| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Microsoft Windows Defender AlertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.01.2024, 13:05
| #1 |
 |  Microsoft Windows Defender Alert Hallo, bin neu hier im Forum. Hoffe, ich melde mich an der richtigen Stelle. Vor drei Tagen poppte beim Starten die Meldung: "Microsoft Windows Defender Alert". System gesperrt Fehler Code: 2V7HGTVB. Habe vieles versucht, was ich im Netz gefunden habe: - Browserdaten gelöscht - Browser deinstalliert - Backup aufgespielt Nichts half. Dann stellte ich fest, dass mein Laptop immer dann gesperrt war, wenn ich Zugriff zum Internet hatte. Konnte also, wenn ich Internet ausgeschaltet hatte , auf mein Laptop zugreifen. ( Habe natürlich adwcleaner / Malwarebytes / etc. laufen lassen - wurde nichts gefunden System wird eigentlich von BITDEFENDER geschützt). Habe gestern alle Browser gelöscht und ein älteres Backup ( habe immer 2 Backups) draufgespielt. Erfolg- bis jetzt läuft alles. Aber ich trau dem Braten nicht… Was kann die Ursache sein? Und wie krieg ich das weg, wenn es noch mal auftaucht? Ideen? |
|
14.01.2024, 13:08
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Microsoft Windows Defender Alert Hinweise für Hilfesuchende gelesen? Was ist mit den FRST-Logfiles?
__________________
__________________ |
|
14.01.2024, 13:46
| #3 |
| | Microsoft Windows Defender Alert Meldung könnte auch heißen:
__________________Microsoft Windows Firewall Alert - weiß nicht mehr so genau FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11.01.2024
durchgeführt von hero7 (14-01-2024 13:43:04)
Gestartet von C:\Daten\Programme
Microsoft Windows 11 Home Version 23H2 22631.3007 (X64) (2022-10-05 16:33:18)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-2987192262-2318196993-4031371102-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2987192262-2318196993-4031371102-503 - Limited - Disabled)
Gast (S-1-5-21-2987192262-2318196993-4031371102-501 - Limited - Disabled)
hero7 (S-1-5-21-2987192262-2318196993-4031371102-1001 - Administrator - Enabled) => C:\Users\hero7
WDAGUtilityAccount (S-1-5-21-2987192262-2318196993-4031371102-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Bitdefender Virenschutz (Enabled - Up to date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {37623117-A018-E2F0-08DD-DD91CABD1259}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.008.20458 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.0.1.266 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 26.0.28.94 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 25.7.0.1 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 6.19 - Piriform)
CrystalDiskInfo 9.2.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.2.1 - Crystal Dew World)
CrystalDiskMark 8.0.4c (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4c - Crystal Dew World)
Glary Utilities 6.4 (HKLM-x32\...\Glary Utilities) (Version: 6.4.0.7 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.217 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 85.0.26.0 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP)
HWiNFO64 (HKLM\...\HWiNFO64_is1) (Version: 7.68 - Martin Malik, REALiX s.r.o.)
Intel Driver && Support Assistant (HKLM-x32\...\{63B67EA4-4AE1-4A45-A67D-21318B4345EF}) (Version: 23.4.39.9 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{4DF8D37E-055A-49B8-9317-305ECD1B9D1F}) (Version: 2.4.10654 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{31949e15-2f6e-4f85-8280-9228b2ba14a9}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{ecbee3cf-26b3-4f27-854c-e2e16b3f7fa9}) (Version: 23.4.39.9 - Intel)
KC Softwares DUMo (HKLM-x32\...\KC Softwares DUMo_is1) (Version: 2.25.4.125 - KC Softwares)
KC Softwares SUMo (HKLM-x32\...\KC Softwares SUMo_is1) (Version: 5.17.10.542 - KC Softwares)
Macrium Reflect Free (HKLM\...\{0D4965D1-6B46-4F0A-B42D-B17056612AE0}) (Version: 8.0.7279 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free (HKLM\...\MacriumReflect) (Version: v8.0.7279 - Paramount Software (UK) Ltd.)
Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.133 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.133 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.32919 (HKLM-x32\...\{9efe907c-4dbc-4a1b-bb65-d2470bd88985}) (Version: 14.38.32919.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.32919 (HKLM-x32\...\{68c77bab-8435-4d15-ae03-fd4f6e158317}) (Version: 14.38.32919.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.32919 (HKLM\...\{98B96874-2649-4CC3-B599-1F2EEC28A500}) (Version: 14.38.32919 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.32919 (HKLM\...\{D028B71C-9372-40C9-B535-5841F78448CC}) (Version: 14.38.32919 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.32919 (HKLM-x32\...\{5F0295FE-3DAA-4C04-94A6-2AFC6D739D34}) (Version: 14.38.32919 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.32919 (HKLM-x32\...\{2F7F071D-83D0-4994-8237-7B0579452FD4}) (Version: 14.38.32919 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{ba8ab6bd-ad21-447e-b617-feee84353247}) (Version: 5.0.10.30418 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 121.0.1 (x64 de)) (Version: 121.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.0 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 115.4.1 (x64 de)) (Version: 115.4.1 - Mozilla)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Grafiktreiber 546.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.01 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
SpeedCommander 21 (HKLM\...\SpeedCommander 21) (Version: 21.00.11085 - SWE Sven Ritter)
TreeSize Free V4.7.1 (64 bit) (HKLM\...\TreeSize Free_is1) (Version: 4.7.1 - JAM Software)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WhoCrashed 7.06 (HKLM\...\WhoCrashed_is1) (Version: 7.06 - Resplendence Software Projects Sp.)
Wilbur (remove only) (HKLM-x32\...\Wilbur) (Version: - )
XnView 2.51.5 (HKLM-x32\...\XnView_is1) (Version: 2.51.5 - Gougelet Pierre-e)
Zoom (HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\...\ZoomUMX) (Version: 5.16.6 (24712) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-01-13] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2023-12-15] (INTEL CORP) [Startup Task]
B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.35.264.0_x64__v10z8vjag6ke6 [2024-01-13] (HP Inc.)
Bitdefender CL Contextual Menu -> C:\Program Files\Bitdefender\Bitdefender Security App [2024-01-13] (Bitdefender)
Dev Home (Preview) -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.901.374.0_x64__8wekyb3d8bbwe [2024-01-13] (Microsoft Corporation)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2022-04-17] (HP Inc.)
HP CoolSense -> C:\Program Files\WindowsApps\ad2f1837.hpcoolsense_1.1.3.0_x64__v10z8vjag6ke6 [2023-06-07] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.4.0.0_x64__v10z8vjag6ke6 [2023-10-20] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2023-10-20] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6 [2022-09-24] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-17] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.32.31.0_x64__v10z8vjag6ke6 [2024-01-13] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.39.0_x64__v10z8vjag6ke6 [2023-09-30] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-17] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21027.539.0_x64__8wekyb3d8bbwe [2023-10-31] (Microsoft Corporation)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-14] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-13] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_28.52349.1300.0_x64__v10z8vjag6ke6 [2023-12-19] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-11-04] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-06] (Microsoft Studios) [MS Ad]
WinAppRuntime.Main.1.3 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe [2023-11-05] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-01-13] (Microsoft Corp.)
Windows App Runtime DDLM 3000.934.1904.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.934.1904.0-x6_3000.934.1904.0_x64__8wekyb3d8bbwe [2023-11-05] (Microsoft Corporation)
Windows App Runtime DDLM 3000.934.1904.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.934.1904.0-x8_3000.934.1904.0_x86__8wekyb3d8bbwe [2023-11-05] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-01-13] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2987192262-2318196993-4031371102-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> c:\program files\macrium\common\reflectmonitor.exe (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
CustomCLSID: HKU\S-1-5-21-2987192262-2318196993-4031371102-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2987192262-2318196993-4031371102-1001_Classes\CLSID\{41714a9a-6d2d-44c8-a165-bb3e8cddb4d3}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => Keine Datei
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_c1175609f74fb701\OptaneShellExt.dll [2022-01-20] (Intel Corporation -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler.dll [2023-12-22] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler.dll [2023-12-22] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_c1175609f74fb701\OptaneShellExt.dll [2022-01-20] (Intel Corporation -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\nvshext.dll [2023-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler.dll [2023-12-22] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-13] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2022-01-16 13:19 - 2023-12-14 13:03 - 000634880 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\SYSTEM32\gameplatformservices.dll
2022-01-16 13:26 - 2022-01-16 13:26 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2022-01-16 13:26 - 2022-01-16 13:26 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2023-12-03 14:30 - 2024-01-08 00:00 - 000333824 _____ (Software Security System) [Datei ist nicht signiert] C:\Program Files\SpeedProject\SpeedCommander 21\EKC6420.DLL
2023-10-19 21:08 - 2023-10-19 21:08 - 002973696 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {603C1AE7-1F29-459F-9338-D251CAE1609F} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {603C1AE7-1F29-459F-9338-D251CAE1609F} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\bdtrackerstbie.dll [2023-11-17] (Bitdefender SRL -> Bitdefender)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2024-01-04] (HP Inc. -> HP Inc.)
BHO-x32: Bitdefender Anti-tracker -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security App\antispam32\bdtrackerstbie.dll [2023-11-17] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2024-01-04] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hero7\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
Network Binding:
=============
WLAN: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
LAN-Verbindung: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Intel® Arc™ Control"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_156DA62A8213CF1C7052FD6A96EF931A"
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\...\StartupApproved\Run: => "UpdateStar"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{1068DB08-EFA7-415E-9AEE-D3744DAC5BA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DB8A0645-5BC5-418E-AD03-680CFCC85AC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D94F916D-75FD-4C7F-92A9-7D6E85DDC5F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DDDD8EC6-F905-4600-B015-16C6969C93CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{08D2029F-5560-454C-B749-2120E1AD5000}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7D90921F-5A23-4253-97C1-13276B570A04}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A74589E5-C2A9-4554-9454-F3A8746D9825}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{05496B7B-F9AB-4CA7-B9D7-29B113BC0C16}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{10B234D2-63D2-4025-BFAB-3677E490F73A}] => (Allow) C:\Users\hero7\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{4721A0AB-C0BC-430B-A52B-5A99989B4B8A}] => (Allow) C:\Users\hero7\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{95738818-022E-4515-8AB5-3BC08D293DF8}] => (Allow) C:\Users\hero7\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E1D025ED-77DE-49AC-9477-BF82E0C0E013}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{5CF7E08F-7770-4C27-BC7A-13232AAC8364}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{F0DBC110-21F5-46A1-9B06-D76D201221F2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{F2013E77-2290-4ACF-918D-8D31F9AED442}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{CFF6189F-EEA5-4BF4-B596-3EA6C3831CD7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{AF08195B-D956-458F-B397-1299905169D9}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{913E98CA-7C9F-4775-B203-30B38EAAC0F3}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{933C6C18-0D6F-4E64-B6D7-A69936FEF46F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{44A685B0-EAA0-40BC-A60C-D222D4F14232}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{46F32030-5734-44B1-86B4-C0B6CC9880A5}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{BCC859EC-06BB-4404-95FF-781B7939B4D8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{637C4231-B5D6-4BC5-B0A5-3E49A100258E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{F3928EA8-F559-4ABA-A864-11E3CEF1B038}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{A175D930-6BA6-4326-BBEA-F99B250CBF21}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{8A977252-83BE-4816-B7CF-7708BFE72FFA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{DDEE0044-3F5E-48BE-90C2-CDFE335083D1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2201.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{1CF67771-9106-4B0B-A362-AF9E795EB611}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A0F8B9F5-7BA0-4BBF-BB40-ABC2DB327177}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E61B549-A159-4129-889E-5E943A4A2765}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CD60A644-3E92-4044-95E2-651EBC470E25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B099AC51-1A43-4EB8-B597-2313A7CCFF39}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0E1A092E-2485-4476-9BCA-8920B5E00F5C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D59C6770-DB79-4C22-B126-F2EDE444179E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{77AA15DB-7243-4DBE-88E1-0E9608F1D7B1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D53D1E74-1383-48A7-90DD-AE43C55C4C54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ACF6AB30-71A6-4001-A34E-384FDA28FD43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A392BF1C-D7FB-4401-9009-A8FCB8E55615}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B9C2DA7-3A9A-40DF-894D-070B883FFA26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3E89252A-0480-4865-90A1-4385E85B1DC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65D866FC-F456-4C77-9955-C3057D97DE87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{55AFDC84-8C69-4EC9-A200-817D64820F6C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CE16715E-C20B-4EF7-A31E-B480E04B53E3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.133\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
13-01-2024 15:53:45 HPSF Applying updates
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (01/14/2024 01:03:48 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (01/13/2024 03:09:35 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (01/13/2024 03:02:47 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
0x%08x (0x80040d06 - Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06))
Error: (01/13/2024 03:02:47 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
0x%08x (0x80040d06 - Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06))
Error: (01/13/2024 03:02:47 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
0x%08x (0x80040d06 - Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06))
Error: (01/13/2024 03:02:47 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
0x%08x (0x80040d06 - Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06))
Error: (01/13/2024 03:02:46 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Der Plug-In-Manager <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
0x%08x (0x8007065e - Daten mit diesem Typ werden nicht unterstützt. (HRESULT : 0x8007065e))
Error: (12/30/2023 07:53:20 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Systemfehler:
=============
Error: (01/14/2024 01:40:41 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-HP-2156)
Description: Ein DCOM-Server konnte nicht gestartet werden: {0358B920-0AC7-461F-98F4-58E32CD89148}. Fehler:
"2147942767"
Aufgetreten beim Start dieses Befehls:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (01/14/2024 01:28:43 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-HP-2156)
Description: Ein DCOM-Server konnte nicht gestartet werden: {0358B920-0AC7-461F-98F4-58E32CD89148}. Fehler:
"2147942767"
Aufgetreten beim Start dieses Befehls:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (01/14/2024 12:00:26 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HP-2156)
Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/14/2024 11:57:45 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {f39c8fe7-cba5-4b0f-98da-c9263ddbb7b6}" ist das Ereignis "74" aufgetreten.
Error: (01/14/2024 12:57:48 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {f39c8fe7-cba5-4b0f-98da-c9263ddbb7b6}" ist das Ereignis "74" aufgetreten.
Error: (01/13/2024 05:36:18 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{995C996E-D918-4A8C-A302-45719A6F4EA7}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/13/2024 05:36:17 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HP-2156)
Description: Der Server "Microsoft.YourPhone_1.23102.126.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/13/2024 05:36:17 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{995C996E-D918-4A8C-A302-45719A6F4EA7}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
================Event[0]
Date: 2022-10-20 20:56:16
Description:
Bei Microsoft Defender Antivirus ist ein Fehler bei dem Versuch aufgetreten, eine verdächtige Datei zur weiteren Analyse hochzuladen.
Dateiname: C:\Users\hero7\Downloads\kaspersky4win202121.7.7.393de_35816.exe
Sha256: 0a35635e20f9536a9a0ea67218c62107d5977570fb15105ea65c6b26a92b1af5
Aktuelle Sicherheitsversion: AV: 1.377.550.0, AS: 1.377.550.0
Aktuelle Modulversion: 1.1.19700.3
Fehlercode: 0x80071112
Date: 2022-10-20 20:38:30
Description:
Bei Microsoft Defender Antivirus ist ein Fehler bei dem Versuch aufgetreten, eine verdächtige Datei zur weiteren Analyse hochzuladen.
Dateiname: C:\Users\hero7\Downloads\kis21.3.10.391abde_26499.exe
Sha256: 383849a5bf6b8691f0debb71b12d4eebafa40e19acad7ff37d1c69283081e6e8
Aktuelle Sicherheitsversion: AV: 1.377.550.0, AS: 1.377.550.0
Aktuelle Modulversion: 1.1.19700.3
Fehlercode: 0x80071112
Date: 2022-10-20 18:51:03
Description:
Bei Microsoft Defender Antivirus ist ein Fehler bei dem Versuch aufgetreten, eine verdächtige Datei zur weiteren Analyse hochzuladen.
Dateiname: C:\Users\hero7\Downloads\kaspersky4win202121.7.7.393de_35815.exe
Sha256: 645b25fe28c41f17034777afb8047fa70b45d314eff057bb9ce271806f8e57d7
Aktuelle Sicherheitsversion: AV: 1.377.479.0, AS: 1.377.479.0
Aktuelle Modulversion: 1.1.19700.3
Fehlercode: 0x80071112
CodeIntegrity:
===============
Date: 2024-01-14 12:39:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_266894485911477603\antimalware_provider64.dll that did not meet the Windows signing level requirements.
Date: 2024-01-14 11:59:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_266894485911477603\antimalware_provider64.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: Insyde F.23 07/06/2023
Hauptplatine: HP 88E7
Prozessor: 11th Gen Intel(R) Core(TM) i5-11300H @ 3.10GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 16129.99 MB
Verfügbarer physikalischer RAM: 8239.66 MB
Summe virtueller Speicher: 22282.49 MB
Verfügbarer virtueller Speicher: 11345.16 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:474.34 GB) (Free:377.04 GB) (Model: NVMe SAMSUNG MZVLQ512HALU-000H1) NTFS
\\?\Volume{6fc7fe93-aa17-45cc-bb4c-da818c7735e8}\ () (Fixed) (Total:0.65 GB) (Free:0.06 GB) NTFS
\\?\Volume{7138f76a-2204-4de9-a015-652cf26efa7b}\ () (Fixed) (Total:0.6 GB) (Free:0.08 GB) NTFS
\\?\Volume{86ccec02-aaf8-44dd-a6d4-26b3b8402026}\ (Windows RE tools) (Fixed) (Total:0.55 GB) (Free:0.06 GB) NTFS
\\?\Volume{580f7bc9-ca8c-4b89-afad-adcb3444d9a3}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32
\\?\Volume{6bebe86a-53e5-4493-81c5-91c706e9da24}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32
\\?\Volume{02fe5cfe-eba2-4bdb-9e39-d65f45b32ee1}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32
==================== MBR & Partitionstabelle ====================
==================== Ende von Addition.txt =======================
|
|
14.01.2024, 13:50
| #4 |
| | Microsoft Windows Defender AlertFRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11.01.2024
durchgeführt von hero7 (Administrator) auf LAPTOP-HP-2156 (HP HP Pavilion Gaming Laptop 17-cd2xxx) (14-01-2024 13:42:13)
Gestartet von C:\Daten\Programme\FRST64.exe
Geladene Profile: hero7
Plattform: Microsoft Windows 11 Home Version 23H2 22631.3007 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.266\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <4>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdtrackersnmh.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.400.20.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.133\msedgewebview2.exe <6>
(DriverStore\FileRepository\cui_dch.inf_amd64_95bc605201b64517\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_95bc605201b64517\igfxEMN.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\dptf_helper.exe
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_fe3afc9d28b2c978\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_fe3afc9d28b2c978\x64\TouchpointGpuInfo.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.39.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnapp.exe
(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(explorer.exe ->) (Sven Ritter -> SWE Sven Ritter) C:\Program Files\SpeedProject\SpeedCommander 21\SpeedCommander.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SECOMN64.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Glarysoft Ltd -> Glarysoft Ltd) C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe
(services.exe ->) (Glarysoft Ltd -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities\x64\MemfilesService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_fe3afc9d28b2c978\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_95bc605201b64517\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_d9aa4f0713cc07ec\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_03b951be52cd2aa9\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_237b1b6e9066be9c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d4564390a9b1e980\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe <2>
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> ) C:\ProgramData\Wondershare\wsServices\ElevationService.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_28.52349.1300.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_28.52349.1300.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.400.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe [3450728 2022-03-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1067296 2023-11-17] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [492072 2023-06-12] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [BdagentApp] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1067296 2023-11-17] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [11859680 2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [253952 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.217\Installer\chrmstp.exe [2024-01-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
BootExecute: autocheck autochk *
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {5820BF85-6EAF-44CA-BF22-2A067711195D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {32C6B60A-5BD7-473A-9DC0-602777E144EB} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.266\WatchDog.exe [1111184 2023-12-12] (Bitdefender SRL -> Bitdefender)
Task: {BAB74094-CA13-4D7F-92F4-C8C602801000} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {82909046-8023-41E8-8F08-F16A263B9802} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "ad2afbf2-db15-4eed-98e1-9396cd8464dd" --version "6.19.10858" --silent
Task: {0630D469-488A-473B-8689-1D3AE25CC3C9} - System32\Tasks\CCleanerSkipUAC - hero7 => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {2FCF4D21-A3B6-4396-99CB-B14C1F77D5DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2023-02-03] (Google LLC -> Google LLC)
Task: {0C148C14-B77A-40D0-AC54-5CC7CC64A5C8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2023-02-03] (Google LLC -> Google LLC)
Task: {51DE7CBE-C8F3-4B41-BBC1-013FD3CDF1D8} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO
Task: {05E31522-B5E9-45EA-A449-44898A3B1095} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError
Task: {2BDC11FC-D619-4C74-8DF2-01D5E63D323F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusTest
Task: {BB5391E0-C219-4ECE-9477-E1E7C566E0CC} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF
Task: {B7C2B5D7-23EE-4DB0-A4F4-70498320913C} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1
Task: {FE546F5B-CE5F-411F-826D-351FAA0EA73E} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2
Task: {1553EAAC-C91A-4DCC-AF13-15D2232F5652} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI
Task: {1C7C141E-5A7A-44F7-BA10-DB927007DA69} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags:
Task: {39F68641-FAD4-4E83-AFAA-A81F3A678C0D} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\windows\system32\cmd.exe [323584 2023-10-27] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError
Task: {3487EEA3-EC3D-4ABD-BC59-25669F9F2F60} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2024-01-04] (HP Inc. -> HP Inc.)
Task: {931C48B3-EA51-42FE-A7BA-2FA91B45B6E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-01-04] (HP Inc. -> HP Inc.)
Task: {D0308842-3844-40D1-94DD-CB9F5F2BD938} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2024-01-04] (HP Inc. -> HP Inc.)
Task: {84473A6B-7A4F-4573-8752-171EDFF2D9B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2024-01-04] (HP Inc. -> HP Inc.)
Task: {147C48F4-B206-48AD-BFF8-216C972C0A5A} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {4A647844-FBC7-4E36-B7F9-DB362A3D3D17} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5137472 2023-10-16] (Intel Corporation -> Intel Corporation)
Task: {A4512112-3BA2-4CC3-AA16-558F3F2D98AE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5137472 2023-10-16] (Intel Corporation -> Intel Corporation)
Task: {54071690-DA22-409E-B6EB-6E279199176D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {FBF0F01B-3751-467B-BA70-4E7E7C5FD35B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {40609540-D998-435C-BC74-A7C7A835B3F2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {945106FE-992E-4E64-A7E0-A3F1E39C15B6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {402A6254-87AF-4852-83C1-22CD50867041} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B185BD8-78AE-4037-B0FF-94CDDC8FDAF3} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Keine Datei)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {685CB494-06A5-4C97-8D19-52707B10D2D7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2024-01-13] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4ADF4D03-09DB-41E4-8DDF-A8C755C8747B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2024-01-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {B985A619-722E-4BF3-8CD5-1A5C97899D33} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {18C8B028-98AE-4DA7-A018-9301395A6A3A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6C8538D8-F1D4-4CE2-8D2B-09E6C930A4F9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C0A1087-D5B1-45D0-A92D-648FD24BE6A9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7754D4FD-9D5C-4AB4-B47A-DDF0B752193F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6299BC88-DFF3-491D-8B7E-59018309487E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3501111D-363A-44AB-BDCD-06BDC305DEC7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5D555AF-E68A-4B4B-BB55-E84302429459} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A37D158A-DC52-4333-B8EA-BEEFEA0CCF27} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83B16396-BDBD-4F50-A156-7E3EC26E0663} - System32\Tasks\Software Update => C:\Program Files (x86)\Glarysoft\Software Update 5\Software Update.exe -autorun (Keine Datei)
Task: {58948EBF-5536-452B-83F7-B6F2EBBDBAAC} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [200704 2023-04-26] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{cac3a7c5-f9d2-4d8d-a063-6fc781807bc0}: [NameServer] 198.51.100.1
Tcpip\..\Interfaces\{cac3a7c5-f9d2-4d8d-a063-6fc781807bc0}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{ff6a38ee-44b7-49e5-8c04-e84cec2253e6}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ff6a38ee-44b7-49e5-8c04-e84cec2253e6}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{ff6a38ee-44b7-49e5-8c04-e84cec2253e6}\E6F6274677563747E2662756966657E6B6E2E65647: [DhcpNameServer] 45.154.109.53
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\hero7\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-14]
Edge StartupUrls: Default -> "hxxp://www.t-online.de/"
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\hero7\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-12-24]
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\hero7\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2023-12-12]
Edge Extension: (Google Docs Offline) - C:\Users\hero7\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-30]
Edge Extension: (Edge relevant text changes) - C:\Users\hero7\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-09]
Edge Extension: (Proper Menubar for Microsoft Edge) - C:\Users\hero7\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mdffgnflikkenkkjhkgojbgkjabknlob [2023-07-08]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: zi6fy1rp.default
FF ProfilePath: C:\Users\hero7\AppData\Roaming\Mozilla\Firefox\Profiles\zi6fy1rp.default [2022-10-20]
FF ProfilePath: C:\Users\hero7\AppData\Roaming\Mozilla\Firefox\Profiles\tgqowxpu.default-release [2024-01-14]
FF Homepage: Mozilla\Firefox\Profiles\tgqowxpu.default-release -> www.t-online.de
FF Notifications: Mozilla\Firefox\Profiles\tgqowxpu.default-release -> hxxps://www.holidaycheck.de; hxxps://a.forgeart.top
FF Extension: (Bitdefender Anti-tracker) - C:\Users\hero7\AppData\Roaming\Mozilla\Firefox\Profiles\tgqowxpu.default-release\Extensions\bdtbe@bitdefender.com.xpi [2023-11-29] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json]
FF Extension: (I don't care about cookies) - C:\Users\hero7\AppData\Roaming\Mozilla\Firefox\Profiles\tgqowxpu.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-12-06]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => nicht gefunden
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext [2023-07-05] [] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-04] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2022-10-21] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2022-10-21] <==== ACHTUNG
Chrome:
=======
CHR Profile: C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default [2024-01-14]
CHR Extension: (Präsentationen) - C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-04-18]
CHR Extension: (Docs) - C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-04-18]
CHR Extension: (Google Drive) - C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-04-18]
CHR Extension: (YouTube) - C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-04-18]
CHR Extension: (Avira Password Manager) - C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-11-06]
CHR Extension: (Avira Safe Shopping) - C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-12-21]
CHR Extension: (Tabellen) - C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-04-18]
CHR Extension: (Avira Browserschutz) - C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-21]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-18]
CHR Extension: (Google Mail) - C:\Users\hero7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-04-18]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-2987192262-2318196993-4031371102-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [439848 2023-06-07] (Bitdefender SRL -> AnchorFree Inc.)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [840552 2023-11-17] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [840552 2023-11-17] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [840552 2023-11-17] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-08-30] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2574864 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [840552 2023-11-17] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [450088 2023-06-12] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [43784 2023-09-25] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [240392 2023-09-25] (Intel Corporation -> Intel)
R2 ElevationService; C:\ProgramData\Wondershare\wsServices\ElevationService.exe [934648 2022-10-25] (Wondershare Technology Group Co.,Ltd -> )
R2 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [888216 2023-12-22] (Glarysoft Ltd -> Glarysoft Ltd)
R2 GUMemfilesService; C:\Program Files (x86)\Glary Utilities\x64\MemfilesService.exe [427928 2023-12-22] (Glarysoft Ltd -> Glarysoft Ltd)
S3 GUPMService; C:\Program Files (x86)\Glary Utilities\GUPMService.exe [76696 2023-12-22] (Glarysoft Ltd -> Glarysoft Ltd)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\AppHelperCap.exe [888768 2023-11-20] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\DiagsCap.exe [887848 2023-11-20] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\NetworkCap.exe [884672 2023-11-20] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\OmenCap.exe [755152 2023-10-19] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2023-11-17] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_60ff45a1aa5ed51a\x64\SysInfoCap.exe [886720 2023-11-20] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_fe3afc9d28b2c978\x64\TouchpointAnalyticsClientService.exe [493296 2023-11-20] (HP Inc. -> HP Inc.)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [13004248 2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-13] (Malwarebytes Inc. -> Malwarebytes)
S3 mc-wps-secdashboardservice; C:\Program Files (x86)\HP\HP Support Framework\Resources\mc-wps-secdashboardservice.exe [1204608 2024-01-04] (McAfee, LLC -> McAfee, LLC)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\NVDisplay.Container.exe [1275544 2023-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [686032 2023-12-12] (Bitdefender SRL -> Bitdefender)
R2 SECOMNService; C:\WINDOWS\System32\SECOMN64.exe [741832 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [282728 2023-11-17] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [840552 2023-11-17] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-20] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AcxHdAudio; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [561152 2023-10-27] (Microsoft Windows -> Microsoft Corporation)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [6205488 2023-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [800168 2023-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [24568 2023-11-17] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender)
R3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [49200 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [39840 2023-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 bdvpn_netfilter; C:\WINDOWS\System32\drivers\bdvpn_netfilter.sys [94600 2021-09-16] (Pango Inc. -> Pango Inc)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-10-05] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-10-05] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1347496 2023-08-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 GlPciSD; C:\WINDOWS\System32\drivers\GlPciSD.sys [220360 2021-11-18] (GENESYS LOGIC, INC. -> Genesys Logic)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [23568 2023-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [24960 2022-09-01] (HP Inc. -> HP Inc.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_SPI_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_fc1ed3a5a1d514f2\iaLPSS2_SPI_TGL.sys [158352 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_UART2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_cd8c3a141c1b1284\iaLPSS2_UART2_TGL.sys [313504 2021-07-19] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1546432 2022-01-20] (Intel Corporation -> Intel Corporation)
R2 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [165312 2023-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_b8b6f6df4a75225e\gna.sys [87208 2021-08-30] (Intel Corporation -> Intel Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [67496 2022-07-28] (Realtek Semiconductor Corp. -> Realtek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [47920 2021-09-16] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [629184 2023-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [512464 2023-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2022-10-20] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [455968 2022-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-20] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
U3 aspnet_state; kein ImagePath
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-14 13:42 - 2024-01-14 13:42 - 000000000 ____D C:\FRST
2024-01-13 16:02 - 2024-01-13 16:02 - 000723674 _____ C:\WINDOWS\system32\perfh007.dat
2024-01-13 16:02 - 2024-01-13 16:02 - 000149714 _____ C:\WINDOWS\system32\perfc007.dat
2024-01-13 15:22 - 2024-01-13 15:22 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-13 15:21 - 2024-01-13 15:21 - 000016720 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-01-13 15:17 - 2024-01-13 15:19 - 000000000 ___HD C:\$WinREAgent
2024-01-13 15:10 - 2024-01-13 15:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-01-13 15:05 - 2024-01-14 11:58 - 000000000 ____D C:\Users\hero7\AppData\Local\Malwarebytes
2024-01-13 15:05 - 2024-01-13 15:05 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-13 15:04 - 2024-01-13 15:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-13 15:04 - 2024-01-13 15:04 - 000000000 ____D C:\Program Files\Malwarebytes
2023-12-31 10:24 - 2023-12-31 10:24 - 000391112 _____ C:\Users\hero7\Downloads\09724202.pdf
2023-12-29 08:35 - 2023-12-29 08:35 - 000655492 _____ C:\Users\hero7\Downloads\DPaakXRVTlhH2cDxEFIVka-30.pdf
2023-12-26 15:19 - 2024-01-13 15:09 - 000000000 ____D C:\Program Files (x86)\Glary Utilities
2023-12-26 15:19 - 2023-12-26 15:19 - 000001197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities.lnk
2023-12-26 15:19 - 2023-12-26 15:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
2023-12-26 13:53 - 2023-12-26 13:53 - 002470656 _____ C:\Users\hero7\Downloads\2312_EB-Rest_Speisekarte.pdf
2023-12-26 12:56 - 2023-12-26 12:56 - 000090872 _____ C:\ProgramData\agent.update.1703591777.bdinstall.v2.bin
2023-12-25 11:23 - 2023-12-25 11:23 - 000067181 _____ C:\Users\hero7\Downloads\Yomogi-250-mg-Packungsbeilage.pdf
2023-12-22 14:04 - 2023-12-22 14:04 - 000000000 ____D C:\ProgramData\AnchorFree_Inc
2023-12-21 14:58 - 2023-12-21 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2023-12-21 14:58 - 2023-12-21 14:58 - 000000000 ____D C:\Program Files\HWiNFO64
2023-12-21 14:18 - 2023-12-21 14:18 - 000000000 ____D C:\Users\hero7\AppData\Roaming\Opera Software
2023-12-19 12:48 - 2023-12-19 12:49 - 000000000 ____D C:\Users\hero7\Downloads\Speisen
2023-12-18 15:33 - 2023-12-18 15:33 - 000000000 ____D C:\ProgramData\Gemma
2023-12-18 15:33 - 2023-12-18 15:33 - 000000000 ____D C:\ProgramData\Atc
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-14 13:42 - 2022-02-09 14:46 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-14 13:40 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-14 13:28 - 2023-11-17 20:20 - 000000000 ____D C:\Program Files\CCleaner
2024-01-14 12:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-14 12:55 - 2022-04-18 12:02 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-14 12:34 - 2022-01-16 13:03 - 000000000 ____D C:\Users\hero7\AppData\Local\D3DSCache
2024-01-14 12:32 - 2022-10-05 17:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-14 12:32 - 2022-01-16 12:48 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-14 11:57 - 2022-01-14 14:28 - 000000000 __SHD C:\Users\hero7\IntelGraphicsProfiles
2024-01-13 17:03 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-13 17:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-13 16:16 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-01-13 16:02 - 2022-10-05 17:27 - 001685202 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-13 15:58 - 2022-10-05 17:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-13 15:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-01-13 15:58 - 2021-04-17 00:45 - 000000000 ____D C:\Intel
2024-01-13 15:58 - 2020-05-06 09:58 - 000012288 ___SH C:\DumpStack.log.tmp
2024-01-13 15:57 - 2022-05-07 06:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-01-13 15:54 - 2022-02-04 15:50 - 000000000 ____D C:\SWSetup
2024-01-13 15:51 - 2022-10-08 15:50 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-01-13 15:42 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-01-13 15:42 - 2022-01-15 18:14 - 000000000 ____D C:\Users\hero7\AppData\LocalLow\Adobe
2024-01-13 15:31 - 2023-07-23 10:07 - 000000000 ___RD C:\Users\hero7\OneDrive\Dokumente\Reflect
2024-01-13 15:31 - 2022-05-07 06:17 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2024-01-13 15:26 - 2022-10-05 17:23 - 000460312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-13 15:26 - 2022-01-16 15:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-13 15:25 - 2023-09-27 15:40 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-01-13 15:25 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-01-13 15:25 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-13 15:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-13 15:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-13 15:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-13 15:23 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-13 15:21 - 2022-10-05 17:24 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-01-13 15:21 - 2021-04-17 00:53 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-13 15:17 - 2022-01-16 15:15 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-13 15:13 - 2022-01-16 20:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-13 15:12 - 2022-10-11 14:29 - 000002119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-13 15:12 - 2022-10-05 17:33 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-01-13 15:11 - 2022-01-16 12:48 - 000002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-13 15:10 - 2023-07-02 12:10 - 000002285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-13 15:10 - 2022-01-16 20:20 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-13 15:04 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-13 15:02 - 2022-10-05 17:24 - 000000000 ____D C:\Users\hero7
2023-12-30 12:25 - 2022-01-16 17:48 - 000000000 ____D C:\Users\hero7\AppData\Local\CrashDumps
2023-12-30 12:21 - 2022-01-17 19:15 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2023-12-26 16:02 - 2022-01-16 13:05 - 000000000 ____D C:\Users\hero7\AppData\Roaming\Microsoft\Word
2023-12-26 13:39 - 2023-11-03 16:32 - 000000000 ____D C:\ProgramData\Glarysoft
2023-12-26 12:56 - 2022-10-21 14:43 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2023-12-26 12:56 - 2022-10-21 14:41 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-12-22 14:04 - 2023-11-17 20:20 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-12-19 12:02 - 2022-01-16 13:01 - 000000000 ____D C:\Users\hero7\AppData\Local\Packages
2023-12-18 21:20 - 2023-02-03 15:31 - 000002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
14.01.2024, 14:20
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Microsoft Windows Defender Alert System aufräumen: unnötige und veraltete Programme deinstallieren Bitte über Programme und Features (appwiz.cpl) deinstallieren:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.01.2024, 14:47
| #6 |
| | Microsoft Windows Defender Alert Warum Bitdefender deinstallieren? Ist mein Security Programm. Wie erstelle ich code-tags? |
|
14.01.2024, 14:57
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Microsoft Windows Defender Alert Weil das überflüssiger Nonsens ist. Sowas ist in Windows schon seit Windows 8 direkt eingebaut.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.01.2024, 15:00
| #8 |
| | Microsoft Windows Defender Alert OK und dann? |
|
14.01.2024, 15:02
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Microsoft Windows Defender Alert Und dann gehts weiter.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.01.2024, 15:09
| #10 |
| | Microsoft Windows Defender Alert Und wie? |
|
14.01.2024, 16:00
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Microsoft Windows Defender Alert Mit der Analyse.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.01.2024, 16:16
| #12 |
| | Microsoft Windows Defender Alert Noch mal und wie ? |
|
14.01.2024, 16:24
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Microsoft Windows Defender Alert Passt dir irgendwas an meinen Instruktionen nicht oder was soll ich jetzt aus deiner Fragerei schließen? Wir können an dieser Stelle auch abbrechen, Probleme hast du ja keine.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.01.2024, 16:30
| #14 |
| | Microsoft Windows Defender Alert Sorry, ich wollte dir nicht zu nahe treten. Wenn ich keine Hilfe bräuchte, hätte ich mich ja nicht an euch gewandt. Ich weiß nur nicht, was ich analysieren soll. |
|
14.01.2024, 16:32
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Microsoft Windows Defender Alert Ich hab auch nicht geschrieben, das DU analysieren sollst. Die mache ich. Es geht weiter, wenn du die o.g. Programme deinstalliert hast.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Microsoft Windows Defender Alert |
| alert, beim starten, bitdefender, code, defender, gestern, hoffe, interne, internet, krieg, laptop, laufen, malwarebytes, melde, meldung, microsoft, natürlich, neu, starte, starten, system, versucht, vieles, windows, zugriff |
Linear-Darstellung
