023-11-04 20:10 - 027984056 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2023-12-18 07:47 - 2023-11-04 20:10 - 020708136 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2023-12-18 07:47 - 2023-11-04 20:10 - 000306832 _____ C:\WINDOWS\system32\ControlLib.dll
2023-12-18 07:47 - 2023-11-04 20:10 - 000254416 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2023-12-18 07:35 - 2023-12-18 07:35 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-818666927-3340188741-3001556913-1003
2023-12-18 07:35 - 2023-12-18 07:35 - 000002447 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-12-08 17:08 - 2023-12-08 17:08 - 000097963 _____ C:\Users\Chris\Downloads\AvengersEndgame.zip
2023-12-08 17:08 - 2023-12-08 17:08 - 000000000 ____D C:\Users\Chris\Downloads\AvengersEndgame
2023-12-08 17:07 - 2023-12-08 17:07 - 000000000 ____D C:\Users\Chris\Downloads\CarinaNebula
2023-12-08 17:06 - 2023-12-08 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
2023-12-08 17:05 - 2023-12-08 17:05 - 000885992 _____ C:\Users\Chris\Downloads\CarinaNebula.zip
2023-12-07 21:04 - 2023-12-07 21:04 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-05 14:40 - 2023-12-05 14:40 - 000000000 ____D C:\Users\Chris\Downloads\InfernoStar-Facecam
2023-12-05 14:38 - 2023-12-05 14:38 - 069987505 _____ C:\Users\Chris\Downloads\InfernoStar-Facecam.zip
2023-12-05 14:31 - 2023-12-05 14:31 - 023971669 _____ C:\Users\Chris\Downloads\InfernoBar-Overlay.zip
2023-12-05 14:31 - 2023-12-05 14:31 - 000000000 ____D C:\Users\Chris\Downloads\InfernoBar-Overlay
2023-12-05 14:05 - 2023-12-05 14:05 - 000001949 _____ C:\Users\Chris\OneDrive\Desktop\StreamElements SE.Live.lnk
2023-12-05 14:04 - 2023-12-05 14:04 - 000740304 _____ C:\Users\Chris\Downloads\obs-streamelements-setup-latest(1).exe
2023-12-05 14:02 - 2023-12-05 14:02 - 000740304 _____ C:\Users\Chris\Downloads\obs-streamelements-setup-latest.exe
2023-12-05 13:44 - 2023-12-05 13:44 - 000010844 _____ C:\Users\Chris\Downloads\StreamElements.zip
2023-12-05 09:19 - 2023-12-05 09:19 - 000146117 _____ C:\Users\Chris\Downloads\MIFID_Kundeninformationsbroschuere_SSK_Magdeburg_ePostfach.PDF
2023-12-05 09:19 - 2023-12-05 09:19 - 000076998 _____ C:\Users\Chris\Downloads\Sonderbedingungen_zur_Online-Nutzung_von_DekaBank_Depots.PDF
2023-12-05 09:18 - 2023-12-05 09:18 - 000219990 _____ C:\Users\Chris\Downloads\Deka-FondsSparplan_Deka-Auszahlplan_Deka-Tauschplan.PDF
2023-12-05 09:18 - 2023-12-05 09:18 - 000075788 _____ C:\Users\Chris\Downloads\Depoteroeffnung_OSPlus_neo_stationaer.PDF
2023-12-05 09:18 - 2023-12-05 09:18 - 000073851 _____ C:\Users\Chris\Downloads\Deka_Aenderungsbestaetigung_fuer_Depot-Nr_0241548262-1.PDF
2023-12-05 09:18 - 2023-12-05 09:18 - 000072515 _____ C:\Users\Chris\Downloads\Deka_Eroeffnungsbestaetigung_fuer_Depot-Nr_0241548262.PDF
2023-12-05 09:18 - 2023-12-05 09:18 - 000069242 _____ C:\Users\Chris\Downloads\Freistellungsauftrag_DekaBank.PDF
2023-12-05 09:18 - 2023-12-05 09:18 - 000045989 _____ C:\Users\Chris\Downloads\Freistellungsauftrag_fuer_Kapitalertraege_Antrag_ab_2023.PDF
2023-12-05 09:11 - 2023-12-05 09:11 - 000170742 _____ C:\Users\Chris\Downloads\S_20231205_091126_Disporeduzierung.ZIP
2023-12-05 09:11 - 2023-12-05 09:11 - 000116768 _____ C:\Users\Chris\Downloads\Rahmenvertrag_zur_Einraeumung_eines_Dispositionskredites.PDF
2023-12-05 08:59 - 2023-12-05 08:59 - 001945360 _____ C:\Users\Chris\Downloads\PDF_UK_Postcodes-3.pdf
2023-12-05 08:58 - 2023-12-05 08:58 - 001945360 _____ C:\Users\Chris\Downloads\PDF_UK_Postcodes-2.pdf
2023-12-05 08:57 - 2023-12-05 08:57 - 001945360 _____ C:\Users\Chris\Downloads\PDF_UK_Postcodes-1.pdf
2023-12-05 08:45 - 2023-12-05 08:45 - 001945360 _____ C:\Users\Chris\Downloads\PDF_UK_Postcodes.pdf
2023-12-03 19:18 - 2023-12-03 19:18 - 000000000 ____D C:\Users\Chris\AppData\Local\BattlEye

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-01-02 18:03 - 2022-09-22 15:49 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-02 18:02 - 2023-01-02 16:21 - 000000000 ___RD C:\Users\Chris\iCloudDrive
2024-01-02 18:02 - 2023-01-02 16:20 - 000000000 ___RD C:\Users\Chris\iCloudPhotos
2024-01-02 18:02 - 2022-10-01 10:36 - 000003976 _____ C:\WINDOWS\system32\Tasks\RazerCortexScheduleClean
2024-01-02 18:02 - 2022-09-19 10:12 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-02 18:02 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-02 18:02 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-02 18:01 - 2023-11-03 09:13 - 000012288 ___SH C:\DumpStack.log.tmp
2024-01-02 18:01 - 2023-02-25 10:00 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-02 18:01 - 2022-10-01 10:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-02 18:01 - 2022-09-19 10:26 - 000000000 ____D C:\MSI
2024-01-02 17:13 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-01-02 16:51 - 2022-10-01 10:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-02 12:20 - 2022-10-01 10:42 - 004220674 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-02 12:20 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-01-02 07:46 - 2022-09-22 15:51 - 000000000 ____D C:\Program Files\CCleaner
2024-01-01 22:44 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-01-01 20:08 - 2023-03-15 09:13 - 000000000 ____D C:\Users\Chris\AppData\LocalLow\Temp
2024-01-01 19:51 - 2023-02-25 10:01 - 000002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-01 11:18 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-01 10:45 - 2022-09-22 15:39 - 000000000 ____D C:\Users\Chris\AppData\Local\D3DSCache
2024-01-01 10:44 - 2022-10-03 14:03 - 000000000 ____D C:\Users\Chris\AppData\Local\ElevatedDiagnostics
2024-01-01 09:20 - 2022-09-26 18:07 - 000000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2024-01-01 08:53 - 2022-10-04 06:56 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-01-01 08:41 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-01 08:39 - 2023-05-29 14:22 - 000000000 ____D C:\Users\Chris\AppData\Local\Discord
2024-01-01 08:35 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-01 08:35 - 2021-10-06 06:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-01 08:31 - 2022-10-01 09:46 - 000000000 ____D C:\Users\Chris
2024-01-01 08:31 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps.tmp
2024-01-01 08:30 - 2023-05-29 14:22 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-01-01 08:30 - 2023-05-29 14:22 - 000000000 ____D C:\Users\Chris\AppData\Roaming\discord
2024-01-01 08:30 - 2023-01-02 16:15 - 000000000 ____D C:\ProgramData\Apple Inc
2024-01-01 08:30 - 2022-10-14 07:03 - 000000000 ____D C:\Users\DefaultAppPool
2024-01-01 08:30 - 2022-09-22 15:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-01 08:30 - 2022-09-19 10:19 - 000000000 ____D C:\ProgramData\MSI
2024-01-01 08:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-01 08:21 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-01-01 08:21 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\registration
2023-12-31 23:56 - 2022-09-22 15:39 - 000000000 ____D C:\Users\Chris\AppData\Local\Packages
2023-12-31 23:56 - 2021-10-06 07:12 - 000000000 ____D C:\ProgramData\Packages
2023-12-29 12:29 - 2023-05-29 14:22 - 000002285 _____ C:\Users\Chris\OneDrive\Desktop\Discord.lnk
2023-12-21 07:31 - 2022-09-22 15:49 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-12-20 13:17 - 2022-10-01 10:32 - 000476864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-20 13:16 - 2023-09-29 15:32 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2023-12-20 13:16 - 2022-09-23 03:30 - 000000000 ____D C:\Program Files (x86)\Steam
2023-12-20 13:16 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-20 13:06 - 2022-10-27 13:22 - 000000000 ____D C:\Users\Chris\AppData\Local\Battle.net
2023-12-20 09:17 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-20 09:15 - 2022-10-01 10:37 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-12-20 07:28 - 2022-10-29 07:38 - 000000000 ____D C:\Program Files (x86)\Call of Duty
2023-12-18 08:05 - 2022-10-03 08:54 - 000000000 ____D C:\ProgramData\KDService
2023-12-18 07:47 - 2023-09-30 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Axon
2023-12-18 07:35 - 2022-10-01 10:36 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-818666927-3340188741-3001556913-1003
2023-12-10 17:38 - 2022-09-26 11:04 - 000000000 ____D C:\Users\Chris\AppData\Roaming\EasyAntiCheat
2023-12-08 19:01 - 2022-09-23 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2023-12-08 19:00 - 2022-09-23 02:59 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-07 21:04 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2023-12-07 16:30 - 2023-05-31 07:37 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\Bilder
2023-12-07 12:46 - 2023-02-25 10:00 - 000004002 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{ACAC3B77-7782-4807-B667-76D19CF2E1D3}
2023-12-07 12:46 - 2023-02-25 10:00 - 000003878 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{AB3514BE-D509-4015-AE58-F62A27866C49}
2023-12-06 16:10 - 2022-12-15 08:40 - 000000000 ____D C:\Users\Chris\AppData\Roaming\obs-studio
2023-12-06 14:16 - 2021-10-06 06:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-06 14:03 - 2023-12-02 12:51 - 000000000 ____D C:\Program Files\TeamViewer
2023-12-06 14:03 - 2023-05-04 10:18 - 000000000 ____D C:\Program Files\Streamlabs OBS
2023-12-05 14:05 - 2022-12-15 08:40 - 000000000 ____D C:\Program Files\obs-studio
2023-12-04 11:28 - 2023-11-14 11:07 - 000000016 _____ C:\Users\Chris\OneDrive\Dokumente\Singtitle.txt
2023-12-04 11:02 - 2022-09-23 03:31 - 000000000 ____D C:\Users\Chris\AppData\Local\Steam

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2022-12-18 08:46 - 2022-12-18 08:46 - 000000015 _____ () C:\Users\Chris\AppData\Roaming\obs-virtualcam.txt
2023-01-09 13:01 - 2023-01-09 13:01 - 000007605 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01.01.2024
durchgeführt von Chris (02-01-2024 18:03:22)
Gestartet von C:\Users\Chris\Downloads
Microsoft Windows 11 Home Version 23H2 22631.2861 (X64) (2022-10-01 09:36:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-818666927-3340188741-3001556913-500 - Administrator - Disabled)
Chris (S-1-5-21-818666927-3340188741-3001556913-1003 - Administrator - Enabled) => C:\Users\Chris
DefaultAccount (S-1-5-21-818666927-3340188741-3001556913-503 - Limited - Disabled)
Gast (S-1-5-21-818666927-3340188741-3001556913-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-818666927-3340188741-3001556913-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FF00-7760-BC15014EA700}) (Version: 23.006.20380 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 6.19 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1651.5 - Piriform Software) Hidden
Chatterino 2.4.6 (HKLM\...\{F5FE6614-04D4-4D32-8600-0ABA0AC113A4}_is1) (Version: 2.4.6 - Chatterino Team)
Cisco Webex Meetings (HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\ActiveTouchMeetingClient) (Version: 43.2.5 - Cisco Webex LLC)
Corsair iCUE5 Software (HKLM\...\{A9B0B2D7-8C59-4413-A2FB-99EDBE65A608}) (Version: 5.9.105 - Corsair)
Dynamic Application Loader Host Interface Service (HKLM\...\{439E5170-CFC8-4944-8119-746ECF219399}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Elgato Camera Hub (HKLM\...\{31479BE1-E815-4723-A5C8-56231A86FF1E}) (Version: 1.8.0.852 - Corsair Memory, Inc.)
Elgato Control Center (HKLM\...\{08BAB443-1CB7-4899-ACF2-9AE014203C79}) (Version: 1.5.0.289 - Corsair Memory, Inc.)
Elgato Stream Deck (HKLM\...\{803DB957-DD63-4A4A-AFD5-4426100CE140}) (Version: 6.4.1.19697 - Corsair Memory, Inc.)
Elgato Wave Link (HKLM\...\{F0852F04-1C8E-408F-B0B7-F7E70EDC4633}) (Version: 1.8.2.730 - Corsair Memory, Inc.)
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{bb9d349f-b87b-4026-b336-1604708bd09c}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{5F15891E-8342-47CD-AFFF-89211CFC04D0}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.130 - Google LLC)
GoveeDesktop (HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\{9c1507f9-cd0f-4b5c-88cf-211a41bc2709}) (Version: 2.20.11 - Govee)
HWiNFO64 Version 7.62 (HKLM\...\HWiNFO64_is1) (Version: 7.62 - Martin Malik, REALiX s.r.o.)
iCloud Outlook (HKLM\...\{11727D12-D910-486F-9B36-B496F4AB334D}) (Version: 14.1.0.108 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{89D00C61-DC40-4846-B938-E2E6158EDAAA}) (Version: 10.1.18836.8283 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{9b79ab4c-1596-44ee-84e2-a2001f7af089}) (Version: 10.1.18836.8283 - Intel(R) Corporation)
Intel(R) LMS (HKLM\...\{DFFC9992-3A41-4155-A834-9831C6E58D98}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2130.16.0.2387 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{FA6E1882-F6C1-47E1-A6CB-FC1F5460E311}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{38F0D70E-8F07-4BF9-A5E0-6946C3D614D8}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{8EC4CB19-850D-4BD4-B914-F63DF7DAD67D}) (Version: 30.100.2131.26 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2131.26 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00002090-0220-1031-84C8-B8D95FA3C8C3}) (Version: 22.90.2.1 - Intel Corporation)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 6.0.4912 - KYOCERA Document Solutions Inc.)
KYOCERA Status Monitor 5 (HKLM\...\{24EE7F6D-C648-463f-9E71-DC5FD2258D17}) (Version: 5.0.9814 - KYOCERA Document Solutions Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.6.7.301 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.7.301 - Malwarebytes)
Microsoft .NET Host - 6.0.6 (x64) (HKLM\...\{F48FB46C-3334-47AA-98ED-D5A47DED33F1}) (Version: 48.27.42327 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.6 (x64) (HKLM\...\{089493D9-430B-4210-8A47-8F611288F461}) (Version: 48.27.42327 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.6 (x64) (HKLM\...\{00478901-CD97-4A20-8FF3-3276865A2B44}) (Version: 48.27.42327 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.91 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.91 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM\...\{B9E46F95-AC34-4943-AFE2-B72EFD56C6C0}) (Version: 48.27.42342 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM-x32\...\{aad3b888-fde2-48c0-95c2-2f7a729283fb}) (Version: 6.0.6.31318 - Microsoft Corporation)
Move Transition version 2.9.6 (HKLM-x32\...\{83443BC3-6FCC-4A35-922E-1FF66F294AA4}}_is1) (Version: 2.9.6 - Exeldro)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 121.0 (x64 de)) (Version: 121.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 105.0 - Mozilla)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0919.01 - MSI)
NVIDIA AR SDK (HKLM-x32\...\NVIDIA AR SDK) (Version: 0.8.2 - NVIDIA Corporation)
NVIDIA Audio Effects SDK (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_AudioEffects) (Version: 1.3.0.22 - NVIDIA Corporation)
NVIDIA Broadcast 1.4.0.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIABroadcast) (Version: 1.4.0.29 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Grafiktreiber 546.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.01 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Video Effects (HKLM-x32\...\NVIDIA Video Effects) (Version: 0.7.2 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.3 - OBS Project)
OpenOffice 4.1.14 (HKLM-x32\...\{67817932-052B-4DB6-8E7C-A78585923709}) (Version: 4.114.9811 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.122.52971 - Electronic Arts, Inc.)
OWN3D for OBS Studio version 1.6.0.0 (HKLM-x32\...\{31A72556-7590-4678-AB69-96D602C95C02}}_is1) (Version: 1.6.0.0 - own3d media GmbH)
Razer Axon (HKLM\...\Razer Axon_is1) (Version: 1.2.2.0 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 10.10.4.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.8.1231.120811 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9363.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements SE.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 23.11.15.85 - StreamElements)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
tuna version 1.9.7 (HKLM-x32\...\{44b785ed-eef5-4b73-bef0-42ee3493c021}_is1) (Version: 1.9.7 - univrsal)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 114.1 - Ubisoft)
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version:  - Ozone)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Waveform version 1.7.0 (HKLM-x32\...\{57803E04-CC84-4877-AB1F-059130896D69}_is1) (Version: 1.7.0 - )
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Webex (HKLM\...\{611AD18D-000D-4ABB-84FD-CC503FDE8EC6}) (Version: 43.7.0.26612 - Cisco Systems, Inc)
Zoom (HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\ZoomUMX) (Version: 5.16.2 (22807) - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2023-11-19] ()
Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.5.2.0_x86__kc6t79cpj4tp0 [2024-01-01] (AMZN Mobile LLC)
AppleInc.iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa [2024-01-01] (Apple Inc.) [Startup Task]
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2024-01-01] (INTEL CORP) [Startup Task]
Astro Command Center -> C:\Program Files\WindowsApps\AstroGaming.AstroCommandCenter_1.1.55.0_x64__9cg1kgznx2mv2 [2024-01-01] (Astro Gaming)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.800.344.0_x64__8wekyb3d8bbwe [2024-01-01] (Microsoft Corporation)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2023.11.13.0_neutral__6rarf9sa4v8jt [2024-01-01] (Disney)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2023.531.1.0_x64__8xx8rvfyw5nnt [2024-01-01] (Meta)
Facebook -> C:\Program Files\WindowsApps\www.facebook.com-1C2D851A_2023.531.1.1_neutral__n468xs7erp6tc [2024-01-01] (www.facebook.com)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.21.0_neutral__8xx8rvfyw5nnt [2024-01-01] (Instagram)
Instagram -> C:\Program Files\WindowsApps\www.instagram.com-3D2AAE46_42.0.21.1_neutral__ysfa6mcnwr1rw [2024-01-01] (www.instagram.com)
KYOCERA Print Center -> C:\Program Files\WindowsApps\A97ECD55.KYOCERAPrintCenter_4.2.11031.0_x64__kqmhh0ktdt7dg [2024-01-01] (KYOCERA Document Solutions Inc)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-01-01] (Microsoft Corp.)
Microsoft Teams Play Together -> C:\Program Files\WindowsApps\Microsoft.TeamsXboxGameBarWidget_1.0.22.0_x64__8wekyb3d8bbwe [2024-01-01] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-12-07] (Microsoft Corporation)
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.29.0_x64__kzh8wxbdkxb8p [2024-01-01] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
MSI Game Bar -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSIGameBar_2.0.14.0_x64__kzh8wxbdkxb8p [2024-01-01] (MICRO-STAR INTERNATIONAL CO., LTD)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2024-01-01] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-01-01] (NVIDIA Corp.)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.153.0_x64__pwbj9vvecjh7j [2024-01-01] (Amazon Development Centre (London) Ltd)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0 [2024-01-01] (Spotify AB) [Startup Task]
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2024-01-01] (Bytedance Pte. Ltd.)
TikTok -> C:\Program Files\WindowsApps\www.tiktok.com-4C63E479_1.0.5.1_neutral__s5gx0acfdhdxa [2024-01-01] (www.tiktok.com)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2349.2.0_x64__cv1g1gvanyjgm [2024-01-01] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-12-07] (Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-818666927-3340188741-3001556913-1003_Classes\CLSID\{2db59e37-0d0f-9458-c133-85e699bb3bdd}\localserver32 -> C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.exe (Razer USA Ltd. -> Razer Inc.)
CustomCLSID: HKU\S-1-5-21-818666927-3340188741-3001556913-1003_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-818666927-3340188741-3001556913-1003_Classes\CLSID\{67299A41-241E-4979-A7BD-19A12F6C8E5F} -> [iCloud-Fotos] => C:\Users\Chris\iCloudPhotos\Photos [2023-01-02 16:21]
CustomCLSID: HKU\S-1-5-21-818666927-3340188741-3001556913-1003_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-818666927-3340188741-3001556913-1003_Classes\CLSID\{8EDA33E0-B9D0-47A8-8D95-E450808DC4DA} -> [iCloud Drive] => C:\Users\Chris\iCloudDrive [2023-01-02 16:21]
CustomCLSID: HKU\S-1-5-21-818666927-3340188741-3001556913-1003_Classes\CLSID\{e13cc75c-3ffc-4561-9482-33bbaa8b710c}\localserver32 -> C:\Program Files\Elgato\ControlCenter\ControlCenter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-01] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_677da8a9230cea15\nvshext.dll [2023-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-01] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2023-03-02 07:55 - 2023-02-27 21:39 - 001393152 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2023-11-21 05:45 - 2023-11-21 05:45 - 002249728 _____ (deniszykov) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\deniszykov.615d72e4#\c3715aed8e9119696ce70e13b535c4f0\deniszykov.WebSocketListener.ni.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
2023-08-07 10:08 - 2023-06-13 09:19 - 008381952 _____ (wondershare) [Datei ist nicht signiert] C:\ProgramData\Wondershare\wsServices\WsidClient.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-818666927-3340188741-3001556913-1003\Software\Microsoft\Internet Explorer\Main,Start Page = www.mifcom.de
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.mifcom.de

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2024-01-01 20:06 - 2024-01-01 20:06 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\;C:\Users\Chris\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\OneDrive\Desktop\Bilder\pz4j8tec.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "Stream Deck"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\StartupFolder: => "BitCleaner Tasker.lnk"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D3FEFEF9604A334C07E903E221AE7560"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_9C5AEF635D691404F8B7BD4B336EE839"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "CiscoSpark"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "Camera Hub"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "Voicemod"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{20EDEA9F-8484-4D86-9264-B363CD0B5779}C:\program files\elgato\controlcenter\controlcenter.exe] => (Allow) C:\program files\elgato\controlcenter\controlcenter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.)
FirewallRules: [UDP Query User{55E793E0-6BDB-4F51-BAC8-519E514FFAD5}C:\program files\elgato\controlcenter\controlcenter.exe] => (Allow) C:\program files\elgato\controlcenter\controlcenter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.)
FirewallRules: [TCP Query User{B25B22EA-1C6C-4F60-A062-3A422ED2C79C}C:\program files\elgato\wavelink\wavelink.exe] => (Allow) C:\program files\elgato\wavelink\wavelink.exe (Corsair Memory, Inc. -> Corsair Memory, Inc)
FirewallRules: [UDP Query User{94D3391F-7619-4061-8548-95F9CC27DEBC}C:\program files\elgato\wavelink\wavelink.exe] => (Allow) C:\program files\elgato\wavelink\wavelink.exe (Corsair Memory, Inc. -> Corsair Memory, Inc)
FirewallRules: [TCP Query User{9E14E075-7F3A-4436-835A-D1F4D2E261B6}C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe] => (Allow) C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe (Corsair Memory, Inc. -> )
FirewallRules: [UDP Query User{1366CA0A-56F1-4C43-BFAA-817D81D74E89}C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe] => (Allow) C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe (Corsair Memory, Inc. -> )
FirewallRules: [TCP Query User{9469516A-2F22-497B-A01A-1EEA794A2E5F}C:\program files\elgato\controlcenter\controlcenter.exe] => (Allow) C:\program files\elgato\controlcenter\controlcenter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.)
FirewallRules: [UDP Query User{9C23A9D9-343C-4A70-BAFF-9447EF5CAE75}C:\program files\elgato\controlcenter\controlcenter.exe] => (Allow) C:\program files\elgato\controlcenter\controlcenter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.)
FirewallRules: [TCP Query User{1C80BF57-0A1F-427F-B42C-127361928EC8}C:\program files\elgato\wavelink\wavelink.exe] => (Allow) C:\program files\elgato\wavelink\wavelink.exe (Corsair Memory, Inc. -> Corsair Memory, Inc)
FirewallRules: [UDP Query User{95A69E9A-E142-46DC-84E8-337256E1CD5E}C:\program files\elgato\wavelink\wavelink.exe] => (Allow) C:\program files\elgato\wavelink\wavelink.exe (Corsair Memory, Inc. -> Corsair Memory, Inc)
FirewallRules: [TCP Query User{8892EA31-6E4D-46D0-90A2-8C1DCC6A9081}C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe] => (Allow) C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe (Corsair Memory, Inc. -> )
FirewallRules: [UDP Query User{597C8FC7-32E4-4057-B655-911D15AB50FA}C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe] => (Allow) C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe (Corsair Memory, Inc. -> )
FirewallRules: [{67FFAE36-F72F-40BB-B47B-95BD718F72CF}] => (Allow) LPort=32683
FirewallRules: [{DA17E5F0-39B5-4BC9-BFF0-BC25DD128F24}] => (Allow) LPort=26822

==================== Wiederherstellungspunkte =========================

21-12-2023 09:16:56 Windows Update
21-12-2023 09:16:56 Windows Update
21-12-2023 09:16:57 Windows Update
31-12-2023 22:06:44 Geplanter Prüfpunkt
01-01-2024 08:20:33 Wiederherstellungsvorgang
01-01-2024 20:04:04 Restore Point Created by FRST

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname MININT-87Q8JIO.local already in use; will try MININT-87Q8JIO-2.local instead

Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 MININT-87Q8JIO.local. Addr 192.168.2.65

Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.65:5353   16 MININT-87Q8JIO.local. AAAA 2003:00DC:2F1B:EB71:CBC7:40CD:BEDE:86D5

Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 MININT-87Q8JIO.local. AAAA FE80:0000:0000:0000:FB58:02C1:7403:C645

Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.65:5353   16 MININT-87Q8JIO.local. AAAA 2003:00DC:2F1B:EB71:CBC7:40CD:BEDE:86D5

Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:    4 MININT-87Q8JIO.local. Addr 192.168.2.65

Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.65:5353   16 MININT-87Q8JIO.local. AAAA 2003:00DC:2F1B:EB71:CBC7:40CD:BEDE:86D5

Error: (01/02/2024 06:01:49 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: OneApp.IGCC.WinService.exe
Path: C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_eacad21d6839f2a9\OneApp.IGCC.WinService.exe
Message: It was not possible to find any compatible framework version
The framework 'Microsoft.NETCore.App', version '7.0.0' (x64) was not found.
  - The following frameworks were found:
      6.0.6 at [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]

You can resolve the problem by installing the specified framework and/or SDK.

The specified framework can be found at:
  - https://aka.ms/dotnet-core-applaunch?framework=Microsoft.NETCore.App&framework_version=7.0.0&arch=x64&rid=win10-x64


Systemfehler:
=============
Error: (01/02/2024 06:01:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "igccservice" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (01/02/2024 06:01:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst igccservice erreicht.

Error: (01/02/2024 05:13:22 PM) (Source: DCOM) (EventID: 10010) (User: MININT-87Q8JIO)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/02/2024 05:13:22 PM) (Source: DCOM) (EventID: 10010) (User: MININT-87Q8JIO)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/02/2024 05:13:21 PM) (Source: DCOM) (EventID: 10010) (User: MININT-87Q8JIO)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/02/2024 05:09:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "igccservice" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (01/02/2024 05:09:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst igccservice erreicht.

Error: (01/02/2024 04:59:35 PM) (Source: DCOM) (EventID: 10010) (User: MININT-87Q8JIO)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================
Date: 2024-01-02 18:01:57
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan:Script/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Chris\Downloads\Desktop.part2.rar; file:_C:\Users\Chris\Downloads\Desktop.part3.rar; webfile:_C:\Users\Chris\Downloads\Desktop.part2.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111254530592799/Desktop.part2.rar?ex=65a43fcc&is=6591cacc&hm=088b31b8c514e33e62990f96a8b55631b0f47c7a71e83f540255936486001db0&|pid:6592,ProcessStart:133485347286796728; webfile:_C:\Users\Chris\Downloads\Desktop.part3.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111255247826974/Desktop.part3.rar?ex=65a43fcd&is=6591cacd&hm=63bb53a9d36161a62fd9f0f6083026129b1d9cdb8fb88d16d5c2d8a39c40e9c9&|pid:2844,ProcessStart:133485347342903772
Erkennungsursprung: Internet
Erkennungstype: FastPath
Erkennungsquelle: Downloads und Anlagen
Benutzer: 
Prozessname: Unknown
Sicherheitsversion: AV: 1.403.1486.0, AS: 1.403.1486.0, NIS: 1.403.1486.0
Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2 

Date: 2024-01-02 18:01:57
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan:Script/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Chris\Downloads\Desktop.part2.rar; webfile:_C:\Users\Chris\Downloads\Desktop.part2.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111254530592799/Desktop.part2.rar?ex=65a43fcc&is=6591cacc&hm=088b31b8c514e33e62990f96a8b55631b0f47c7a71e83f540255936486001db0&|pid:6592,ProcessStart:133485347286796728
Erkennungsursprung: Internet
Erkennungstype: FastPath
Erkennungsquelle: Downloads und Anlagen
Benutzer: 
Prozessname: Unknown
Sicherheitsversion: AV: 1.403.1486.0, AS: 1.403.1486.0, NIS: 1.403.1486.0
Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2 

Date: 2024-01-02 17:13:28
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan:Script/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Chris\Downloads\Desktop.part2.rar; file:_C:\Users\Chris\Downloads\Desktop.part3.rar; webfile:_C:\Users\Chris\Downloads\Desktop.part2.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111254530592799/Desktop.part2.rar?ex=65a43fcc&is=6591cacc&hm=088b31b8c514e33e62990f96a8b55631b0f47c7a71e83f540255936486001db0&|pid:6592,ProcessStart:133485347286796728; webfile:_C:\Users\Chris\Downloads\Desktop.part3.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111255247826974/Desktop.part3.rar?ex=65a43fcd&is=6591cacd&hm=63bb53a9d36161a62fd9f0f6083026129b1d9cdb8fb88d16d5c2d8a39c40e9c9&|pid:2844,ProcessStart:133485347342903772
Erkennungsursprung: Internet
Erkennungstype: FastPath
Erkennungsquelle: Downloads und Anlagen
Benutzer: 
Prozessname: Unknown
Sicherheitsversion: AV: 1.403.1486.0, AS: 1.403.1486.0, NIS: 1.403.1486.0
Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2 

Date: 2024-01-02 17:13:28
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan:Script/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Chris\Downloads\Desktop.part2.rar; webfile:_C:\Users\Chris\Downloads\Desktop.part2.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111254530592799/Desktop.part2.rar?ex=65a43fcc&is=6591cacc&hm=088b31b8c514e33e62990f96a8b55631b0f47c7a71e83f540255936486001db0&|pid:6592,ProcessStart:133485347286796728
Erkennungsursprung: Internet
Erkennungstype: FastPath
Erkennungsquelle: Downloads und Anlagen
Benutzer: 
Prozessname: Unknown
Sicherheitsversion: AV: 1.403.1486.0, AS: 1.403.1486.0, NIS: 1.403.1486.0
Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2 

Date: 2024-01-02 17:09:36
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan:Script/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Chris\Downloads\Desktop.part2.rar; file:_C:\Users\Chris\Downloads\Desktop.part3.rar; webfile:_C:\Users\Chris\Downloads\Desktop.part2.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111254530592799/Desktop.part2.rar?ex=65a43fcc&is=6591cacc&hm=088b31b8c514e33e62990f96a8b55631b0f47c7a71e83f540255936486001db0&|pid:6592,ProcessStart:133485347286796728; webfile:_C:\Users\Chris\Downloads\Desktop.part3.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111255247826974/Desktop.part3.rar?ex=65a43fcd&is=6591cacd&hm=63bb53a9d36161a62fd9f0f6083026129b1d9cdb8fb88d16d5c2d8a39c40e9c9&|pid:2844,ProcessStart:133485347342903772
Erkennungsursprung: Internet
Erkennungstype: FastPath
Erkennungsquelle: Downloads und Anlagen
Benutzer: 
Prozessname: Unknown
Sicherheitsversion: AV: 1.403.1486.0, AS: 1.403.1486.0, NIS: 1.403.1486.0
Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2 
Event[0]

Date: 2024-01-01 09:06:34
Description: 
Fehler des Microsoft Defender Antivirus-Echtzeitschutz-Features.
Feature: Bei Zugriff
Fehlercode: 0x8007043c
Fehlerbeschreibung: Der Dienst kann nicht im abgesicherten Modus gestartet werden. 
Ursache: Die Antischadsoft-Sicherheitsfunktion wurde aus unbekanntem Grund beendet. Möglicherweise kann das Problem durch einen Neustart des Diensts behoben werden. 

Date: 2024-01-01 08:56:05
Description: 
Microsoft Defender Antivirus konnte Microsoft Defender Antivirus (Offlineüberprüfung) nicht herunterladen und konfigurieren.
Fehlercode: 0x8000000a
Fehlerbeschreibung: Die für diesen Vorgang erforderlichen Daten sind noch nicht verfügbar.  

Date: 2024-01-01 08:55:34
Description: 
Microsoft Defender Antivirus konnte Microsoft Defender Antivirus (Offlineüberprüfung) nicht herunterladen und konfigurieren.
Fehlercode: 0x8000000a
Fehlerbeschreibung: Die für diesen Vorgang erforderlichen Daten sind noch nicht verfügbar.  

Date: 2024-01-01 08:55:23
Description: 
Microsoft Defender Antivirus konnte Microsoft Defender Antivirus (Offlineüberprüfung) nicht herunterladen und konfigurieren.
Fehlercode: 0x8000000a
Fehlerbeschreibung: Die für diesen Vorgang erforderlichen Daten sind noch nicht verfügbar.  

Date: 2024-01-01 08:47:00
Description: 
Fehler des Microsoft Defender Antivirus-Echtzeitschutz-Features.
Feature: Bei Zugriff
Fehlercode: 0x8007043c
Fehlerbeschreibung: Der Dienst kann nicht im abgesicherten Modus gestartet werden. 
Ursache: Die Antischadsoft-Sicherheitsfunktion wurde aus unbekanntem Grund beendet. Möglicherweise kann das Problem durch einen Neustart des Diensts behoben werden. 

CodeIntegrity:
===============
Date: 2024-01-02 18:02:41
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. 

Date: 2024-01-02 18:02:40
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e913f9cc84fc282c\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. 

Date: 2024-01-02 18:02:34
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements. 


==================== Speicherinformationen =========================== 

BIOS: American Megatrends International, LLC. 1.40 05/24/2022
Hauptplatine: Micro-Star International Co., Ltd. MAG Z690 TOMAHAWK WIFI DDR4 (MS-7D32)
Prozessor: 12th Gen Intel(R) Core(TM) i9-12900K
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 65323.87 MB
Verfügbarer physikalischer RAM: 56024.52 MB
Summe virtueller Speicher: 75051.87 MB
Verfügbarer virtueller Speicher: 62607.68 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:929.3 GB) (Free:449.26 GB) (Model: WDS100T1X0E-00AFY0) NTFS
Drive d: (Volume) (Fixed) (Total:1863 GB) (Free:1688.58 GB) (Model: WD_BLACK SN850X 2000GB) NTFS

\\?\Volume{34df0b15-d8b3-476b-94d0-92dc878ce08b}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{e54b81d7-d617-4943-add9-6d701ea3c6ec}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS
\\?\Volume{5f2d5bb1-3565-41a3-abfd-9c75034524bf}\ (EFI) (Fixed) (Total:0.97 GB) (Free:0.94 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A0D8F495)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

Gamerixx91 · 02.01.2024, 18:07

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01.01.2024
durchgeführt von Chris (02-01-2024 18:03:22)
Gestartet von C:\Users\Chris\Downloads
Microsoft Windows 11 Home Version 23H2 22631.2861 (X64) (2022-10-01 09:36:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-818666927-3340188741-3001556913-500 - Administrator - Disabled)
Chris (S-1-5-21-818666927-3340188741-3001556913-1003 - Administrator - Enabled) => C:\Users\Chris
DefaultAccount (S-1-5-21-818666927-3340188741-3001556913-503 - Limited - Disabled)
Gast (S-1-5-21-818666927-3340188741-3001556913-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-818666927-3340188741-3001556913-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FF00-7760-BC15014EA700}) (Version: 23.006.20380 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 6.19 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1651.5 - Piriform Software) Hidden
Chatterino 2.4.6 (HKLM\...\{F5FE6614-04D4-4D32-8600-0ABA0AC113A4}_is1) (Version: 2.4.6 - Chatterino Team)
Cisco Webex Meetings (HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\ActiveTouchMeetingClient) (Version: 43.2.5 - Cisco Webex LLC)
Corsair iCUE5 Software (HKLM\...\{A9B0B2D7-8C59-4413-A2FB-99EDBE65A608}) (Version: 5.9.105 - Corsair)
Dynamic Application Loader Host Interface Service (HKLM\...\{439E5170-CFC8-4944-8119-746ECF219399}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Elgato Camera Hub (HKLM\...\{31479BE1-E815-4723-A5C8-56231A86FF1E}) (Version: 1.8.0.852 - Corsair Memory, Inc.)
Elgato Control Center (HKLM\...\{08BAB443-1CB7-4899-ACF2-9AE014203C79}) (Version: 1.5.0.289 - Corsair Memory, Inc.)
Elgato Stream Deck (HKLM\...\{803DB957-DD63-4A4A-AFD5-4426100CE140}) (Version: 6.4.1.19697 - Corsair Memory, Inc.)
Elgato Wave Link (HKLM\...\{F0852F04-1C8E-408F-B0B7-F7E70EDC4633}) (Version: 1.8.2.730 - Corsair Memory, Inc.)
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{bb9d349f-b87b-4026-b336-1604708bd09c}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{5F15891E-8342-47CD-AFFF-89211CFC04D0}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.130 - Google LLC)
GoveeDesktop (HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\{9c1507f9-cd0f-4b5c-88cf-211a41bc2709}) (Version: 2.20.11 - Govee)
HWiNFO64 Version 7.62 (HKLM\...\HWiNFO64_is1) (Version: 7.62 - Martin Malik, REALiX s.r.o.)
iCloud Outlook (HKLM\...\{11727D12-D910-486F-9B36-B496F4AB334D}) (Version: 14.1.0.108 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{89D00C61-DC40-4846-B938-E2E6158EDAAA}) (Version: 10.1.18836.8283 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{9b79ab4c-1596-44ee-84e2-a2001f7af089}) (Version: 10.1.18836.8283 - Intel(R) Corporation)
Intel(R) LMS (HKLM\...\{DFFC9992-3A41-4155-A834-9831C6E58D98}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2130.16.0.2387 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{FA6E1882-F6C1-47E1-A6CB-FC1F5460E311}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{38F0D70E-8F07-4BF9-A5E0-6946C3D614D8}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{8EC4CB19-850D-4BD4-B914-F63DF7DAD67D}) (Version: 30.100.2131.26 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2131.26 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00002090-0220-1031-84C8-B8D95FA3C8C3}) (Version: 22.90.2.1 - Intel Corporation)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 6.0.4912 - KYOCERA Document Solutions Inc.)
KYOCERA Status Monitor 5 (HKLM\...\{24EE7F6D-C648-463f-9E71-DC5FD2258D17}) (Version: 5.0.9814 - KYOCERA Document Solutions Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.6.7.301 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.7.301 - Malwarebytes)
Microsoft .NET Host - 6.0.6 (x64) (HKLM\...\{F48FB46C-3334-47AA-98ED-D5A47DED33F1}) (Version: 48.27.42327 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.6 (x64) (HKLM\...\{089493D9-430B-4210-8A47-8F611288F461}) (Version: 48.27.42327 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.6 (x64) (HKLM\...\{00478901-CD97-4A20-8FF3-3276865A2B44}) (Version: 48.27.42327 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.91 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.91 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM\...\{B9E46F95-AC34-4943-AFE2-B72EFD56C6C0}) (Version: 48.27.42342 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM-x32\...\{aad3b888-fde2-48c0-95c2-2f7a729283fb}) (Version: 6.0.6.31318 - Microsoft Corporation)
Move Transition version 2.9.6 (HKLM-x32\...\{83443BC3-6FCC-4A35-922E-1FF66F294AA4}}_is1) (Version: 2.9.6 - Exeldro)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 121.0 (x64 de)) (Version: 121.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 105.0 - Mozilla)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0919.01 - MSI)
NVIDIA AR SDK (HKLM-x32\...\NVIDIA AR SDK) (Version: 0.8.2 - NVIDIA Corporation)
NVIDIA Audio Effects SDK (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_AudioEffects) (Version: 1.3.0.22 - NVIDIA Corporation)
NVIDIA Broadcast 1.4.0.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIABroadcast) (Version: 1.4.0.29 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Grafiktreiber 546.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.01 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Video Effects (HKLM-x32\...\NVIDIA Video Effects) (Version: 0.7.2 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.3 - OBS Project)
OpenOffice 4.1.14 (HKLM-x32\...\{67817932-052B-4DB6-8E7C-A78585923709}) (Version: 4.114.9811 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.122.52971 - Electronic Arts, Inc.)
OWN3D for OBS Studio version 1.6.0.0 (HKLM-x32\...\{31A72556-7590-4678-AB69-96D602C95C02}}_is1) (Version: 1.6.0.0 - own3d media GmbH)
Razer Axon (HKLM\...\Razer Axon_is1) (Version: 1.2.2.0 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 10.10.4.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.8.1231.120811 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9363.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements SE.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 23.11.15.85 - StreamElements)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
tuna version 1.9.7 (HKLM-x32\...\{44b785ed-eef5-4b73-bef0-42ee3493c021}_is1) (Version: 1.9.7 - univrsal)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 114.1 - Ubisoft)
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version:  - Ozone)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Waveform version 1.7.0 (HKLM-x32\...\{57803E04-CC84-4877-AB1F-059130896D69}_is1) (Version: 1.7.0 - )
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Webex (HKLM\...\{611AD18D-000D-4ABB-84FD-CC503FDE8EC6}) (Version: 43.7.0.26612 - Cisco Systems, Inc)
Zoom (HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\ZoomUMX) (Version: 5.16.2 (22807) - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2023-11-19] ()
Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.5.2.0_x86__kc6t79cpj4tp0 [2024-01-01] (AMZN Mobile LLC)
AppleInc.iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa [2024-01-01] (Apple Inc.) [Startup Task]
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2024-01-01] (INTEL CORP) [Startup Task]
Astro Command Center -> C:\Program Files\WindowsApps\AstroGaming.AstroCommandCenter_1.1.55.0_x64__9cg1kgznx2mv2 [2024-01-01] (Astro Gaming)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.800.344.0_x64__8wekyb3d8bbwe [2024-01-01] (Microsoft Corporation)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2023.11.13.0_neutral__6rarf9sa4v8jt [2024-01-01] (Disney)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2023.531.1.0_x64__8xx8rvfyw5nnt [2024-01-01] (Meta)
Facebook -> C:\Program Files\WindowsApps\www.facebook.com-1C2D851A_2023.531.1.1_neutral__n468xs7erp6tc [2024-01-01] (www.facebook.com)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.21.0_neutral__8xx8rvfyw5nnt [2024-01-01] (Instagram)
Instagram -> C:\Program Files\WindowsApps\www.instagram.com-3D2AAE46_42.0.21.1_neutral__ysfa6mcnwr1rw [2024-01-01] (www.instagram.com)
KYOCERA Print Center -> C:\Program Files\WindowsApps\A97ECD55.KYOCERAPrintCenter_4.2.11031.0_x64__kqmhh0ktdt7dg [2024-01-01] (KYOCERA Document Solutions Inc)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-01-01] (Microsoft Corp.)
Microsoft Teams Play Together -> C:\Program Files\WindowsApps\Microsoft.TeamsXboxGameBarWidget_1.0.22.0_x64__8wekyb3d8bbwe [2024-01-01] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-12-07] (Microsoft Corporation)
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.29.0_x64__kzh8wxbdkxb8p [2024-01-01] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
MSI Game Bar -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSIGameBar_2.0.14.0_x64__kzh8wxbdkxb8p [2024-01-01] (MICRO-STAR INTERNATIONAL CO., LTD)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2024-01-01] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-01-01] (NVIDIA Corp.)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.153.0_x64__pwbj9vvecjh7j [2024-01-01] (Amazon Development Centre (London) Ltd)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0 [2024-01-01] (Spotify AB) [Startup Task]
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2024-01-01] (Bytedance Pte. Ltd.)
TikTok -> C:\Program Files\WindowsApps\www.tiktok.com-4C63E479_1.0.5.1_neutral__s5gx0acfdhdxa [2024-01-01] (www.tiktok.com)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2349.2.0_x64__cv1g1gvanyjgm [2024-01-01] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-12-07] (Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-818666927-3340188741-3001556913-1003_Classes\CLSID\{2db59e37-0d0f-9458-c133-85e699bb3bdd}\localserver32 -> C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.exe (Razer USA Ltd. -> Razer Inc.)
CustomCLSID: HKU\S-1-5-21-818666927-3340188741-3001556913-1003_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-818666927-3340188741-3001556913-1003_Classes\CLSID\{67299A41-241E-4979-A7BD-19A12F6C8E5F} -> [iCloud-Fotos] => C:\Users\Chris\iCloudPhotos\Photos [2023-01-02 16:21]
CustomCLSID: HKU\S-1-5-21-818666927-3340188741-3001556913-1003_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-818666927-3340188741-3001556913-1003_Classes\CLSID\{8EDA33E0-B9D0-47A8-8D95-E450808DC4DA} -> [iCloud Drive] => C:\Users\Chris\iCloudDrive [2023-01-02 16:21]
CustomCLSID: HKU\S-1-5-21-818666927-3340188741-3001556913-1003_Classes\CLSID\{e13cc75c-3ffc-4561-9482-33bbaa8b710c}\localserver32 -> C:\Program Files\Elgato\ControlCenter\ControlCenter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-01] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_677da8a9230cea15\nvshext.dll [2023-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-01] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2023-03-02 07:55 - 2023-02-27 21:39 - 001393152 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2023-11-21 05:45 - 2023-11-21 05:45 - 002249728 _____ (deniszykov) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\deniszykov.615d72e4#\c3715aed8e9119696ce70e13b535c4f0\deniszykov.WebSocketListener.ni.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2023-03-22 07:57 - 2023-03-22 07:57 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
2023-08-07 10:08 - 2023-06-13 09:19 - 008381952 _____ (wondershare) [Datei ist nicht signiert] C:\ProgramData\Wondershare\wsServices\WsidClient.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-818666927-3340188741-3001556913-1003\Software\Microsoft\Internet Explorer\Main,Start Page = www.mifcom.de
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.mifcom.de

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2024-01-01 20:06 - 2024-01-01 20:06 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\;C:\Users\Chris\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\OneDrive\Desktop\Bilder\pz4j8tec.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "Stream Deck"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\StartupFolder: => "BitCleaner Tasker.lnk"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D3FEFEF9604A334C07E903E221AE7560"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_9C5AEF635D691404F8B7BD4B336EE839"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "CiscoSpark"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "Camera Hub"
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\StartupApproved\Run: => "Voicemod"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{20EDEA9F-8484-4D86-9264-B363CD0B5779}C:\program files\elgato\controlcenter\controlcenter.exe] => (Allow) C:\program files\elgato\controlcenter\controlcenter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.)
FirewallRules: [UDP Query User{55E793E0-6BDB-4F51-BAC8-519E514FFAD5}C:\program files\elgato\controlcenter\controlcenter.exe] => (Allow) C:\program files\elgato\controlcenter\controlcenter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.)
FirewallRules: [TCP Query User{B25B22EA-1C6C-4F60-A062-3A422ED2C79C}C:\program files\elgato\wavelink\wavelink.exe] => (Allow) C:\program files\elgato\wavelink\wavelink.exe (Corsair Memory, Inc. -> Corsair Memory, Inc)
FirewallRules: [UDP Query User{94D3391F-7619-4061-8548-95F9CC27DEBC}C:\program files\elgato\wavelink\wavelink.exe] => (Allow) C:\program files\elgato\wavelink\wavelink.exe (Corsair Memory, Inc. -> Corsair Memory, Inc)
FirewallRules: [TCP Query User{9E14E075-7F3A-4436-835A-D1F4D2E261B6}C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe] => (Allow) C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe (Corsair Memory, Inc. -> )
FirewallRules: [UDP Query User{1366CA0A-56F1-4C43-BFAA-817D81D74E89}C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe] => (Allow) C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe (Corsair Memory, Inc. -> )
FirewallRules: [TCP Query User{9469516A-2F22-497B-A01A-1EEA794A2E5F}C:\program files\elgato\controlcenter\controlcenter.exe] => (Allow) C:\program files\elgato\controlcenter\controlcenter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.)
FirewallRules: [UDP Query User{9C23A9D9-343C-4A70-BAFF-9447EF5CAE75}C:\program files\elgato\controlcenter\controlcenter.exe] => (Allow) C:\program files\elgato\controlcenter\controlcenter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.)
FirewallRules: [TCP Query User{1C80BF57-0A1F-427F-B42C-127361928EC8}C:\program files\elgato\wavelink\wavelink.exe] => (Allow) C:\program files\elgato\wavelink\wavelink.exe (Corsair Memory, Inc. -> Corsair Memory, Inc)
FirewallRules: [UDP Query User{95A69E9A-E142-46DC-84E8-337256E1CD5E}C:\program files\elgato\wavelink\wavelink.exe] => (Allow) C:\program files\elgato\wavelink\wavelink.exe (Corsair Memory, Inc. -> Corsair Memory, Inc)
FirewallRules: [TCP Query User{8892EA31-6E4D-46D0-90A2-8C1DCC6A9081}C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe] => (Allow) C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe (Corsair Memory, Inc. -> )
FirewallRules: [UDP Query User{597C8FC7-32E4-4057-B655-911D15AB50FA}C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe] => (Allow) C:\program files\elgato\volume controller\elgatoaudiocontrolserver.exe (Corsair Memory, Inc. -> )
FirewallRules: [{67FFAE36-F72F-40BB-B47B-95BD718F72CF}] => (Allow) LPort=32683
FirewallRules: [{DA17E5F0-39B5-4BC9-BFF0-BC25DD128F24}] => (Allow) LPort=26822

==================== Wiederherstellungspunkte =========================

21-12-2023 09:16:56 Windows Update
21-12-2023 09:16:56 Windows Update
21-12-2023 09:16:57 Windows Update
31-12-2023 22:06:44 Geplanter Prüfpunkt
01-01-2024 08:20:33 Wiederherstellungsvorgang
01-01-2024 20:04:04 Restore Point Created by FRST

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname MININT-87Q8JIO.local already in use; will try MININT-87Q8JIO-2.local instead

Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 MININT-87Q8JIO.local. Addr 192.168.2.65

Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.65:5353   16 MININT-87Q8JIO.local. AAAA 2003:00DC:2F1B:EB71:CBC7:40CD:BEDE:86D5

Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 MININT-87Q8JIO.local. AAAA FE80:0000:0000:0000:FB58:02C1:7403:C645

Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.65:5353   16 MININT-87Q8JIO.local. AAAA 2003:00DC:2F1B:EB71:CBC7:40CD:BEDE:86D5

Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:    4 MININT-87Q8JIO.local. Addr 192.168.2.65

Error: (01/02/2024 06:02:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.65:5353   16 MININT-87Q8JIO.local. AAAA 2003:00DC:2F1B:EB71:CBC7:40CD:BEDE:86D5

Error: (01/02/2024 06:01:49 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: OneApp.IGCC.WinService.exe
Path: C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_eacad21d6839f2a9\OneApp.IGCC.WinService.exe
Message: It was not possible to find any compatible framework version
The framework 'Microsoft.NETCore.App', version '7.0.0' (x64) was not found.
  - The following frameworks were found:
      6.0.6 at [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]

You can resolve the problem by installing the specified framework and/or SDK.

The specified framework can be found at:
  - https://aka.ms/dotnet-core-applaunch?framework=Microsoft.NETCore.App&framework_version=7.0.0&arch=x64&rid=win10-x64


Systemfehler:
=============
Error: (01/02/2024 06:01:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "igccservice" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (01/02/2024 06:01:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst igccservice erreicht.

Error: (01/02/2024 05:13:22 PM) (Source: DCOM) (EventID: 10010) (User: MININT-87Q8JIO)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/02/2024 05:13:22 PM) (Source: DCOM) (EventID: 10010) (User: MININT-87Q8JIO)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/02/2024 05:13:21 PM) (Source: DCOM) (EventID: 10010) (User: MININT-87Q8JIO)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/02/2024 05:09:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "igccservice" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (01/02/2024 05:09:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst igccservice erreicht.

Error: (01/02/2024 04:59:35 PM) (Source: DCOM) (EventID: 10010) (User: MININT-87Q8JIO)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================
Date: 2024-01-02 18:01:57
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan:Script/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Chris\Downloads\Desktop.part2.rar; file:_C:\Users\Chris\Downloads\Desktop.part3.rar; webfile:_C:\Users\Chris\Downloads\Desktop.part2.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111254530592799/Desktop.part2.rar?ex=65a43fcc&is=6591cacc&hm=088b31b8c514e33e62990f96a8b55631b0f47c7a71e83f540255936486001db0&|pid:6592,ProcessStart:133485347286796728; webfile:_C:\Users\Chris\Downloads\Desktop.part3.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111255247826974/Desktop.part3.rar?ex=65a43fcd&is=6591cacd&hm=63bb53a9d36161a62fd9f0f6083026129b1d9cdb8fb88d16d5c2d8a39c40e9c9&|pid:2844,ProcessStart:133485347342903772
Erkennungsursprung: Internet
Erkennungstype: FastPath
Erkennungsquelle: Downloads und Anlagen
Benutzer: 
Prozessname: Unknown
Sicherheitsversion: AV: 1.403.1486.0, AS: 1.403.1486.0, NIS: 1.403.1486.0
Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2 

Date: 2024-01-02 18:01:57
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan:Script/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Chris\Downloads\Desktop.part2.rar; webfile:_C:\Users\Chris\Downloads\Desktop.part2.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111254530592799/Desktop.part2.rar?ex=65a43fcc&is=6591cacc&hm=088b31b8c514e33e62990f96a8b55631b0f47c7a71e83f540255936486001db0&|pid:6592,ProcessStart:133485347286796728
Erkennungsursprung: Internet
Erkennungstype: FastPath
Erkennungsquelle: Downloads und Anlagen
Benutzer: 
Prozessname: Unknown
Sicherheitsversion: AV: 1.403.1486.0, AS: 1.403.1486.0, NIS: 1.403.1486.0
Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2 

Date: 2024-01-02 17:13:28
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan:Script/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Chris\Downloads\Desktop.part2.rar; file:_C:\Users\Chris\Downloads\Desktop.part3.rar; webfile:_C:\Users\Chris\Downloads\Desktop.part2.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111254530592799/Desktop.part2.rar?ex=65a43fcc&is=6591cacc&hm=088b31b8c514e33e62990f96a8b55631b0f47c7a71e83f540255936486001db0&|pid:6592,ProcessStart:133485347286796728; webfile:_C:\Users\Chris\Downloads\Desktop.part3.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111255247826974/Desktop.part3.rar?ex=65a43fcd&is=6591cacd&hm=63bb53a9d36161a62fd9f0f6083026129b1d9cdb8fb88d16d5c2d8a39c40e9c9&|pid:2844,ProcessStart:133485347342903772
Erkennungsursprung: Internet
Erkennungstype: FastPath
Erkennungsquelle: Downloads und Anlagen
Benutzer: 
Prozessname: Unknown
Sicherheitsversion: AV: 1.403.1486.0, AS: 1.403.1486.0, NIS: 1.403.1486.0
Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2 

Date: 2024-01-02 17:13:28
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan:Script/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Chris\Downloads\Desktop.part2.rar; webfile:_C:\Users\Chris\Downloads\Desktop.part2.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111254530592799/Desktop.part2.rar?ex=65a43fcc&is=6591cacc&hm=088b31b8c514e33e62990f96a8b55631b0f47c7a71e83f540255936486001db0&|pid:6592,ProcessStart:133485347286796728
Erkennungsursprung: Internet
Erkennungstype: FastPath
Erkennungsquelle: Downloads und Anlagen
Benutzer: 
Prozessname: Unknown
Sicherheitsversion: AV: 1.403.1486.0, AS: 1.403.1486.0, NIS: 1.403.1486.0
Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2 

Date: 2024-01-02 17:09:36
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
Name: Trojan:Script/Wacatac.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Chris\Downloads\Desktop.part2.rar; file:_C:\Users\Chris\Downloads\Desktop.part3.rar; webfile:_C:\Users\Chris\Downloads\Desktop.part2.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111254530592799/Desktop.part2.rar?ex=65a43fcc&is=6591cacc&hm=088b31b8c514e33e62990f96a8b55631b0f47c7a71e83f540255936486001db0&|pid:6592,ProcessStart:133485347286796728; webfile:_C:\Users\Chris\Downloads\Desktop.part3.rar|https://cdn.discordapp.com/attachments/1190260187806838836/1191111255247826974/Desktop.part3.rar?ex=65a43fcd&is=6591cacd&hm=63bb53a9d36161a62fd9f0f6083026129b1d9cdb8fb88d16d5c2d8a39c40e9c9&|pid:2844,ProcessStart:133485347342903772
Erkennungsursprung: Internet
Erkennungstype: FastPath
Erkennungsquelle: Downloads und Anlagen
Benutzer: 
Prozessname: Unknown
Sicherheitsversion: AV: 1.403.1486.0, AS: 1.403.1486.0, NIS: 1.403.1486.0
Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2 
Event[0]

Date: 2024-01-01 09:06:34
Description: 
Fehler des Microsoft Defender Antivirus-Echtzeitschutz-Features.
Feature: Bei Zugriff
Fehlercode: 0x8007043c
Fehlerbeschreibung: Der Dienst kann nicht im abgesicherten Modus gestartet werden. 
Ursache: Die Antischadsoft-Sicherheitsfunktion wurde aus unbekanntem Grund beendet. Möglicherweise kann das Problem durch einen Neustart des Diensts behoben werden. 

Date: 2024-01-01 08:56:05
Description: 
Microsoft Defender Antivirus konnte Microsoft Defender Antivirus (Offlineüberprüfung) nicht herunterladen und konfigurieren.
Fehlercode: 0x8000000a
Fehlerbeschreibung: Die für diesen Vorgang erforderlichen Daten sind noch nicht verfügbar.  

Date: 2024-01-01 08:55:34
Description: 
Microsoft Defender Antivirus konnte Microsoft Defender Antivirus (Offlineüberprüfung) nicht herunterladen und konfigurieren.
Fehlercode: 0x8000000a
Fehlerbeschreibung: Die für diesen Vorgang erforderlichen Daten sind noch nicht verfügbar.  

Date: 2024-01-01 08:55:23
Description: 
Microsoft Defender Antivirus konnte Microsoft Defender Antivirus (Offlineüberprüfung) nicht herunterladen und konfigurieren.
Fehlercode: 0x8000000a
Fehlerbeschreibung: Die für diesen Vorgang erforderlichen Daten sind noch nicht verfügbar.  

Date: 2024-01-01 08:47:00
Description: 
Fehler des Microsoft Defender Antivirus-Echtzeitschutz-Features.
Feature: Bei Zugriff
Fehlercode: 0x8007043c
Fehlerbeschreibung: Der Dienst kann nicht im abgesicherten Modus gestartet werden. 
Ursache: Die Antischadsoft-Sicherheitsfunktion wurde aus unbekanntem Grund beendet. Möglicherweise kann das Problem durch einen Neustart des Diensts behoben werden. 

CodeIntegrity:
===============
Date: 2024-01-02 18:02:41
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. 

Date: 2024-01-02 18:02:40
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e913f9cc84fc282c\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. 

Date: 2024-01-02 18:02:34
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements. 


==================== Speicherinformationen =========================== 

BIOS: American Megatrends International, LLC. 1.40 05/24/2022
Hauptplatine: Micro-Star International Co., Ltd. MAG Z690 TOMAHAWK WIFI DDR4 (MS-7D32)
Prozessor: 12th Gen Intel(R) Core(TM) i9-12900K
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 65323.87 MB
Verfügbarer physikalischer RAM: 56024.52 MB
Summe virtueller Speicher: 75051.87 MB
Verfügbarer virtueller Speicher: 62607.68 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:929.3 GB) (Free:449.26 GB) (Model: WDS100T1X0E-00AFY0) NTFS
Drive d: (Volume) (Fixed) (Total:1863 GB) (Free:1688.58 GB) (Model: WD_BLACK SN850X 2000GB) NTFS

\\?\Volume{34df0b15-d8b3-476b-94d0-92dc878ce08b}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{e54b81d7-d617-4943-add9-6d701ea3c6ec}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS
\\?\Volume{5f2d5bb1-3565-41a3-abfd-9c75034524bf}\ (EFI) (Fixed) (Total:0.97 GB) (Free:0.94 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A0D8F495)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

M-K-D-B · 02.01.2024, 22:22

Vielen Dank für die Logdateien.

Also aktive Malware ist nicht auf dem System.

Ich nehme an, dass sich auch keine .rar Datei mehr im folgenden Verzeichnis befindet:
C:\Users\Chris\Downloads\

Daher ist das nur ein Problem vom Windows Defender.

Versuch mal bitte Folgendes:

1)
Starte den rechner im abgesicherten Modus.

2)
Lösche manuell diesen Ordner inklusive aller Unterordner und Dateien aus diesem Verzeichnis:
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service

3)
Deaktiviere den Echtzeitschutz und den Cloudbasierten Schutz von Windows Defender über
Start > Einstellungen > Datenschutz und Sicherheit > Windows-Sicherheit > Start > Einstellungen > Datenschutz und Sicherheit > Windows-Sicherheit > Viren- und Bedrohungsschutz > Einstellungen verwalten

4)
Warte ein paar Sekunden und starte den Rechner im Abschluss neu in den normalen Modus.

Berichte, ob Windows Defender immer noch die erwähnten Meldungen bringt.

Gamerixx91 · 03.01.2024, 09:44

Zitat:

Zitat von M-K-D-B

Vielen Dank für die Logdateien.

Also aktive Malware ist nicht auf dem System.

Ich nehme an, dass sich auch keine .rar Datei mehr im folgenden Verzeichnis befindet:
C:\Users\Chris\Downloads\

Daher ist das nur ein Problem vom Windows Defender.

Versuch mal bitte Folgendes:

1)
Starte den rechner im abgesicherten Modus.

2)
Lösche manuell diesen Ordner inklusive aller Unterordner und Dateien aus diesem Verzeichnis:
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service

3)
Deaktiviere den Echtzeitschutz und den Cloudbasierten Schutz von Windows Defender über
Start > Einstellungen > Datenschutz und Sicherheit > Windows-Sicherheit > Start > Einstellungen > Datenschutz und Sicherheit > Windows-Sicherheit > Viren- und Bedrohungsschutz > Einstellungen verwalten

4)
Warte ein paar Sekunden und starte den Rechner im Abschluss neu in den normalen Modus.

Berichte, ob Windows Defender immer noch die erwähnten Meldungen bringt.

Guten Morgen alles so gemacht und ihn dann wieder eingeschaltet und erneut suchen lassen, nichts mehr gefunden.

Es scheint wieder alles in Ordnung zu sein. Darf ich dir / dem Forum ein Trinkgeld für deine tolle Arbeit spenden ?

Liebe Grüße !

02.01.2024, 17:04	#1
M-K-D-B /// TB-Ausbilder	Trojan:Script/Wacatac.B!ml Windows 11 Windows Defender schlägt Alarm Vielen Dank für die Logatei. Hast du den Defender vor dem Fix wie erwähnt deaktiiert gehabt und nach dem Fix wieder aktiviert? Meldet der Defender immer noch die gleiche Meldung oder ist das jetzt behoben?

02.01.2024, 17:42	#3
M-K-D-B /// TB-Ausbilder	Trojan:Script/Wacatac.B!ml Windows 11 Windows Defender schlägt Alarm Starte bitte den Rechner neu. Führe FRST wie folgt aus und poste diese (ganz) neuen Logdateien. Schritt 1 Starte FRST erneut und klicke auf Untersuchen. FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt). Poste mir beide Logdateien mit deiner nächsten Antwort. __________________

Trojan:Script/Wacatac.B!ml Windows 11 Windows Defender schlägt Alarm

Log-Analyse und Auswertung: Trojan:Script/Wacatac.B!ml Windows 11 Windows Defender schlägt Alarm