| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Microsoft Windows Defender AlertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.01.2024, 16:49
| #16 |
 |  Microsoft Windows Defender Alert Programme deinstalliert. Was jetzt? Ihr müsst Verständnis haben, ich bin der Laie, ihr die Profis. |
|
14.01.2024, 16:54
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Microsoft Windows Defender Alert Ja schon gut, wir haben eben aneinander vorbeigeredet. Macht doch nix
__________________ adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________ |
|
14.01.2024, 17:04
| #18 |
| | Microsoft Windows Defender Alert 1. File
__________________Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-14-2024
# Duration: 00:00:03
# OS: Windows 11 (Build 22631.3007)
# Cleaned: 8
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\hero7\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [4835 octets] - [16/01/2022 20:06:07]
AdwCleaner[C00].txt - [5354 octets] - [16/01/2022 20:11:37]
AdwCleaner[S01].txt - [2544 octets] - [14/09/2022 12:50:10]
AdwCleaner[S02].txt - [2618 octets] - [19/09/2022 10:23:31]
AdwCleaner[S03].txt - [2679 octets] - [30/10/2022 14:54:20]
AdwCleaner[S04].txt - [2741 octets] - [03/03/2023 14:58:40]
AdwCleaner[S05].txt - [2802 octets] - [04/03/2023 14:53:08]
AdwCleaner[S06].txt - [2863 octets] - [12/04/2023 19:31:21]
AdwCleaner[S07].txt - [2924 octets] - [12/04/2023 19:32:06]
AdwCleaner[C07].txt - [3408 octets] - [12/04/2023 19:32:25]
AdwCleaner[S08].txt - [2349 octets] - [04/06/2023 13:46:48]
AdwCleaner[S09].txt - [2994 octets] - [05/08/2023 14:34:33]
AdwCleaner[S10].txt - [3055 octets] - [05/08/2023 14:34:46]
AdwCleaner[S11].txt - [3290 octets] - [20/11/2023 17:58:48]
AdwCleaner[C11].txt - [2444 octets] - [20/11/2023 17:59:01]
AdwCleaner[S12].txt - [3351 octets] - [14/01/2024 16:58:10]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C12].txt ##########
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-14-2024
# Duration: 00:00:00
# OS: Windows 11 (Build 22631.3007)
# Cleaned: 1
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Needs Reboot Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
*************************
AdwCleaner[S00].txt - [4835 octets] - [16/01/2022 20:06:07]
AdwCleaner[C00].txt - [5354 octets] - [16/01/2022 20:11:37]
AdwCleaner[S01].txt - [2544 octets] - [14/09/2022 12:50:10]
AdwCleaner[S02].txt - [2618 octets] - [19/09/2022 10:23:31]
AdwCleaner[S03].txt - [2679 octets] - [30/10/2022 14:54:20]
AdwCleaner[S04].txt - [2741 octets] - [03/03/2023 14:58:40]
AdwCleaner[S05].txt - [2802 octets] - [04/03/2023 14:53:08]
AdwCleaner[S06].txt - [2863 octets] - [12/04/2023 19:31:21]
AdwCleaner[S07].txt - [2924 octets] - [12/04/2023 19:32:06]
AdwCleaner[C07].txt - [3408 octets] - [12/04/2023 19:32:25]
AdwCleaner[S08].txt - [2349 octets] - [04/06/2023 13:46:48]
AdwCleaner[S09].txt - [2994 octets] - [05/08/2023 14:34:33]
AdwCleaner[S10].txt - [3055 octets] - [05/08/2023 14:34:46]
AdwCleaner[S11].txt - [3290 octets] - [20/11/2023 17:58:48]
AdwCleaner[C11].txt - [2444 octets] - [20/11/2023 17:59:01]
AdwCleaner[S12].txt - [3351 octets] - [14/01/2024 16:58:10]
AdwCleaner[C12].txt - [3643 octets] - [14/01/2024 16:58:28]
AdwCleaner[S13].txt - [2527 octets] - [14/01/2024 17:00:27]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C13].txt ##########
Geändert von cosinus (14.01.2024 um 17:06 Uhr) Grund: code tags |
|
14.01.2024, 17:07
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Microsoft Windows Defender Alert Dann bitte jetzt neue FRST-Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.01.2024, 17:12
| #20 |
| | Microsoft Windows Defender Alert FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11.01.2024
durchgeführt von hero7 (Administrator) auf LAPTOP-HP-2156 (HP HP Pavilion Gaming Laptop 17-cd2xxx) (14-01-2024 17:10:04)
Gestartet von C:\Daten\Programme\FRST64.exe
Geladene Profile: hero7
Plattform: Microsoft Windows 11 Home Version 23H2 22631.3007 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.400.20.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.133\msedgewebview2.exe <6>
(DriverStore\FileRepository\cui_dch.inf_amd64_95bc605201b64517\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_95bc605201b64517\igfxEMN.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\dptf_helper.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\BridgeCommunication.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.39.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(explorer.exe ->) (Sven Ritter -> SWE Sven Ritter) C:\Program Files\SpeedProject\SpeedCommander 21\SpeedCommander.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(SECOMN64.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_fe3afc9d28b2c978\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\OmenCap.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_95bc605201b64517\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_d9aa4f0713cc07ec\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_03b951be52cd2aa9\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_237b1b6e9066be9c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d4564390a9b1e980\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe <2>
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> ) C:\ProgramData\Wondershare\wsServices\ElevationService.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_28.52349.1300.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_28.52349.1300.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SecHealthUI_1000.25873.9001.0_x64__8wekyb3d8bbwe\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.400.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\SecurityHealth\1.0.2306.10002-0\SecurityHealthHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe [3450728 2022-03-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BdagentApp] => "C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe" (Keine Datei)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [11859680 2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [253952 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {5820BF85-6EAF-44CA-BF22-2A067711195D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {32C6B60A-5BD7-473A-9DC0-602777E144EB} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.266\WatchDog.exe repair (Keine Datei)
Task: {2FCF4D21-A3B6-4396-99CB-B14C1F77D5DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2023-02-03] (Google LLC -> Google LLC)
Task: {0C148C14-B77A-40D0-AC54-5CC7CC64A5C8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2023-02-03] (Google LLC -> Google LLC)
Task: {51DE7CBE-C8F3-4B41-BBC1-013FD3CDF1D8} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO
Task: {05E31522-B5E9-45EA-A449-44898A3B1095} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError
Task: {2BDC11FC-D619-4C74-8DF2-01D5E63D323F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusTest
Task: {BB5391E0-C219-4ECE-9477-E1E7C566E0CC} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF
Task: {B7C2B5D7-23EE-4DB0-A4F4-70498320913C} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1
Task: {FE546F5B-CE5F-411F-826D-351FAA0EA73E} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2
Task: {1553EAAC-C91A-4DCC-AF13-15D2232F5652} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI
Task: {1C7C141E-5A7A-44F7-BA10-DB927007DA69} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags:
Task: {39F68641-FAD4-4E83-AFAA-A81F3A678C0D} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError
Task: {3487EEA3-EC3D-4ABD-BC59-25669F9F2F60} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2024-01-04] (HP Inc. -> HP Inc.)
Task: {931C48B3-EA51-42FE-A7BA-2FA91B45B6E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-01-04] (HP Inc. -> HP Inc.)
Task: {D0308842-3844-40D1-94DD-CB9F5F2BD938} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2024-01-04] (HP Inc. -> HP Inc.)
Task: {84473A6B-7A4F-4573-8752-171EDFF2D9B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2024-01-04] (HP Inc. -> HP Inc.)
Task: {147C48F4-B206-48AD-BFF8-216C972C0A5A} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {4A647844-FBC7-4E36-B7F9-DB362A3D3D17} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5137472 2023-10-16] (Intel Corporation -> Intel Corporation)
Task: {A4512112-3BA2-4CC3-AA16-558F3F2D98AE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5137472 2023-10-16] (Intel Corporation -> Intel Corporation)
Task: {54071690-DA22-409E-B6EB-6E279199176D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {FBF0F01B-3751-467B-BA70-4E7E7C5FD35B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {40609540-D998-435C-BC74-A7C7A835B3F2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {945106FE-992E-4E64-A7E0-A3F1E39C15B6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {402A6254-87AF-4852-83C1-22CD50867041} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B185BD8-78AE-4037-B0FF-94CDDC8FDAF3} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Keine Datei)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {8B845F54-1826-4086-AFF4-793143344CFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C4E11ED8-2CF1-4436-982E-94832D5F084D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {704856BD-1AA5-4261-B63A-8A680E9CDBD4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F1CB195B-7B59-4350-912E-4081C540ED72} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {685CB494-06A5-4C97-8D19-52707B10D2D7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2024-01-13] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4ADF4D03-09DB-41E4-8DDF-A8C755C8747B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2024-01-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {B985A619-722E-4BF3-8CD5-1A5C97899D33} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {18C8B028-98AE-4DA7-A018-9301395A6A3A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6C8538D8-F1D4-4CE2-8D2B-09E6C930A4F9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C0A1087-D5B1-45D0-A92D-648FD24BE6A9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7754D4FD-9D5C-4AB4-B47A-DDF0B752193F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6299BC88-DFF3-491D-8B7E-59018309487E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3501111D-363A-44AB-BDCD-06BDC305DEC7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5D555AF-E68A-4B4B-BB55-E84302429459} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A37D158A-DC52-4333-B8EA-BEEFEA0CCF27} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83B16396-BDBD-4F50-A156-7E3EC26E0663} - System32\Tasks\Software Update => C:\Program Files (x86)\Glarysoft\Software Update 5\Software Update.exe -autorun (Keine Datei)
Task: {58948EBF-5536-452B-83F7-B6F2EBBDBAAC} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [200704 2023-04-26] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ff6a38ee-44b7-49e5-8c04-e84cec2253e6}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ff6a38ee-44b7-49e5-8c04-e84cec2253e6}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{ff6a38ee-44b7-49e5-8c04-e84cec2253e6}\E6F6274677563747E2662756966657E6B6E2E65647: [DhcpNameServer] 45.154.109.53
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\hero7\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-14]
Edge StartupUrls: Default -> "hxxp://www.t-online.de/"
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\hero7\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-12-24]
Edge Extension: (Google Docs Offline) - C:\Users\hero7\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-30]
Edge Extension: (Edge relevant text changes) - C:\Users\hero7\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-09]
Edge Extension: (Proper Menubar for Microsoft Edge) - C:\Users\hero7\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mdffgnflikkenkkjhkgojbgkjabknlob [2023-07-08]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: zi6fy1rp.default
FF ProfilePath: C:\Users\hero7\AppData\Roaming\Mozilla\Firefox\Profiles\zi6fy1rp.default [2022-10-20]
FF ProfilePath: C:\Users\hero7\AppData\Roaming\Mozilla\Firefox\Profiles\tgqowxpu.default-release [2024-01-14]
FF Homepage: Mozilla\Firefox\Profiles\tgqowxpu.default-release -> www.t-online.de
FF Notifications: Mozilla\Firefox\Profiles\tgqowxpu.default-release -> hxxps://www.holidaycheck.de; hxxps://a.forgeart.top
FF Extension: (Bitdefender Anti-tracker) - C:\Users\hero7\AppData\Roaming\Mozilla\Firefox\Profiles\tgqowxpu.default-release\Extensions\bdtbe@bitdefender.com.xpi [2023-11-29] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json]
FF Extension: (I don't care about cookies) - C:\Users\hero7\AppData\Roaming\Mozilla\Firefox\Profiles\tgqowxpu.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-12-06]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [43784 2023-09-25] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [240392 2023-09-25] (Intel Corporation -> Intel)
R2 ElevationService; C:\ProgramData\Wondershare\wsServices\ElevationService.exe [934648 2022-10-25] (Wondershare Technology Group Co.,Ltd -> )
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\AppHelperCap.exe [888768 2023-11-20] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\DiagsCap.exe [887848 2023-11-20] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\NetworkCap.exe [884672 2023-11-20] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\OmenCap.exe [755152 2023-10-19] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2023-11-17] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\SysInfoCap.exe [886720 2023-11-20] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_fe3afc9d28b2c978\x64\TouchpointAnalyticsClientService.exe [493296 2023-11-20] (HP Inc. -> HP Inc.)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [13004248 2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-13] (Malwarebytes Inc. -> Malwarebytes)
S3 mc-wps-secdashboardservice; C:\Program Files (x86)\HP\HP Support Framework\Resources\mc-wps-secdashboardservice.exe [1204608 2024-01-04] (McAfee, LLC -> McAfee, LLC)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\NVDisplay.Container.exe [1275544 2023-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 SECOMNService; C:\WINDOWS\System32\SECOMN64.exe [741832 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 bdredline_agent; "C:\Program Files\Bitdefender Agent\redline\bdredline.exe" [X]
S4 BDSafepaySrv; "C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe" "settings/services/configs/bdsafepaysrv_config.json" [X]
S2 ProductAgentService; "C:\Program Files\Bitdefender Agent\ProductAgentService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AcxHdAudio; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [561152 2023-10-27] (Microsoft Windows -> Microsoft Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-10-05] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-10-05] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 GlPciSD; C:\WINDOWS\System32\drivers\GlPciSD.sys [220360 2021-11-18] (GENESYS LOGIC, INC. -> Genesys Logic)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [24960 2022-09-01] (HP Inc. -> HP Inc.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_SPI_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_fc1ed3a5a1d514f2\iaLPSS2_SPI_TGL.sys [158352 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_UART2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_cd8c3a141c1b1284\iaLPSS2_UART2_TGL.sys [313504 2021-07-19] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1546432 2022-01-20] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_b8b6f6df4a75225e\gna.sys [87208 2021-08-30] (Intel Corporation -> Intel Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-01-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsla2bd19c9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1B2AC311-9F2E-4B0C-B08D-474E0D49A7D9}\MpKslDrv.sys [263560 2024-01-14] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [67496 2022-07-28] (Realtek Semiconductor Corp. -> Realtek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2024-01-14] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2024-01-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-14] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
U3 aspnet_state; kein ImagePath
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-14 17:05 - 2024-01-14 17:05 - 000723674 _____ C:\WINDOWS\system32\perfh007.dat
2024-01-14 17:05 - 2024-01-14 17:05 - 000149714 _____ C:\WINDOWS\system32\perfc007.dat
2024-01-14 16:57 - 2024-01-14 16:57 - 000001201 _____ C:\Users\hero7\OneDrive\Desktop\adwcleaner.exe - Verknüpfung.lnk
2024-01-14 16:43 - 2024-01-14 16:43 - 000109572 _____ C:\ProgramData\vpn.uninstall.1705246969.bdinstall.v2.bin
2024-01-14 16:42 - 2024-01-14 16:42 - 000456792 _____ C:\ProgramData\cl.uninstall.1705246848.bdinstall.v2.bin
2024-01-14 16:42 - 2024-01-14 16:42 - 000058160 _____ C:\ProgramData\agent.uninstall.1705246941.bdinstall.v2.bin
2024-01-14 13:42 - 2024-01-14 17:10 - 000000000 ____D C:\FRST
2024-01-13 15:22 - 2024-01-13 15:22 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-13 15:21 - 2024-01-13 15:21 - 000016720 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-01-13 15:17 - 2024-01-13 15:19 - 000000000 ___HD C:\$WinREAgent
2024-01-13 15:10 - 2024-01-14 16:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-01-13 15:05 - 2024-01-14 17:01 - 000000000 ____D C:\Users\hero7\AppData\Local\Malwarebytes
2024-01-13 15:05 - 2024-01-13 15:05 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-13 15:04 - 2024-01-13 15:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-13 15:04 - 2024-01-13 15:04 - 000000000 ____D C:\Program Files\Malwarebytes
2023-12-31 10:24 - 2023-12-31 10:24 - 000391112 _____ C:\Users\hero7\Downloads\09724202.pdf
2023-12-29 08:35 - 2023-12-29 08:35 - 000655492 _____ C:\Users\hero7\Downloads\DPaakXRVTlhH2cDxEFIVka-30.pdf
2023-12-26 13:53 - 2023-12-26 13:53 - 002470656 _____ C:\Users\hero7\Downloads\2312_EB-Rest_Speisekarte.pdf
2023-12-26 12:56 - 2023-12-26 12:56 - 000090872 _____ C:\ProgramData\agent.update.1703591777.bdinstall.v2.bin
2023-12-25 11:23 - 2023-12-25 11:23 - 000067181 _____ C:\Users\hero7\Downloads\Yomogi-250-mg-Packungsbeilage.pdf
2023-12-21 14:58 - 2023-12-21 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2023-12-21 14:58 - 2023-12-21 14:58 - 000000000 ____D C:\Program Files\HWiNFO64
2023-12-21 14:18 - 2023-12-21 14:18 - 000000000 ____D C:\Users\hero7\AppData\Roaming\Opera Software
2023-12-19 12:48 - 2023-12-19 12:49 - 000000000 ____D C:\Users\hero7\Downloads\Speisen
2023-12-18 15:33 - 2023-12-18 15:33 - 000000000 ____D C:\ProgramData\Gemma
2023-12-18 15:33 - 2023-12-18 15:33 - 000000000 ____D C:\ProgramData\Atc
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-14 17:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-14 17:07 - 2022-01-16 14:40 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2024-01-14 17:05 - 2022-10-05 17:27 - 001685202 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-14 17:05 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-01-14 17:03 - 2022-04-18 12:02 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-14 17:02 - 2022-02-09 14:46 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-14 17:01 - 2022-10-08 15:50 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-01-14 17:01 - 2022-10-05 17:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-14 17:01 - 2022-10-05 17:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-14 17:01 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-01-14 17:01 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-14 17:01 - 2022-01-16 12:48 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-14 17:01 - 2022-01-14 14:28 - 000000000 __SHD C:\Users\hero7\IntelGraphicsProfiles
2024-01-14 17:01 - 2021-04-17 00:45 - 000000000 ____D C:\Intel
2024-01-14 17:01 - 2020-05-06 09:58 - 000012288 ___SH C:\DumpStack.log.tmp
2024-01-14 17:00 - 2022-05-07 06:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-01-14 16:58 - 2022-01-18 20:12 - 000000000 ____D C:\Users\hero7\AppData\Roaming\Hewlett-Packard
2024-01-14 16:58 - 2022-01-16 12:48 - 000000000 ____D C:\ProgramData\HP
2024-01-14 16:56 - 2022-01-16 13:05 - 000000000 ____D C:\Users\hero7\AppData\Roaming\Microsoft\Word
2024-01-14 16:56 - 2022-01-16 12:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-01-14 16:46 - 2022-10-21 14:43 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2024-01-14 16:45 - 2022-04-18 12:02 - 000000000 ____D C:\Users\hero7\AppData\Local\Google
2024-01-14 16:45 - 2022-01-17 19:15 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2024-01-14 16:44 - 2023-02-03 15:31 - 000000000 ____D C:\Program Files\Google
2024-01-14 16:41 - 2023-10-26 12:49 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2024-01-14 16:41 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-14 16:41 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-14 16:41 - 2022-05-07 06:17 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2024-01-14 16:41 - 2022-01-16 15:06 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-14 16:41 - 2022-01-16 13:01 - 000000000 ____D C:\Users\hero7\AppData\Local\Packages
2024-01-14 12:34 - 2022-01-16 13:03 - 000000000 ____D C:\Users\hero7\AppData\Local\D3DSCache
2024-01-13 15:54 - 2022-02-04 15:50 - 000000000 ____D C:\SWSetup
2024-01-13 15:42 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-01-13 15:42 - 2022-01-15 18:14 - 000000000 ____D C:\Users\hero7\AppData\LocalLow\Adobe
2024-01-13 15:31 - 2023-07-23 10:07 - 000000000 ___RD C:\Users\hero7\OneDrive\Dokumente\Reflect
2024-01-13 15:26 - 2022-10-05 17:23 - 000460312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-13 15:26 - 2022-01-16 15:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-13 15:25 - 2023-09-27 15:40 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-01-13 15:25 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-01-13 15:25 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-13 15:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-13 15:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-13 15:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-13 15:23 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-13 15:21 - 2022-10-05 17:24 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-01-13 15:21 - 2021-04-17 00:53 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-13 15:17 - 2022-01-16 15:15 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-13 15:13 - 2022-01-16 20:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-13 15:12 - 2022-10-11 14:29 - 000002119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-13 15:12 - 2022-10-05 17:33 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-01-13 15:11 - 2022-01-16 12:48 - 000002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-13 15:10 - 2022-01-16 20:20 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-13 15:04 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-13 15:02 - 2022-10-05 17:24 - 000000000 ____D C:\Users\hero7
2023-12-30 12:25 - 2022-01-16 17:48 - 000000000 ____D C:\Users\hero7\AppData\Local\CrashDumps
2023-12-26 13:39 - 2023-11-03 16:32 - 000000000 ____D C:\ProgramData\Glarysoft
2023-12-26 12:56 - 2022-10-21 14:43 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2023-12-18 21:20 - 2023-02-03 15:31 - 000002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11.01.2024
durchgeführt von hero7 (14-01-2024 17:10:45)
Gestartet von C:\Daten\Programme
Microsoft Windows 11 Home Version 23H2 22631.3007 (X64) (2022-10-05 16:33:18)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-2987192262-2318196993-4031371102-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2987192262-2318196993-4031371102-503 - Limited - Disabled)
Gast (S-1-5-21-2987192262-2318196993-4031371102-501 - Limited - Disabled)
hero7 (S-1-5-21-2987192262-2318196993-4031371102-1001 - Administrator - Enabled) => C:\Users\hero7
WDAGUtilityAccount (S-1-5-21-2987192262-2318196993-4031371102-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.008.20458 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
CrystalDiskInfo 9.2.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.2.1 - Crystal Dew World)
CrystalDiskMark 8.0.4c (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4c - Crystal Dew World)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 85.0.26.0 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP)
HWiNFO64 (HKLM\...\HWiNFO64_is1) (Version: 7.68 - Martin Malik, REALiX s.r.o.)
Intel Driver && Support Assistant (HKLM-x32\...\{63B67EA4-4AE1-4A45-A67D-21318B4345EF}) (Version: 23.4.39.9 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{4DF8D37E-055A-49B8-9317-305ECD1B9D1F}) (Version: 2.4.10654 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{31949e15-2f6e-4f85-8280-9228b2ba14a9}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{ecbee3cf-26b3-4f27-854c-e2e16b3f7fa9}) (Version: 23.4.39.9 - Intel)
KC Softwares DUMo (HKLM-x32\...\KC Softwares DUMo_is1) (Version: 2.25.4.125 - KC Softwares)
KC Softwares SUMo (HKLM-x32\...\KC Softwares SUMo_is1) (Version: 5.17.10.542 - KC Softwares)
Macrium Reflect Free (HKLM\...\{0D4965D1-6B46-4F0A-B42D-B17056612AE0}) (Version: 8.0.7279 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free (HKLM\...\MacriumReflect) (Version: v8.0.7279 - Paramount Software (UK) Ltd.)
Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.133 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.133 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.32919 (HKLM-x32\...\{9efe907c-4dbc-4a1b-bb65-d2470bd88985}) (Version: 14.38.32919.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.32919 (HKLM-x32\...\{68c77bab-8435-4d15-ae03-fd4f6e158317}) (Version: 14.38.32919.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.32919 (HKLM\...\{98B96874-2649-4CC3-B599-1F2EEC28A500}) (Version: 14.38.32919 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.32919 (HKLM\...\{D028B71C-9372-40C9-B535-5841F78448CC}) (Version: 14.38.32919 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.32919 (HKLM-x32\...\{5F0295FE-3DAA-4C04-94A6-2AFC6D739D34}) (Version: 14.38.32919 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.32919 (HKLM-x32\...\{2F7F071D-83D0-4994-8237-7B0579452FD4}) (Version: 14.38.32919 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{ba8ab6bd-ad21-447e-b617-feee84353247}) (Version: 5.0.10.30418 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 121.0.1 (x64 de)) (Version: 121.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.0 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 115.4.1 (x64 de)) (Version: 115.4.1 - Mozilla)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Grafiktreiber 546.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.01 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
SpeedCommander 21 (HKLM\...\SpeedCommander 21) (Version: 21.00.11085 - SWE Sven Ritter)
TreeSize Free V4.7.1 (64 bit) (HKLM\...\TreeSize Free_is1) (Version: 4.7.1 - JAM Software)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WhoCrashed 7.06 (HKLM\...\WhoCrashed_is1) (Version: 7.06 - Resplendence Software Projects Sp.)
Wilbur (remove only) (HKLM-x32\...\Wilbur) (Version: - )
XnView 2.51.5 (HKLM-x32\...\XnView_is1) (Version: 2.51.5 - Gougelet Pierre-e)
Zoom (HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\...\ZoomUMX) (Version: 5.16.6 (24712) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-01-13] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2023-12-15] (INTEL CORP) [Startup Task]
B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.35.264.0_x64__v10z8vjag6ke6 [2024-01-13] (HP Inc.)
Dev Home (Preview) -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.901.374.0_x64__8wekyb3d8bbwe [2024-01-13] (Microsoft Corporation)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2022-04-17] (HP Inc.)
HP CoolSense -> C:\Program Files\WindowsApps\ad2f1837.hpcoolsense_1.1.3.0_x64__v10z8vjag6ke6 [2023-06-07] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.4.0.0_x64__v10z8vjag6ke6 [2023-10-20] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2023-10-20] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6 [2022-09-24] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-17] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.32.31.0_x64__v10z8vjag6ke6 [2024-01-13] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.39.0_x64__v10z8vjag6ke6 [2023-09-30] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-17] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21027.539.0_x64__8wekyb3d8bbwe [2023-10-31] (Microsoft Corporation)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-14] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-13] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_28.52349.1300.0_x64__v10z8vjag6ke6 [2023-12-19] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-11-04] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-06] (Microsoft Studios) [MS Ad]
WinAppRuntime.Main.1.3 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe [2023-11-05] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-01-13] (Microsoft Corp.)
Windows App Runtime DDLM 3000.934.1904.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.934.1904.0-x6_3000.934.1904.0_x64__8wekyb3d8bbwe [2023-11-05] (Microsoft Corporation)
Windows App Runtime DDLM 3000.934.1904.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.934.1904.0-x8_3000.934.1904.0_x86__8wekyb3d8bbwe [2023-11-05] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-01-13] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2987192262-2318196993-4031371102-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> c:\program files\macrium\common\reflectmonitor.exe (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
CustomCLSID: HKU\S-1-5-21-2987192262-2318196993-4031371102-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2987192262-2318196993-4031371102-1001_Classes\CLSID\{41714a9a-6d2d-44c8-a165-bb3e8cddb4d3}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => Keine Datei
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_c1175609f74fb701\OptaneShellExt.dll [2022-01-20] (Intel Corporation -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_c1175609f74fb701\OptaneShellExt.dll [2022-01-20] (Intel Corporation -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\nvshext.dll [2023-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-13] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2023-12-03 14:30 - 2024-01-08 00:00 - 000333824 _____ (Software Security System) [Datei ist nicht signiert] C:\Program Files\SpeedProject\SpeedCommander 21\EKC6420.DLL
2023-10-19 21:08 - 2023-10-19 21:08 - 002973696 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {603C1AE7-1F29-459F-9338-D251CAE1609F} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {603C1AE7-1F29-459F-9338-D251CAE1609F} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hero7\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
Network Binding:
=============
WLAN: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Intel® Arc™ Control"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_156DA62A8213CF1C7052FD6A96EF931A"
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\...\StartupApproved\Run: => "UpdateStar"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{1068DB08-EFA7-415E-9AEE-D3744DAC5BA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DB8A0645-5BC5-418E-AD03-680CFCC85AC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D94F916D-75FD-4C7F-92A9-7D6E85DDC5F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DDDD8EC6-F905-4600-B015-16C6969C93CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{08D2029F-5560-454C-B749-2120E1AD5000}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7D90921F-5A23-4253-97C1-13276B570A04}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A74589E5-C2A9-4554-9454-F3A8746D9825}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{05496B7B-F9AB-4CA7-B9D7-29B113BC0C16}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{10B234D2-63D2-4025-BFAB-3677E490F73A}] => (Allow) C:\Users\hero7\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{4721A0AB-C0BC-430B-A52B-5A99989B4B8A}] => (Allow) C:\Users\hero7\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{95738818-022E-4515-8AB5-3BC08D293DF8}] => (Allow) C:\Users\hero7\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E1D025ED-77DE-49AC-9477-BF82E0C0E013}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{5CF7E08F-7770-4C27-BC7A-13232AAC8364}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{F0DBC110-21F5-46A1-9B06-D76D201221F2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{F2013E77-2290-4ACF-918D-8D31F9AED442}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{CFF6189F-EEA5-4BF4-B596-3EA6C3831CD7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{AF08195B-D956-458F-B397-1299905169D9}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{913E98CA-7C9F-4775-B203-30B38EAAC0F3}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{933C6C18-0D6F-4E64-B6D7-A69936FEF46F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{44A685B0-EAA0-40BC-A60C-D222D4F14232}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{46F32030-5734-44B1-86B4-C0B6CC9880A5}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{BCC859EC-06BB-4404-95FF-781B7939B4D8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{637C4231-B5D6-4BC5-B0A5-3E49A100258E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{F3928EA8-F559-4ABA-A864-11E3CEF1B038}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{A175D930-6BA6-4326-BBEA-F99B250CBF21}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{8A977252-83BE-4816-B7CF-7708BFE72FFA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{DDEE0044-3F5E-48BE-90C2-CDFE335083D1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{1CF67771-9106-4B0B-A362-AF9E795EB611}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A0F8B9F5-7BA0-4BBF-BB40-ABC2DB327177}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E61B549-A159-4129-889E-5E943A4A2765}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CD60A644-3E92-4044-95E2-651EBC470E25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B099AC51-1A43-4EB8-B597-2313A7CCFF39}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0E1A092E-2485-4476-9BCA-8920B5E00F5C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D59C6770-DB79-4C22-B126-F2EDE444179E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{77AA15DB-7243-4DBE-88E1-0E9608F1D7B1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D53D1E74-1383-48A7-90DD-AE43C55C4C54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ACF6AB30-71A6-4001-A34E-384FDA28FD43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A392BF1C-D7FB-4401-9009-A8FCB8E55615}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B9C2DA7-3A9A-40DF-894D-070B883FFA26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3E89252A-0480-4865-90A1-4385E85B1DC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65D866FC-F456-4C77-9955-C3057D97DE87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CE16715E-C20B-4EF7-A31E-B480E04B53E3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.133\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
14-01-2024 16:58:17 AdwCleaner_BeforeCleaning_14/01/2024_16:58:17
14-01-2024 17:00:34 AdwCleaner_BeforeCleaning_14/01/2024_17:00:34
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (01/14/2024 01:03:48 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (01/13/2024 03:09:35 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (01/13/2024 03:02:47 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
0x%08x (0x80040d06 - Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06))
Error: (01/13/2024 03:02:47 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
0x%08x (0x80040d06 - Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06))
Error: (01/13/2024 03:02:47 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
0x%08x (0x80040d06 - Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06))
Error: (01/13/2024 03:02:47 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
0x%08x (0x80040d06 - Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06))
Error: (01/13/2024 03:02:46 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Der Plug-In-Manager <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
0x%08x (0x8007065e - Daten mit diesem Typ werden nicht unterstützt. (HRESULT : 0x8007065e))
Error: (12/30/2023 07:53:20 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Systemfehler:
=============
Error: (01/14/2024 05:03:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bitdefender Agent RedLine Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (01/14/2024 05:01:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GameInput Service" wurde unerwartet beendet. Dies ist bereits 6 Mal passiert.
Error: (01/14/2024 05:01:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "GameInput Service" wurde mit folgendem Fehler beendet:
Die Verbunddatei "GameInput Service" wurde mit einer neueren Version erstellt.
Error: (01/14/2024 05:01:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "GameInput Service" wurde unerwartet beendet. Dies ist bereits 5 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/14/2024 05:01:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "GameInput Service" wurde mit folgendem Fehler beendet:
Die Verbunddatei "GameInput Service" wurde mit einer neueren Version erstellt.
Error: (01/14/2024 05:01:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "GameInput Service" wurde unerwartet beendet. Dies ist bereits 4 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/14/2024 05:01:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "GameInput Service" wurde mit folgendem Fehler beendet:
Die Verbunddatei "GameInput Service" wurde mit einer neueren Version erstellt.
Error: (01/14/2024 05:01:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "GameInput Service" wurde unerwartet beendet. Dies ist bereits 3 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Windows Defender:
================
Date: 2024-01-14 17:06:38
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Misleading:Win32/Lodi&threatid=240849&enterprise=0
Name: Misleading:Win32/Lodi
Schweregrad: Hoch
Kategorie: Adware
Pfad: file:_C:\Daten\Programme\YouTubeSongDownloader-setup.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: LAPTOP-HP-2156\hero7
Prozessname: C:\Program Files\SpeedProject\SpeedCommander 21\SpeedCommander.exe
Sicherheitsversion: AV: 1.403.2141.0, AS: 1.403.2141.0, NIS: 1.403.2141.0
Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2
Event[0]
Date: 2022-10-20 20:56:16
Description:
Bei Microsoft Defender Antivirus ist ein Fehler bei dem Versuch aufgetreten, eine verdächtige Datei zur weiteren Analyse hochzuladen.
Dateiname: C:\Users\hero7\Downloads\kaspersky4win202121.7.7.393de_35816.exe
Sha256: 0a35635e20f9536a9a0ea67218c62107d5977570fb15105ea65c6b26a92b1af5
Aktuelle Sicherheitsversion: AV: 1.377.550.0, AS: 1.377.550.0
Aktuelle Modulversion: 1.1.19700.3
Fehlercode: 0x80071112
Date: 2022-10-20 20:38:30
Description:
Bei Microsoft Defender Antivirus ist ein Fehler bei dem Versuch aufgetreten, eine verdächtige Datei zur weiteren Analyse hochzuladen.
Dateiname: C:\Users\hero7\Downloads\kis21.3.10.391abde_26499.exe
Sha256: 383849a5bf6b8691f0debb71b12d4eebafa40e19acad7ff37d1c69283081e6e8
Aktuelle Sicherheitsversion: AV: 1.377.550.0, AS: 1.377.550.0
Aktuelle Modulversion: 1.1.19700.3
Fehlercode: 0x80071112
Date: 2022-10-20 18:51:03
Description:
Bei Microsoft Defender Antivirus ist ein Fehler bei dem Versuch aufgetreten, eine verdächtige Datei zur weiteren Analyse hochzuladen.
Dateiname: C:\Users\hero7\Downloads\kaspersky4win202121.7.7.393de_35815.exe
Sha256: 645b25fe28c41f17034777afb8047fa70b45d314eff057bb9ce271806f8e57d7
Aktuelle Sicherheitsversion: AV: 1.377.479.0, AS: 1.377.479.0
Aktuelle Modulversion: 1.1.19700.3
Fehlercode: 0x80071112
CodeIntegrity:
===============
Date: 2024-01-14 17:09:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_237b1b6e9066be9c\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2024-01-14 16:41:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_266894485911477603\antimalware_provider64.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: Insyde F.23 07/06/2023
Hauptplatine: HP 88E7
Prozessor: 11th Gen Intel(R) Core(TM) i5-11300H @ 3.10GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 16129.99 MB
Verfügbarer physikalischer RAM: 8548.27 MB
Summe virtueller Speicher: 17345.99 MB
Verfügbarer virtueller Speicher: 7442.18 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:474.34 GB) (Free:392.31 GB) (Model: NVMe SAMSUNG MZVLQ512HALU-000H1) NTFS
\\?\Volume{6fc7fe93-aa17-45cc-bb4c-da818c7735e8}\ () (Fixed) (Total:0.65 GB) (Free:0.06 GB) NTFS
\\?\Volume{7138f76a-2204-4de9-a015-652cf26efa7b}\ () (Fixed) (Total:0.6 GB) (Free:0.08 GB) NTFS
\\?\Volume{86ccec02-aaf8-44dd-a6d4-26b3b8402026}\ (Windows RE tools) (Fixed) (Total:0.55 GB) (Free:0.06 GB) NTFS
\\?\Volume{580f7bc9-ca8c-4b89-afad-adcb3444d9a3}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32
\\?\Volume{6bebe86a-53e5-4493-81c5-91c706e9da24}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32
\\?\Volume{02fe5cfe-eba2-4bdb-9e39-d65f45b32ee1}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32
==================== MBR & Partitionstabelle ====================
==================== Ende von Addition.txt =======================
|
|
14.01.2024, 17:58
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Microsoft Windows Defender Alert Scripting/Repair mit FRST64 WARNUNG AN ALLE MITLESER !!! Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
__________________ --> Microsoft Windows Defender Alert |
|
14.01.2024, 18:18
| #22 |
| | Microsoft Windows Defender Alert Klappt nicht. Frst sagt, kann fixlist.txt nicht finden |
|
14.01.2024, 18:22
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Microsoft Windows Defender Alert Bitte die Anleitung richtig lesen 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.01.2024, 18:27
| #24 |
| | Microsoft Windows Defender Alert Habe ich, klicke auf FRST.exe / Reparieren - dann kommt die Meldung kann fixlist.txt nicht finden / OK /Programm schließt |
|
14.01.2024, 18:33
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Microsoft Windows Defender Alert Lies doch nochmal richtig. Du musst den Text in der Codebox entsprechend kopieren. Nix mit Fixlist.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.01.2024, 18:38
| #26 |
| | Microsoft Windows Defender Alert Entschuldige, versteh ich nicht. Welchen Text denn ?? |
|
14.01.2024, 18:40
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Microsoft Windows Defender Alert Soviel zum Thema Anleitung richtig lesen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.01.2024, 18:46
| #28 |
| | Microsoft Windows Defender Alert Jetzt habe ich frst.txt in Datei Suche eingegeben und habe jetzt eine serch.txt erhalten. Sorry, me culpa. Hatte nicht gesehen, dass über der Box noch ne Zeile war. Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11.01.2024 durchgeführt von hero7 (14-01-2024 18:44:08) Run:1 Gestartet von C:\Daten\Programme Geladene Profile: hero7 Start-Modus: Normal ============================================== fixlist Inhalt: ***************** Start:: CloseProcesses: HKLM\...\Run: [BdagentApp] => "C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe" (Keine Datei) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG FF Extension: (Bitdefender Anti-tracker) - C:\Users\hero7\AppData\Roaming\Mozilla\Firefox\Profiles\tgqowxpu.default-release\Extensions\bdtbe@bitdefender.com.xpi [2023-11-29] [UpdateUrl:https://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json] FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) S2 bdredline_agent; "C:\Program Files\Bitdefender Agent\redline\bdredline.exe" [X] S4 BDSafepaySrv; "C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe" "settings/services/configs/bdsafepaysrv_config.json" [X] S2 ProductAgentService; "C:\Program Files\Bitdefender Agent\ProductAgentService.exe" [X] C:\ProgramData\Glarysoft C:\Program Files\Bitdefender emptytemp: End:: ***************** Prozesse erfolgreich geschlossen. "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BdagentApp" => erfolgreich entfernt HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => erfolgreich entfernt C:\Users\hero7\AppData\Roaming\Mozilla\Firefox\Profiles\tgqowxpu.default-release\Extensions\bdtbe@bitdefender.com.xpi => erfolgreich verschoben HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.14 => erfolgreich entfernt C:\Program Files\VideoLAN\VLC\npvlc.dll => erfolgreich verschoben HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.16 => erfolgreich entfernt "C:\Program Files\VideoLAN\VLC\npvlc.dll" => nicht gefunden HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.17.4 => erfolgreich entfernt "C:\Program Files\VideoLAN\VLC\npvlc.dll" => nicht gefunden HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.18 => erfolgreich entfernt "C:\Program Files\VideoLAN\VLC\npvlc.dll" => nicht gefunden HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.19 => erfolgreich entfernt "C:\Program Files\VideoLAN\VLC\npvlc.dll" => nicht gefunden HKLM\System\CurrentControlSet\Services\bdredline_agent => erfolgreich entfernt bdredline_agent => Dienst erfolgreich entfernt HKLM\System\CurrentControlSet\Services\BDSafepaySrv => erfolgreich entfernt BDSafepaySrv => Dienst erfolgreich entfernt HKLM\System\CurrentControlSet\Services\ProductAgentService => erfolgreich entfernt ProductAgentService => Dienst erfolgreich entfernt "C:\ProgramData\Glarysoft" Ordner verschieben: C:\ProgramData\Glarysoft => erfolgreich verschoben "C:\Program Files\Bitdefender" => nicht gefunden =========== EmptyTemp: ========== FlushDNS => abgeschlossen BITS transfer queue => 1310720 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18010522 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B Windows/system/drivers => 3603795 B Edge => 0 B Firefox => 143632785 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 12 B systemprofile32 => 12 B LocalService => 3646 B NetworkService => 9024 B hero7 => 22228076 B RecycleBin => 0 B EmptyTemp: => 180.1 MB temporäre Dateien entfernt. ================================ Das System musste neu gestartet werden. ==== Ende von Fixlog 18:44:29 ==== |
|
14.01.2024, 18:55
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Microsoft Windows Defender Alert Geht doch  Kontrollscans mit MBAM und RK Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.01.2024, 19:09
| #30 |
| | Microsoft Windows Defender Alert Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 14.01.24 Scan-Zeit: 18:57 Protokolldatei: 62bd82ae-b306-11ee-9007-489ebdf5c341.json -Softwaredaten- Version: 4.6.8.311 Komponentenversion: 1.0.2242 Version des Aktualisierungspakets: 1.0.79640 Lizenz: Kostenlos -Systemdaten- Betriebssystem: Windows 11 (Build 22631.3007) CPU: x64 Dateisystem: NTFS Benutzer: Laptop-HP-2156\hero7 -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 249746 Erkannte Bedrohungen: 0 In die Quarantäne verschobene Bedrohungen: 0 Abgelaufene Zeit: 1 Min., 18 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end) Rest kommt gleich Program : RogueKiller Anti-Malware Version : 15.13.1.0 x64 : Yes Program Date : Dec 5 2023 Location : C:\Program Files\RogueKiller\RogueKiller64.exe Premium : Yes Company : Adlice Software Website : https://www.adlice.com/ Contact : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 11 (10.0.22631) 64-bit 64-bit OS : Yes Startup : 0 WindowsPE : No User : hero7 User is Admin : Yes Date : 2024/01/14 18:06:40 Type : Scan Aborted : No Scan Mode : Standard Duration : 367 Found items : 0 Total scanned : 70118 Signatures Version : 20240111_084438 Truesight Driver : Yes Updates Count : 6 Arguments : -minimize ************************* Warnings ************************* ************************* Updates ************************* CrystalDiskInfo 9.2.1 (64-bit), version 9.2.1 [+] Available Version : 9.2.2 [+] Size : 16,2 MB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\CrystalDiskInfo\ Mozilla Thunderbird (x64 de) (64-bit), version 115.4.1 [+] Available Version : 115.6.1 [+] Size : 239 MB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\Mozilla Thunderbird HP Documentation (64-bit), version 1.0.0.1 [+] Available Version : 1.0.0.2 [+] Wow6432 : No [+] Portable : No Mozilla Maintenance Service (64-bit), version 115.0 [+] Available Version : 2023.10 [+] Size : 628 KB [+] Wow6432 : No [+] Portable : No NVIDIA Grafiktreiber 546.01 (64-bit), version 546.01 [+] Available Version : 550.09 [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{29FF9F50-9EC6-47D7-A9E1-22962F5BF31B} HP Audio Switch (32-bit), version 1.0.211.0 [+] Available Version : 1.0.213.0 [+] Size : 8,61 MB [+] Wow6432 : Yes [+] Portable : No ************************* Processes ************************* ************************* Modules ************************* ************************* Services ************************* ************************* Scheduled Tasks ************************* ************************* Registry ************************* ************************* WMI ************************* ************************* Hosts File ************************* is_too_big : No hosts_file_path : C:\Windows\System32\drivers\etc\hosts ************************* Filesystem ************************* ************************* Web Browsers ************************* ************************* Antirootkit ************************* |
|
| Themen zu Microsoft Windows Defender Alert |
| alert, beim starten, bitdefender, code, defender, gestern, hoffe, interne, internet, krieg, laptop, laufen, malwarebytes, melde, meldung, microsoft, natürlich, neu, starte, starten, system, versucht, vieles, windows, zugriff |
Linear-Darstellung
