memorybuffer - HEUR/AGEN.1326623

Adrian87 · 24.02.2024, 21:45

Guten Abend,

Am vergangenen Wochenende habe ich mein Windows 11 (Home Edition) neu installiert. Leider erhielt ich bereits einen Tag später eine Benachrichtigung von Avira. Obwohl ich mittlerweile einen vollständigen Scan mit Avira durchgeführt habe und auch mit Malwarebytes, erhalte ich etwa 20 Minuten nach dem Start von Windows erneut eine Meldung von Avira, dass ein bösartiger Prozess blockiert wurde. In der Quarantäne von Avira wird jedoch nichts angezeigt. Warum wird diese Datei nicht von Avira gelöscht?

Alle Programme, die ich verwende, wurden entweder gekauft oder befinden sich in einem Abonnement. Daher schließe ich diese Programme aus, aber man kann nie sicher sein.

Hat hier jemand vielleicht eine Idee wie ich das Problem lösen könnte?

Anbei die Logs und Screenshots der Avira Meldung

Viele Grüße
Adrian

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23.02.2024
durchgeführt von asch8 (24-02-2024 20:15:07)
Gestartet von C:\Users\asch8\OneDrive\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) (2024-02-17 17:55:39)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-494115103-3953799370-1247020108-500 - Administrator - Disabled)
asch8 (S-1-5-21-494115103-3953799370-1247020108-1001 - Administrator - Enabled) => C:\Users\asch8
DefaultAccount (S-1-5-21-494115103-3953799370-1247020108-503 - Limited - Disabled)
Gast (S-1-5-21-494115103-3953799370-1247020108-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-494115103-3953799370-1247020108-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {73535B65-1023-5EE7-9DB9-8A0AB906421A}
FW: Avira Security (Enabled) {4EFB3EBA-D5BC-D311-F570-D3065B48D523}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.008.20533 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.1.0.587 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_7_2) (Version: 7.2 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_4) (Version: 25.4.0.319 - Adobe Inc.)
Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version:  - ) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.43.1.16819 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.99.264 - Avira Operations GmbH) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version:  - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 7.0.0.370 - Avira Operations GmbH) Hidden
Dell Display Manager 2.2 (HKLM\...\Dell Display Manager 2) (Version: 2.2.0.43 - Dell Inc.)
Discord (HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Discord) (Version: 1.0.9033 - Discord Inc.)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2301.440 - Avira Operations GmbH & Co. KG) Hidden
FileZilla 3.66.5 (HKLM-x32\...\FileZilla Client) (Version: 3.66.5 - Tim Kosse)
FiveM (HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\CitizenFX_FiveM) (Version:  - Cfx.re)
Focusrite Audio Drivers 4.119.13.33 (HKLM\...\Focusrite Audio Drivers_is1) (Version: 4.119.13.33 - Focusrite Audio Engineering, Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.189 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 87.0.2.0 - Google LLC)
Malwarebytes version 5.0.17.99 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.0.17.99 - Malwarebytes)
Microsoft .NET Host - 6.0.22 (x64) (HKLM\...\{A575E059-0C3F-4138-B87A-BAF55CABA9FA}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.22 (x64) (HKLM\...\{E7598167-2D5C-4704-8777-8A25289EB8FE}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.22 (x64) (HKLM\...\{853BA4E9-D41A-4FF6-AB22-A6FFDD77EA78}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.128 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.128 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.020.0128.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM\...\{6B3108CD-E279-4795-BCBF-BDEA037A7913}) (Version: 48.88.914 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM-x32\...\{0f94f805-22c3-4413-b1e5-5ab275ba92d5}) (Version: 6.0.22.32825 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.7.0 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 115.7.0 (x64 de)) (Version: 115.7.0 - Mozilla)
MSVCRT Redists (HKLM\...\{E28F9ECF-1D13-11EC-843A-00155D26A171}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Grafiktreiber 551.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.61 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.85.1858 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.2.7.3 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.6.1 - TeamSpeak Systems GmbH)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VEGAS Pro 19.0 (HKLM\...\{E0A0A00F-1D13-11EC-88E7-00155D26A171}) (Version: 19.0.381 - VEGAS)
Windows*11-Installationsassistent (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.3630 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{4254C1AD-B9B0-4020-A4B1-D8B61D12142A}) (Version: 3.7.2204.15001 - Microsoft Corporation)
WinRAR 6.24 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)

Packages:
=========

Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2024-02-18] (Adobe Systems Incorporated)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1100.416.0_x64__8wekyb3d8bbwe [2024-02-24] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_151.3.1092.0_x64__v10z8vjag6ke6 [2024-02-19] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-02-17] (Microsoft Corp.)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-02-17] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-02-17] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-02-22] (NVIDIA Corp.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-02-19] (Adobe Systems Incorporated)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-17] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0 [2024-02-17] (Spotify AB) [Startup Task]
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.14.9.0_x64__t4vj0pshhgkwm [2024-02-21] (Telegram Messenger LLP) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm [2024-02-18] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-02-17] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2024-02-18] (win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-494115103-3953799370-1247020108-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-494115103-3953799370-1247020108-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-494115103-3953799370-1247020108-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-02-05] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-02-07] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-02-07] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-24] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-02-05] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830091b3ebd4b98a\nvshext.dll [2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-02-05] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-24] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2024-02-17 20:49 - 2024-02-17 20:49 - 000094720 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GFSDK_TXAA_AlphaResolve.win64.dll
2023-07-24 11:10 - 2023-07-24 11:10 - 000132608 _____ () [Datei ist nicht signiert] C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 003954688 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\gfsdk_shadowlib.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 001952768 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\icui18n.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 001254400 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\icuuc.dll
2024-02-18 15:09 - 2024-02-18 15:09 - 174233600 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\libcef.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 000442368 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\libEGL.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 006435328 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\libGLESv2.dll
2024-02-18 15:09 - 2024-02-18 15:09 - 006358528 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\mono-2.0-sgen.dll
2024-02-18 15:09 - 2024-02-18 15:09 - 000339456 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\ros.dll
2024-02-18 15:09 - 2024-02-18 15:09 - 015249408 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\v8-9.3.345.16.dll
2024-02-18 19:37 - 2024-02-18 19:37 - 000152064 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll
2024-02-18 19:39 - 2024-02-18 19:39 - 000200704 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Roaming\TS3Client\plugins\SaltyChat\VoiceDistortion_win64.dll
2024-02-22 17:05 - 2024-02-22 17:23 - 000376320 _____ (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ChromeBrowser
2024-02-22 17:05 - 2024-02-22 17:23 - 001027648 _____ (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ROSLauncher
2024-02-22 17:05 - 2024-02-22 17:23 - 001027648 _____ (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ROSService
2024-02-18 15:08 - 2024-02-18 15:08 - 000653312 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\avutil-56.dll
2024-02-18 15:09 - 2024-02-18 15:09 - 000376832 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\swresample-3.dll
2024-02-18 19:39 - 2024-02-18 19:39 - 000988672 _____ (gaming.v10networks.com) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\asch8\AppData\Roaming\TS3Client\plugins\SaltyChat_win64.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 006251520 _____ (Google Inc.) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\SwiftShaderD3D9_64.dll
2024-02-17 20:49 - 2024-02-17 20:49 - 000435712 _____ (RAD Game Tools, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\bink2w64.dll
2024-02-19 11:35 - 2024-01-27 16:16 - 004365536 _____ (ReShade -> crosire) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\plugins\dxgi.dll
2024-02-18 19:37 - 2024-02-18 19:37 - 000329216 _____ (TeamSpeak Systems GmbH) [Datei ist nicht signiert] C:\Users\asch8\AppData\Roaming\TS3Client\plugins\teamspeak_control_plugin_win64.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 001218048 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\chrome_elf.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\asch8\OneDrive\Desktop\FRST64.exe:MBAM.Zone.Identifier [240]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-12-07 10:14 - 2024-02-20 14:54 - 000000988 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lh.saltmine.de #saltychat fix
127.0.0.1 lh.v10.network #saltychat fix
127.0.0.1 lh.saltmine.de #saltychat fix
127.0.0.1 lh.v10.network #saltychat fix

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-494115103-3953799370-1247020108-1001\Control Panel\Desktop\\Wallpaper -> D:\Eigene Datein\Bilder & Videos\Wallpaper\3425171_2.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Focusrite Notifier"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\StartupFolder: => "DDM2.0.lnk"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_F37BB1A5C7F5DD90127A66EC187105FA"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "ut"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{01018CBA-78FE-48A8-AE6E-96EF970B6F11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B85F87D4-0EF1-4701-B656-6CA03E86EB3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0A9B5112-093A-4DF9-A083-1273822A9485}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1A63F769-8986-4312-A17A-432EB962F439}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B1314DF4-C801-44CD-9751-12921514255C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ACB8A4CA-C461-43AD-B5AC-9A792F7C5315}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ABB824B9-0A76-4929-BA9F-408DF77E17CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1851BF37-DC07-4B88-972A-AEA886ACC296}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B9670AB7-6D3D-4B9E-B538-BA4461D844F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A89BEB45-D507-46CB-9DEC-50A101FCC49C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D740BE26-73F8-485B-9EBD-977403D4CC93}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{328D6467-E5A6-4CA1-B98A-BE83383AC170}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{57D12637-BB9C-4F69-86B1-B494C402952D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DEB6900C-01D5-4CA7-B841-A269130818CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A4909A39-FAFF-4F69-9257-463E179E3216}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8965CA82-CEEA-4CB3-9FA2-F00F86E99F50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5BD92775-3370-42EB-9E5C-2C4236E4EE4B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DF0FAA64-2AE5-451D-8872-DBE9E79B5063}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F9BFB7E5-A290-4420-A16B-BAFEE89E8364}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{922D09EF-1EA6-422D-BE14-46F9E6DE49D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{674CD41B-743D-414D-8753-5BF7E59F13D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{13D7579D-F5C2-4DD4-BC84-E0C5B8BE0A23}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DD5EC410-1ACD-4F05-9200-64A972BC65A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F32F7BE1-3FE5-4BB2-9DBE-6321AD3469DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{10447422-F059-47AF-9B39-86A9CB069C83}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{79335BA9-3509-4987-999D-8242B3151474}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C230193C-2F36-4DD8-B146-CC27D5EA9EFD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A3A1C2B4-627B-44F7-B278-B974E7F71546}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E37FBAB-E1F7-4456-BB69-0851FF38DCD5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{147E9AE7-A997-4A5B-9B1E-D5D4CDE316E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{DC83E0C1-66F7-441E-9F81-C66E36F993D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{19DD8606-EE1E-48CB-B408-17F406078315}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{B77967E5-9F6C-4CA7-91ED-A102BDF9A88F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{B88EAC1D-858D-4105-AD3C-8CE8DCA79243}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DADCA087-4D1A-4BD9-B894-CCA646069989}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{91D50249-2F05-462B-985C-9E944036A75D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C12118EB-5A46-41CE-8053-88D360EF05CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{39B3C51D-3CF5-458F-8672-B3514228CAAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B4963A81-D0A1-4F63-A9F8-E4BA9E7C569F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{4B18664B-2D02-4056-B830-76748A8707C6}C:\program files\ragemp\gta5.exe] => (Allow) C:\program files\ragemp\gta5.exe (ANGRY SOLUTIONS LTD -> RAGE Multiplayer Developers)
FirewallRules: [UDP Query User{0529AE26-63C0-40BB-BC33-382A7427BB58}C:\program files\ragemp\gta5.exe] => (Allow) C:\program files\ragemp\gta5.exe (ANGRY SOLUTIONS LTD -> RAGE Multiplayer Developers)
FirewallRules: [{79598773-C327-4E56-9939-7FD37166EC55}] => (Allow) C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{3F931BF9-DFE8-438F-A486-DBBA2F8EA471}] => (Allow) C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [TCP Query User{ED6EAFEF-425F-477D-8192-1B02FB6C0C60}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{CE88B7FE-3271-4FAB-A25F-DB095FEA2D30}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{625FEDD3-7175-46C6-84B7-2E046A5DD443}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{021E06C8-ED5B-4CEA-8399-32AC88E49A4C}] => (Allow) C:\Users\asch8\AppData\Roaming\uTorrent\uTorrent.exe => Keine Datei
FirewallRules: [{CC71DE3B-EBA4-4A0A-88C2-E8EA8C2E436D}] => (Allow) C:\Users\asch8\AppData\Roaming\uTorrent\uTorrent.exe => Keine Datei
FirewallRules: [{3644F034-0E39-47BD-81BB-F423E181AF76}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Wiederherstellungspunkte =========================

20-02-2024 12:02:11 Windows Update
24-02-2024 00:08:52 Removed VEGAS Pro 19.0

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (02/24/2024 07:37:20 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-PG9DSVJ)
Description: Name der fehlerhaften Anwendung: caspol.exe, Version: 4.8.9032.0, Zeitstempel: 0x64c2ea79
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.22621.3155, Zeitstempel: 0x587de32b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00149542
ID des fehlerhaften Prozesses: 0x0x3ef0
Startzeit der fehlerhaften Anwendung: 0x0x1da672f7b297c16
Pfad der fehlerhaften Anwendung: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\caspol.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 832f1cfc-c4e4-433e-8edb-910eea95425c
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/24/2024 07:37:20 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: caspol.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.BadImageFormatException

Ausnahmeinformationen: System.BadImageFormatException
   bei System.Reflection.RuntimeAssembly.nLoadImage(Byte[], Byte[], System.Security.Policy.Evidence, System.Threading.StackCrawlMark ByRef, Boolean, Boolean, System.Security.SecurityContextSource)
   bei System.Reflection.Assembly.Load(Byte[])
   bei HexIO.Dispatcher.MessageConsumerDispatcher.CalculateDatabase(System.Object)
   bei HexIO.Dispatcher.MessageConsumerDispatcher.CallProducer()
   bei HexIO.Dispatcher.MessageConsumerDispatcher.StopProducer()
   bei HexIO.Dispatcher.MessageConsumerDispatcher..ctor()
   bei HexIO.Shared.Expression.PublishProducer()

Error: (02/24/2024 03:42:29 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Der Windows-Sicherheitscenterdienst konnte keine Instanzen von FirewallProduct aus dem Datastore laden.

Error: (02/24/2024 03:40:33 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-PG9DSVJ$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 24 Feb 2024 14:40:32 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 9835f9db-49f5-4dca-92fa-bba38943f8c8

Methode: GET(218ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/24/2024 03:40:32 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 24 Feb 2024 14:40:32 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 9bab7b58-f3a4-4d42-80c5-52d1e22ddbf9

Methode: GET(312ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/24/2024 02:42:06 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-PG9DSVJ)
Description: Name der fehlerhaften Anwendung: caspol.exe, Version: 4.8.9032.0, Zeitstempel: 0x64c2ea79
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.22621.3155, Zeitstempel: 0x587de32b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00149542
ID des fehlerhaften Prozesses: 0x0x3648
Startzeit der fehlerhaften Anwendung: 0x0x1da67199ed950ac
Pfad der fehlerhaften Anwendung: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\caspol.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: d179800d-7ac0-464f-8ac3-482fe501da04
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/24/2024 02:42:06 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: caspol.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.BadImageFormatException

Ausnahmeinformationen: System.BadImageFormatException
   bei System.Reflection.RuntimeAssembly.nLoadImage(Byte[], Byte[], System.Security.Policy.Evidence, System.Threading.StackCrawlMark ByRef, Boolean, Boolean, System.Security.SecurityContextSource)
   bei System.Reflection.Assembly.Load(Byte[])
   bei HexIO.Dispatcher.MessageConsumerDispatcher.CalculateDatabase(System.Object)
   bei HexIO.Dispatcher.MessageConsumerDispatcher.CallProducer()
   bei HexIO.Dispatcher.MessageConsumerDispatcher.StopProducer()
   bei HexIO.Dispatcher.MessageConsumerDispatcher..ctor()
   bei HexIO.Shared.Expression.PublishProducer()

Error: (02/24/2024 01:53:38 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).


Systemfehler:
=============
Error: (02/24/2024 07:15:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/24/2024 03:42:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Security Updater" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (02/24/2024 03:42:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Security Updater erreicht.

Error: (02/24/2024 01:15:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/24/2024 01:13:12 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/24/2024 02:56:00 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/24/2024 02:35:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience

Error: (02/24/2024 12:59:48 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===============
Date: 2024-02-24 20:13:49
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. 


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 3211 08/10/2021
Hauptplatine: ASUSTeK COMPUTER INC. TUF GAMING B450-PLUS II
Prozessor: AMD Ryzen 7 3700X 8-Core Processor 
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 49062.51 MB
Verfügbarer physikalischer RAM: 27740.57 MB
Summe virtueller Speicher: 52134.51 MB
Verfügbarer virtueller Speicher: 19915.2 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.6 GB) (Free:482.1 GB) (Model: KINGSTON SA2000M81000G) NTFS
Drive d: (Volume) (Fixed) (Total:1863.02 GB) (Free:1376.56 GB) (Model: ST2000DM008-2FR102) NTFS

\\?\Volume{d2cd1927-a087-4184-a500-0e68e67a965c}\ () (Fixed) (Total:0.8 GB) (Free:0.08 GB) NTFS
\\?\Volume{23c29f80-e818-4577-8e1a-9d27a51092df}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

Adrian87 · 24.02.2024, 21:45

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23.02.2024
durchgeführt von asch8 (Administrator) auf DESKTOP-PG9DSVJ (CSL-Computer GmbH & Co. KG T8431) (24-02-2024 20:13:15)
Gestartet von C:\Users\asch8\OneDrive\Desktop\FRST64.exe
Geladene Profile: asch8
Plattform: Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Steam\steam.exe ->) (Rockstar Games, Inc. -> Cfx.re) C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_SteamChild.exe <2>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe <6>
(C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_b2699_GTAProcess.exe ->) (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ChromeBrowser <7>
(C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ROSLauncher ->) (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ROSService
(C:\Users\asch8\AppData\Local\FiveM\FiveM.exe ->) (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_b2699_GTAProcess.exe
(C:\Users\asch8\AppData\Local\FiveM\FiveM.exe ->) (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ROSLauncher
(C:\Users\asch8\AppData\Local\FiveM\FiveM.exe ->) (Rockstar Games, Inc. -> Cfx.re) C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_b2699_DumpServer
(Discord Inc. -> Discord Inc.) C:\Users\asch8\AppData\Local\Discord\app-1.0.9034\Discord.exe <6>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <52>
(explorer.exe ->) (Rockstar Games, Inc. -> Cfx.re) C:\Users\asch8\AppData\Local\FiveM\FiveM.exe
(explorer.exe ->) (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830091b3ebd4b98a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe [906840 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2024-02-18] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2024-02-18] (Adobe Inc. -> )
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Run: [MicrosoftEdgeAutoLaunch_F37BB1A5C7F5DD90127A66EC187105FA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Run: [Discord] => C:\Users\asch8\AppData\Local\Discord\Update.exe [1525024 2024-02-12] (Discord Inc. -> GitHub)
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11556768 2024-02-10] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Run: [] => [X]
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\CurrentVersion\Windows: [Run] C:\Users\asch8\AppData\Roaming\Forskrkke\Thanatoid.exe <==== ACHTUNG
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-22] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.189\Installer\chrmstp.exe [2024-02-24] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Startup: C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DDM2.0.lnk [2024-02-22]
ShortcutTarget: DDM2.0.lnk -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (Qisda Corporation -> Dell Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {361EE539-896C-4D7E-90F8-8CAC845B48FB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {BDEF7D86-611B-4F2A-8E85-504233506864} - System32\Tasks\Avira_FallbackUpdater => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {EC668BC5-3E4C-4702-A1E7-B25DDF3000B7} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {EC668BC5-3E4C-4702-A1E7-B25DDF3000B7} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {EC668BC5-3E4C-4702-A1E7-B25DDF3000B7} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {13FE64A3-2E72-49D8-93C8-8DEEDEB3D87B} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [261368 2024-02-07] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {363DC7BC-513F-49D9-A3FE-E3A312284CB3} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1715368 2024-02-07] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {9CA53451-8CE8-4CF8-9CDA-7E40BF69CF83} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [81920 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {445C823D-21AF-4685-BF88-47331823018C} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [36534328 2024-02-22] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {2003D686-5E71-41E3-AD52-89C35294FEBB} - System32\Tasks\GoogleUpdateTaskMachineCore{8A7D5F01-C168-4DFE-B2F7-4F55B141722E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-02-18] (Google LLC -> Google LLC)
Task: {4E263338-88D6-40C6-8609-283C468E6026} - System32\Tasks\GoogleUpdateTaskMachineUA{13F6BB6B-F30D-4004-A985-34142279A118} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-02-18] (Google LLC -> Google LLC)
Task: {1033FF9E-DD1E-4796-871F-F59F36362F70} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-02-23] (Adobe Inc. -> Adobe Inc.)
Task: {01F52B55-A48B-46AF-8982-01367440BC31} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4A51DC6-400E-48E2-9F3D-B1FE8444269C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1F71F38-82C7-4E68-AE33-75A02CC2F0BB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {00F0A38D-E510-4DB1-864D-7B12FC291F0F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {97380F87-30C1-4610-83D4-D19FED139450} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Keine Datei)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {96C039A9-B81C-41A9-9DA3-DFAAF5A1EC5D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6DC1A6AD-30A9-4379-8B04-E007A5C081F9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FFA725BA-ED81-4148-8BE4-182B09D0165D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58691544-6C9B-4324-833C-4062DD4A3861} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {41E10867-96EA-4547-A7ED-DD7E1E6202D4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {48B57DB2-CD86-41B4-8359-5586EBF8CC25} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88316ED6-C17A-41E9-B2C7-7E30A0D32706} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C1D03AF8-315B-493C-9507-6453C0C1893B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8C94F4E2-E153-4574-A204-014E8935F004} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {025D1076-0E3A-459E-9BC7-6C96DD692DCC} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {F04D7401-147A-487B-A9E1-BD5DB438F8A3} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-494115103-3953799370-1247020108-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-19] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2f3fbada-2d3f-402d-a583-f294a1bdd806}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8ab4474b-cf46-48e6-992a-18af5ea3b9c7}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8ab4474b-cf46-48e6-992a-18af5ea3b9c7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8ab4474b-cf46-48e6-992a-18af5ea3b9c7}: [DhcpDomain] speedport.ip

Edge: 
=======
Edge Profile: C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-19]
Edge Extension: (Avira Safe Shopping) - C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2024-02-19]
Edge Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2024-02-19]
Edge Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-17]
Edge Extension: (Edge relevant text changes) - C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-17]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-10] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-02-18] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-02-18] (Adobe Inc. -> Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default [2024-02-24]
CHR Extension: (GrowBot Automator for Instagram) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\abhcgokmndbiegmmbjffdlpihgdmeejf [2024-02-18]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-19]
CHR Extension: (Adobe Acrobat: Tools zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-23]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-19]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-18]
CHR Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2024-02-18]
CHR Extension: (Shazam: Finde Songtitel in deinem Browser) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-02-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-18]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-02-24]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-19]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-19]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-18]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-18]
CHR Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2024-02-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-18]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-02-24]
CHR HomePage: Profile 2 -> hxxp://www.istartsurf.com/?type=sy&ts=1432201075&z=bd82306e9bbe33121b27969gezfc2oao3e5gce8m4q&from=smt&uid=WDCXWD10EZEX-60ZF5A0_WD-WMC1S588705687056
CHR StartupUrls: Profile 2 -> "hxxps://www.google.de/?gws_rd=ssl","hxxps://www.bing.com?pc=COS2&ptag=D032522-N0330A366DD6953C8B49FCA5F&form=CONBDF&conlogo=CT3331975","hxxps://www.bing.com?pc=U316&form=CHROMN"
CHR Session Restore: Profile 2 -> ist aktiviert.
CHR Extension: (GrowBot Automator for Instagram) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\abhcgokmndbiegmmbjffdlpihgdmeejf [2024-02-18]
CHR Extension: (Multicheck Checkbox Checker) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bmcleiancmakcoknkgnfgijomcddhpbi [2024-02-18]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-22]
CHR Extension: (Avira Safe Shopping) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2024-02-22]
CHR Extension: (Adobe Acrobat: Tools zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-22]
CHR Extension: (Click all checkboxes) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fhlogpdbadmjfpndmaijnibflgnbnhof [2024-02-18]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-22]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-18]
CHR Extension: (mysms - SMS vom Computer) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2024-02-18]
CHR Extension: (ScreenClip - Screenshot, Comment & Annotate) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jmjbgcjbgmcfgbgikmbdioggjlhjegpp [2024-02-24]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-18]
CHR Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2024-02-18]
CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2024-02-18]
CHR Extension: (Shazam: Finde Songtitel in deinem Browser) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-02-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-18]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-02-19]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-19]
CHR Extension: (Avira Safe Shopping) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2024-02-19]
CHR Extension: (Adobe Acrobat: Tools zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-19]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-19]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-19]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-19]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-02-23]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-20]
CHR Extension: (Avira Safe Shopping) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2024-02-20]
CHR Extension: (Adobe Acrobat: Tools zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-20]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-20]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-20]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-20]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-02-24]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-20]
CHR Extension: (Avira Safe Shopping) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2024-02-20]
CHR Extension: (Adobe Acrobat: Tools zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-24]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-20]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-20]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-20]
CHR Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2024-02-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-20]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-02-24]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-24]
CHR Extension: (Avira Safe Shopping) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2024-02-24]
CHR Extension: (Adobe Acrobat: Tools zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-24]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-24]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-24]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-24]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-24]
CHR HKU\S-1-5-21-494115103-3953799370-1247020108-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2024-02-18] (Adobe Inc. -> Adobe Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [842128 2024-02-24] (ASUSTeK Computer Inc. -> )
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6768568 2024-02-19] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3003584 2024-01-22] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [389096 2023-09-06] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [268600 2024-02-07] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [297392 2024-02-07] (Avira Operations GmbH -> Avira Operations GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2024-02-18] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11253656 2024-02-19] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11253656 2024-02-19] (Avira Operations GmbH -> Avira Operations GmbH)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncHelper.exe [3515936 2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-02-19] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-02-24] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-02-24] (Malwarebytes Inc. -> Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830091b3ebd4b98a\Display.NvContainer\NVDisplay.Container.exe [1274992 2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\OneDriveUpdaterService.exe [3853856 2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [6669296 2024-02-20] (Rockstar Games, Inc. -> Rockstar Games)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-02-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-02-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [47216 2022-11-07] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [190712 2024-02-19] (Avira Operations GmbH -> Avira Operations GmbH)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2024-02-19] (Avira Operations GmbH -> Avira Operations GmbH)
S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [180664 2019-01-10] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 FocusritePCIeSwRoot; C:\WINDOWS\System32\drivers\FocusritePCIeSwRoot.sys [106208 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsb; C:\WINDOWS\System32\drivers\FocusriteUsb.sys [170312 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbAudio; C:\WINDOWS\System32\drivers\FocusriteUsbAudio.sys [109896 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbSwRoot; C:\WINDOWS\System32\drivers\FocusriteUsbSwRoot.sys [112968 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2024-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-02-24] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [233704 2024-02-24] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-02-24] (Malwarebytes Inc. -> Malwarebytes)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [112184 2023-01-21] (Avira Operations GmbH -> Avira Operations GmbH)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2024-02-07] (Nvidia Corporation -> NVIDIA Corporation)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_75af912c76141870\rt68cx21x64.sys [666576 2022-11-07] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28784 2024-02-19] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH)
R1 rtp_filter; C:\WINDOWS\System32\DRIVERS\rtp_filter.sys [379376 2024-02-19] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [41984 2024-02-19] (Avira Operations GmbH -> Avira Operations GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2024-02-17] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2024-02-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-02-17] (Microsoft Windows -> Microsoft Corporation)
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-02-24 20:13 - 2024-02-24 20:13 - 000040683 _____ C:\Users\asch8\OneDrive\Desktop\FRST.txt
2024-02-24 20:12 - 2024-02-24 20:13 - 000000000 ____D C:\FRST
2024-02-24 20:12 - 2024-02-24 20:12 - 002386944 _____ (Farbar) C:\Users\asch8\OneDrive\Desktop\FRST64.exe
2024-02-24 15:47 - 2024-02-24 15:47 - 000758838 _____ C:\WINDOWS\system32\perfh007.dat
2024-02-24 15:47 - 2024-02-24 15:47 - 000157058 _____ C:\WINDOWS\system32\perfc007.dat
2024-02-24 15:40 - 2024-02-24 15:40 - 000233704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-02-24 15:40 - 2024-02-24 15:40 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-02-24 14:52 - 2024-02-24 20:10 - 000000000 ____D C:\Users\asch8\AppData\Local\Malwarebytes
2024-02-24 14:52 - 2024-02-24 14:52 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-02-24 14:51 - 2024-02-24 14:51 - 002585496 _____ (Malwarebytes) C:\Users\asch8\Downloads\MBSetup.exe
2024-02-24 14:51 - 2024-02-24 14:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-02-24 14:51 - 2024-02-24 14:51 - 000000000 ____D C:\Program Files\Malwarebytes
2024-02-24 00:06 - 2024-02-24 00:06 - 000000000 ____D C:\Users\asch8\AppData\Local\VEGAS
2024-02-24 00:06 - 2024-02-24 00:06 - 000000000 ____D C:\ProgramData\VEGAS Pro
2024-02-24 00:06 - 2024-02-24 00:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2024-02-24 00:06 - 2024-02-24 00:06 - 000000000 ____D C:\Program Files\VEGAS
2024-02-24 00:06 - 2024-02-24 00:06 - 000000000 ____D C:\Program Files (x86)\VEGAS
2024-02-24 00:05 - 2024-02-24 00:06 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Sony
2024-02-23 17:43 - 2024-02-24 02:51 - 000003582 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess
2024-02-23 11:21 - 2024-02-23 11:24 - 000009900 _____ C:\Users\asch8\OneDrive\Desktop\Protokoll Diät.xlsx
2024-02-23 01:03 - 2024-02-23 01:03 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2024-02-22 23:55 - 2024-02-22 23:55 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-02-22 23:53 - 2024-02-17 12:38 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-02-22 23:53 - 2024-02-17 12:38 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-02-22 23:53 - 2024-02-17 12:38 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-02-22 23:53 - 2024-02-17 12:38 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-02-22 23:53 - 2024-02-17 12:38 - 001487904 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-02-22 23:53 - 2024-02-17 12:38 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-02-22 23:53 - 2024-02-17 12:38 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-02-22 23:53 - 2024-02-17 12:38 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-02-22 23:53 - 2024-02-17 12:38 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-02-22 23:53 - 2024-02-17 12:38 - 001227296 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-02-22 23:53 - 2024-02-17 12:35 - 001046152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-02-22 23:53 - 2024-02-17 12:35 - 000669816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-02-22 23:53 - 2024-02-17 12:35 - 000505456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-02-22 23:53 - 2024-02-17 12:34 - 001625096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-02-22 23:53 - 2024-02-17 12:34 - 001541640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-02-22 23:53 - 2024-02-17 12:34 - 001199112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-02-22 23:53 - 2024-02-17 12:34 - 000842272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-02-22 23:53 - 2024-02-17 12:34 - 000786952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-02-22 23:53 - 2024-02-17 12:33 - 016033824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-02-22 23:53 - 2024-02-17 12:33 - 012928032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-02-22 23:53 - 2024-02-17 12:33 - 006780528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-02-22 23:53 - 2024-02-17 12:33 - 005773448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-02-22 23:53 - 2024-02-17 12:33 - 003721760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-02-22 23:53 - 2024-02-17 12:33 - 000459272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-02-22 23:53 - 2024-02-17 12:32 - 005912712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-02-22 23:53 - 2024-02-17 12:32 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-02-22 23:53 - 2024-02-17 12:31 - 006030584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-22 23:53 - 2024-02-15 17:42 - 000119184 _____ C:\WINDOWS\system32\nvinfo.pb
2024-02-22 14:35 - 2024-02-22 14:36 - 000000000 ____D C:\Users\asch8\AppData\Local\Dell Display Manager
2024-02-22 14:35 - 2024-02-22 14:35 - 000000000 ____D C:\Users\asch8\AppData\Local\ToastNotificationManagerCompat
2024-02-22 14:35 - 2024-02-22 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2024-02-22 14:35 - 2024-02-22 14:35 - 000000000 ____D C:\ProgramData\{E0DEEA23-C666-42EB-891D-154258949411}
2024-02-22 14:35 - 2024-02-22 14:35 - 000000000 ____D C:\Program Files\dotnet
2024-02-22 14:35 - 2024-02-22 14:35 - 000000000 ____D C:\Program Files\Dell
2024-02-22 11:49 - 2024-02-22 11:49 - 000003792 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify
2024-02-21 11:42 - 2024-02-22 13:04 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Word
2024-02-20 11:40 - 2024-02-21 11:45 - 000000000 ____D C:\Users\Public\Security Sessions
2024-02-19 22:03 - 2024-02-24 00:15 - 000000000 ____D C:\Users\asch8\AppData\Roaming\VEGAS
2024-02-19 22:03 - 2024-02-24 00:09 - 000000000 ____D C:\Users\asch8\AppData\Roaming\VEGAS Pro
2024-02-19 22:03 - 2024-02-19 22:05 - 000006046 _____ C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000006046 _____ C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000000059 _____ C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000000059 _____ C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000000000 ____D C:\Users\asch8\AppData\Roaming\MAGIX
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\Users\asch8\OneDrive\Dokumente\VEGAS
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\Users\asch8\AppData\Local\Sony
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\Users\asch8\AppData\Local\Plugin.OfxStitch
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\Users\asch8\AppData\Local\Plugin.ofx360Stabilizer
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\Users\asch8\AppData\Local\Plugin.MxOfxRotation
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\Users\asch8\AppData\Local\MAGIX
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\ProgramData\Magix
2024-02-19 22:00 - 2024-02-24 00:09 - 000000000 ____D C:\Users\asch8\AppData\Local\VEGAS Pro
2024-02-19 22:00 - 2024-02-24 00:06 - 000000000 ____D C:\ProgramData\VEGAS
2024-02-19 22:00 - 2024-02-19 22:00 - 000000000 ____D C:\Users\asch8\AppData\Roaming\forskruede
2024-02-19 22:00 - 2024-02-19 22:00 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Forskrkke
2024-02-19 18:52 - 2024-02-20 19:48 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-02-19 18:48 - 2024-02-19 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX VEGAS Pro
2024-02-19 18:48 - 2024-02-19 18:48 - 000000000 ____D C:\Program Files (x86)\MAGIX VEGAS Pro
2024-02-19 18:32 - 2024-02-24 00:05 - 000000000 ____D C:\Users\asch8\AppData\Local\BitTorrentHelper
2024-02-19 18:32 - 2024-02-19 18:32 - 000000000 ____D C:\Users\asch8\AppData\LocalLow\uTorrent.WebView2
2024-02-19 18:29 - 2024-02-24 14:56 - 000000000 ____D C:\Users\asch8\AppData\Roaming\utorrent
2024-02-19 15:15 - 2024-02-24 00:45 - 000001456 _____ C:\Users\asch8\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2024-02-19 14:55 - 2024-02-21 21:29 - 000000000 ____D C:\Program Files\RAGEMP
2024-02-19 13:10 - 2024-02-19 13:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-02-19 13:07 - 2024-02-19 13:07 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-02-19 11:55 - 2024-02-19 11:55 - 000003706 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater
2024-02-19 08:58 - 2024-02-19 08:58 - 000000000 ____D C:\Users\asch8\AppData\Local\SolidDocuments
2024-02-19 08:58 - 2024-02-19 08:58 - 000000000 ____D C:\Users\asch8\.ms-ad
2024-02-19 01:56 - 2024-02-19 11:53 - 000001408 _____ C:\WINDOWS\system32\.tmp
2024-02-19 01:56 - 2024-02-19 01:56 - 000379376 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filter.sys
2024-02-19 01:54 - 2024-02-19 01:54 - 000000000 ____D C:\Users\asch8\AppData\Local\AviraWebView2Cache
2024-02-19 01:53 - 2024-02-24 15:39 - 003811840 _____ C:\WINDOWS\system32\rtp.db
2024-02-19 01:53 - 2024-02-21 11:48 - 000000000 ____D C:\Users\Public\Speedup Sessions
2024-02-19 01:53 - 2024-02-20 11:40 - 000000000 ____D C:\Users\asch8\AppData\Local\Avira
2024-02-19 01:53 - 2024-02-19 01:56 - 000233560 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\BdSentry.sys
2024-02-19 01:53 - 2024-02-19 01:56 - 000219448 ____N (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filesystem_filter.sys
2024-02-19 01:53 - 2024-02-19 01:56 - 000199992 ____N (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_process_monitor.sys
2024-02-19 01:53 - 2024-02-19 01:56 - 000190712 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\BdNet.sys
2024-02-19 01:53 - 2024-02-19 01:56 - 000041984 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_traverse.sys
2024-02-19 01:53 - 2024-02-19 01:53 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2024-02-19 01:53 - 2024-02-19 01:53 - 000003480 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2024-02-19 01:53 - 2024-02-19 01:53 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2024-02-19 01:53 - 2024-02-19 01:53 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2024-02-19 01:53 - 2024-02-19 01:53 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2024-02-19 01:53 - 2024-02-19 01:53 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2024-02-19 01:53 - 2024-02-19 01:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2024-02-19 01:53 - 2024-02-19 01:53 - 000000000 ____D C:\Program Files\Avira
2024-02-19 01:53 - 2023-01-21 10:46 - 000112184 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\netprotection_network_filter.sys
2024-02-19 01:52 - 2024-02-19 01:54 - 000000000 ____D C:\Program Files (x86)\Avira
2024-02-19 01:52 - 2024-02-19 01:53 - 000000000 ____D C:\ProgramData\Avira
2024-02-19 01:13 - 2024-02-19 01:13 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-19 01:13 - 2024-02-19 01:13 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-19 00:20 - 2024-02-19 23:11 - 000000000 ____D C:\Users\asch8\AppData\Roaming\FileZilla
2024-02-19 00:20 - 2024-02-19 22:43 - 000000000 ____D C:\Users\asch8\AppData\Local\FileZilla
2024-02-18 22:58 - 2024-02-18 22:58 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2024.lnk
2024-02-18 22:49 - 2024-02-23 11:11 - 000000000 ____D C:\Program Files\Adobe
2024-02-18 22:49 - 2024-02-21 23:38 - 000000000 ____D C:\ProgramData\Adobe
2024-02-18 22:49 - 2024-02-19 13:44 - 000000000 ____D C:\Users\asch8\AppData\LocalLow\Adobe
2024-02-18 22:49 - 2024-02-19 01:12 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-02-18 22:49 - 2024-02-18 22:50 - 000000000 ____D C:\Program Files (x86)\Adobe
2024-02-18 22:49 - 2024-02-18 22:49 - 000001382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2024-02-18 22:47 - 2024-02-23 01:03 - 000000000 ____D C:\Users\asch8\AppData\Roaming\com.adobe.dunamis
2024-02-18 22:47 - 2024-02-23 01:03 - 000000000 ____D C:\Users\asch8\AppData\Local\Adobe
2024-02-18 22:14 - 2024-02-18 23:27 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2024-02-18 21:59 - 2024-02-17 12:34 - 002173448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-02-18 21:59 - 2024-02-17 12:34 - 001024032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-02-18 19:50 - 2024-02-19 19:23 - 000000000 ____D C:\WINDOWS\Panther
2024-02-18 19:37 - 2024-02-24 19:45 - 000000000 ____D C:\Users\asch8\AppData\Roaming\TS3Client
2024-02-18 19:37 - 2024-02-18 19:37 - 000000000 ____D C:\Users\asch8\AppData\Local\TeamSpeak 3
2024-02-18 19:37 - 2024-02-18 19:37 - 000000000 ____D C:\Users\asch8\AppData\Local\cache
2024-02-18 19:35 - 2024-02-18 19:36 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2024-02-18 19:35 - 2024-02-18 19:35 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2024-02-18 18:45 - 2024-02-18 18:45 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2024-02-18 18:45 - 2024-02-18 18:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-18 18:27 - 2024-02-18 18:27 - 000000000 ____D C:\ProgramData\Focusrite
2024-02-18 18:26 - 2024-02-18 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite Drivers
2024-02-18 18:26 - 2024-02-18 18:26 - 000000000 ____D C:\Program Files\Focusrite
2024-02-18 18:26 - 2023-11-27 15:49 - 000170312 _____ (Focusrite Audio Engineering Ltd.) C:\WINDOWS\system32\Drivers\FocusriteUsb.sys
2024-02-18 18:26 - 2023-11-27 15:49 - 000112968 _____ (Focusrite Audio Engineering Ltd.) C:\WINDOWS\system32\Drivers\FocusriteUsbSwRoot.sys
2024-02-18 18:26 - 2023-11-27 15:49 - 000109896 _____ (Focusrite Audio Engineering Ltd.) C:\WINDOWS\system32\Drivers\FocusriteUsbAudio.sys
2024-02-18 18:26 - 2023-11-27 15:49 - 000106208 _____ (Focusrite Audio Engineering Ltd.) C:\WINDOWS\system32\Drivers\FocusritePCIeSwRoot.sys
2024-02-18 18:26 - 2023-11-27 15:26 - 000097880 _____ C:\WINDOWS\SysWOW64\FocusritePal32.dll
2024-02-18 18:26 - 2023-11-27 15:25 - 000109144 _____ C:\WINDOWS\system32\FocusritePal64.dll
2024-02-18 18:23 - 2024-02-18 18:23 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\MMC
2024-02-18 17:49 - 2024-02-18 17:49 - 000000000 ____D C:\Users\asch8\AppData\Roaming\WinRAR
2024-02-18 17:49 - 2024-02-18 17:49 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-02-18 17:49 - 2024-02-18 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-02-18 17:49 - 2024-02-18 17:49 - 000000000 ____D C:\Program Files\WinRAR
2024-02-18 17:36 - 2024-02-21 11:42 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Office
2024-02-18 17:36 - 2024-02-18 17:36 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\AddIns
2024-02-18 17:35 - 2024-02-23 11:21 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Excel
2024-02-18 17:30 - 2024-02-19 18:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-494115103-3953799370-1247020108-1001
2024-02-18 17:30 - 2024-02-19 18:52 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-02-18 17:30 - 2024-02-19 18:52 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-18 17:30 - 2024-02-18 17:30 - 000000000 ___RD C:\Users\Default\OneDrive
2024-02-18 17:30 - 2024-02-18 17:30 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-18 17:29 - 2024-02-18 17:29 - 000002541 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2024-02-18 17:26 - 2024-02-18 17:29 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-18 17:26 - 2024-02-18 17:26 - 000000000 ____D C:\Program Files\Microsoft Office 15
2024-02-18 16:19 - 2024-02-24 19:37 - 000000000 ____D C:\Users\asch8\AppData\Local\CrashDumps
2024-02-18 16:17 - 2024-02-18 16:19 - 000000000 ____D C:\Users\asch8\OneDrive\Dokumente\Rockstar Games
2024-02-18 16:17 - 2024-02-18 16:19 - 000000000 ____D C:\Users\asch8\AppData\Roaming\EasyAntiCheat
2024-02-18 16:17 - 2024-02-18 16:19 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2024-02-18 15:19 - 2024-02-18 16:19 - 000000000 ____D C:\Users\asch8\AppData\Local\Rockstar Games
2024-02-18 15:18 - 2024-02-18 15:18 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2024-02-18 15:17 - 2024-02-18 15:18 - 000000000 ____D C:\ProgramData\Rockstar Games
2024-02-18 15:17 - 2024-02-18 15:18 - 000000000 ____D C:\Program Files\Rockstar Games
2024-02-18 15:17 - 2024-02-18 15:17 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2024-02-18 15:14 - 2024-02-21 10:59 - 000000000 ____D C:\Users\asch8\AppData\Roaming\CitizenFX
2024-02-18 15:09 - 2024-02-18 15:19 - 000000000 ____D C:\Users\asch8\AppData\Local\DigitalEntitlements
2024-02-18 15:08 - 2024-02-18 15:08 - 000002132 _____ C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk
2024-02-18 15:08 - 2024-02-18 15:08 - 000002124 _____ C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM - Cfx.re Development Kit (FxDK).lnk
2024-02-18 15:08 - 2024-02-18 15:08 - 000000000 ____D C:\Users\asch8\AppData\Local\FiveM
2024-02-18 15:00 - 2024-02-22 18:41 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-02-18 14:27 - 2024-02-19 00:18 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2024-02-18 14:27 - 2024-02-18 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2024-02-18 14:10 - 2024-02-24 19:42 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-02-18 14:10 - 2024-02-18 14:10 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Thunderbird
2024-02-18 14:10 - 2024-02-18 14:10 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Mozilla
2024-02-18 14:10 - 2024-02-18 14:10 - 000000000 ____D C:\Users\asch8\AppData\Local\Thunderbird
2024-02-18 14:09 - 2024-02-18 18:45 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2024-02-18 13:50 - 2024-02-22 14:35 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-18 13:50 - 2024-02-20 22:31 - 000000000 ____D C:\Users\asch8\AppData\Local\NVIDIA Corporation
2024-02-18 13:50 - 2024-02-18 13:50 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000000000 ____D C:\Users\asch8\AppData\LocalLow\NVIDIA
2024-02-18 13:50 - 2024-02-18 13:50 - 000000000 ____D C:\Users\asch8\ansel
2024-02-18 13:50 - 2024-02-18 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-02-18 13:50 - 2024-02-18 13:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-02-18 13:50 - 2024-02-07 23:49 - 002905128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2024-02-18 13:50 - 2024-02-07 23:49 - 002235944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2024-02-18 13:50 - 2024-02-07 23:49 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2024-02-18 13:50 - 2024-02-07 23:49 - 000170040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2024-02-18 13:50 - 2024-02-07 23:49 - 000149048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2024-02-18 13:50 - 2024-02-07 23:49 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2024-02-18 13:50 - 2024-02-07 23:49 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2024-02-18 13:48 - 2024-02-07 23:49 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2024-02-18 13:48 - 2024-02-07 23:49 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2024-02-18 13:41 - 2024-02-18 13:41 - 000000000 ____D C:\NVIDIA
2024-02-18 13:37 - 2024-02-24 20:14 - 000000000 ____D C:\Users\asch8\AppData\Local\Discord
2024-02-18 13:37 - 2024-02-24 19:15 - 000000000 ____D C:\Users\asch8\AppData\Roaming\discord
2024-02-18 13:37 - 2024-02-18 13:37 - 000000000 ____D C:\Users\asch8\AppData\Roaming\NVIDIA
2024-02-18 13:37 - 2024-02-18 13:37 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-02-18 13:37 - 2024-02-18 13:37 - 000000000 ____D C:\Users\asch8\AppData\Local\SquirrelTemp
2024-02-18 13:36 - 2024-02-24 19:41 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-18 13:36 - 2024-02-24 00:41 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-18 13:36 - 2024-02-18 15:00 - 000000000 ____D C:\Users\asch8\AppData\Local\Google
2024-02-18 13:36 - 2024-02-18 15:00 - 000000000 ____D C:\Program Files\Google
2024-02-18 13:36 - 2024-02-18 13:36 - 000004002 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{13F6BB6B-F30D-4004-A985-34142279A118}
2024-02-18 13:36 - 2024-02-18 13:36 - 000003878 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{8A7D5F01-C168-4DFE-B2F7-4F55B141722E}
2024-02-18 13:34 - 2024-02-18 13:34 - 000000000 ____D C:\WINDOWS\pss
2024-02-17 22:16 - 2024-02-17 22:16 - 000000000 ____D C:\Users\asch8\AppData\Local\Backup
2024-02-17 20:49 - 2024-02-17 20:49 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-02-17 20:47 - 2024-02-19 19:44 - 000000000 ____D C:\Users\asch8\AppData\Local\Steam
2024-02-17 20:47 - 2024-02-17 20:47 - 000000000 ____D C:\Users\asch8\AppData\Local\CEF
2024-02-17 20:46 - 2024-02-24 19:16 - 000000000 ____D C:\Program Files (x86)\Steam
2024-02-17 20:46 - 2024-02-17 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2024-02-17 20:05 - 2024-02-17 20:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-17 20:05 - 2024-02-17 20:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-02-17 19:22 - 2024-02-17 19:22 - 000000000 ____D C:\Users\asch8\AppData\Local\OneDrive
2024-02-17 19:22 - 2024-02-17 19:22 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-02-17 19:21 - 2024-02-22 23:55 - 000000000 ____D C:\Users\asch8\AppData\Local\NVIDIA
2024-02-17 19:21 - 2024-02-17 20:05 - 000000000 ____D C:\XboxGames
2024-02-17 19:21 - 2024-02-17 19:21 - 000000028 ____H C:\.GamingRoot
2024-02-17 19:21 - 2024-02-17 19:21 - 000000020 ___SH C:\Users\asch8\ntuser.ini
2024-02-17 18:59 - 2024-02-24 15:47 - 001754660 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-17 18:57 - 2024-02-24 15:47 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-17 18:57 - 2024-02-18 22:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-02-17 18:57 - 2024-02-18 13:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-02-17 18:57 - 2024-02-18 13:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-02-17 18:57 - 2024-02-17 12:31 - 006943344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-02-17 18:57 - 2024-02-07 23:49 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-02-17 18:57 - 2021-09-22 07:07 - 000676496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2024-02-17 18:57 - 2021-09-22 07:07 - 000564344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2024-02-17 18:57 - 2021-09-22 07:07 - 000046264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2024-02-17 18:56 - 2022-02-08 01:52 - 006591312 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2024-02-17 18:55 - 2024-02-24 15:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-17 18:55 - 2024-02-22 19:32 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-17 18:55 - 2024-02-22 19:32 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-17 18:55 - 2024-02-17 18:55 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2024-02-17 18:55 - 2024-02-17 18:55 - 000011433 _____ C:\WINDOWS\diagerr.xml
2024-02-17 18:55 - 2020-11-19 08:38 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3538912014-3826891016-3662973680-500
2024-02-17 18:53 - 2024-02-17 18:53 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2024-02-17 18:53 - 2024-02-17 18:53 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\SystemCertificates
2024-02-17 18:53 - 2024-02-17 18:53 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Network
2024-02-17 18:53 - 2024-02-17 18:53 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Crypto
2024-02-17 18:51 - 2024-02-24 19:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-17 18:51 - 2024-02-24 00:38 - 000754824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-17 18:51 - 2024-02-24 00:38 - 000000000 ____D C:\Users\asch8
2024-02-17 18:51 - 2024-02-20 14:54 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Windows
2024-02-17 18:51 - 2024-02-18 13:37 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Spelling
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Vorlagen
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Startmenü
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Netzwerkumgebung
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Lokale Einstellungen
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Eigene Dateien
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Druckumgebung
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\AppData\Local\Verlauf
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\AppData\Local\Anwendungsdaten
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Anwendungsdaten
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2024-02-17 18:50 - 2024-02-17 18:50 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2024-02-17 18:49 - 2024-02-17 18:49 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2024-02-17 18:49 - 2024-02-17 18:49 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2024-02-17 18:48 - 2024-02-17 18:48 - 000000000 ____D C:\WINDOWS\InboxApps
2024-02-17 18:45 - 2024-02-17 18:45 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-17 18:44 - 2024-02-17 18:44 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-17 18:43 - 2024-02-17 19:37 - 000000000 ____D C:\WINDOWS\HoloShell
2024-02-17 18:43 - 2024-02-17 18:48 - 000000000 ____D C:\WINDOWS\TextInput
2024-02-17 18:43 - 2022-05-06 13:02 - 000000002 _____ C:\WINDOWS\system32\hologramcompositor.lock
2024-02-17 18:41 - 2024-02-17 18:50 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\WINDOWS\addins
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\Program Files\MSBuild
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-02-17 17:55 - 2024-02-17 17:57 - 000000036 _____ C:\WINDOWS\progress.ini
2024-02-17 17:48 - 2024-02-19 13:04 - 000000000 ____D C:\Users\asch8\AppData\Local\Publishers
2024-02-17 17:48 - 2024-02-17 17:48 - 000000000 ____D C:\Users\asch8\AppData\Local\Comms
2024-02-17 17:37 - 2024-02-17 17:55 - 000000000 ___HD C:\$GetCurrent
2024-02-17 17:36 - 2024-02-17 17:55 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
2024-02-17 17:36 - 2024-02-17 17:36 - 000001345 _____ C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2024-02-17 17:36 - 2024-02-17 17:36 - 000000000 ____D C:\Users\asch8\AppData\Local\PCHealthCheck
2024-02-17 17:33 - 2024-02-21 11:44 - 000000000 ____D C:\Users\asch8\AppData\Local\PlaceholderTileLogoFolder
2024-02-17 17:33 - 2024-02-19 01:19 - 000000000 ____D C:\Users\asch8\OneDrive\Dokumente\Adobe
2024-02-17 17:33 - 2024-02-18 17:30 - 000000000 ___RD C:\Users\asch8\OneDrive
2024-02-17 17:33 - 2024-02-17 17:33 - 000000000 ____D C:\Users\asch8\OneDrive\Dokumente\Image-Line
2024-02-17 17:32 - 2024-02-17 17:32 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\InputMethod
2024-02-17 17:31 - 2024-02-24 13:12 - 000000000 ____D C:\Users\asch8\AppData\Local\D3DSCache
2024-02-17 17:31 - 2024-02-23 01:03 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Adobe
2024-02-17 17:31 - 2024-02-21 11:44 - 000000000 ____D C:\Users\asch8\AppData\Local\Packages
2024-02-17 17:31 - 2024-02-17 19:21 - 000000000 ____D C:\Users\asch8\AppData\Local\ConnectedDevicesPlatform
2024-02-17 17:31 - 2024-02-17 17:31 - 000000000 ___RD C:\Users\asch8\3D Objects
2024-02-17 17:31 - 2024-02-17 17:31 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Vault
2024-02-17 17:31 - 2024-02-17 17:31 - 000000000 ____D C:\Users\asch8\AppData\Local\VirtualStore
2024-02-17 17:29 - 2024-02-19 11:48 - 000000000 ___SD C:\Users\asch8\AppData\Roaming\Microsoft\Credentials
2024-02-17 17:29 - 2024-02-17 19:21 - 000338272 _____ () C:\WINDOWS\system32\AsusDownLoadLicense.exe
2024-02-17 17:29 - 2024-02-17 17:29 - 000000000 ___SD C:\Users\asch8\AppData\Roaming\Microsoft\Protect
2024-02-17 17:28 - 2024-02-17 17:28 - 001689088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe
2024-02-17 17:28 - 2024-02-17 17:28 - 001414656 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2024-02-17 17:28 - 2024-02-17 17:28 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2024-02-17 17:28 - 2024-02-17 17:28 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2024-02-17 17:27 - 2024-02-17 17:27 - 000000000 ____D C:\Program Files\MsEdgeCrashpad
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Vorlagen
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Startmenü
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Netzwerkumgebung
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Lokale Einstellungen
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Eigene Dateien
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Druckumgebung
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Anwendungsdaten
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Programme
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\ProgramData\Vorlagen
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\ProgramData\Startmenü
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\ProgramData\Dokumente
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\ProgramData\Anwendungsdaten
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Program Files\Gemeinsame Dateien
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Dokumente und Einstellungen
2024-02-17 17:23 - 2024-02-17 17:23 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-02-17 17:23 - 2024-02-17 17:23 - 000000000 ____D C:\ProgramData\ASUS
2024-02-17 17:22 - 2024-02-24 15:40 - 000880672 _____ C:\WINDOWS\system32\wpbbin.exe
2024-02-17 17:22 - 2024-02-24 15:40 - 000842128 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2024-02-17 17:22 - 2024-02-24 15:40 - 000012288 ___SH C:\DumpStack.log.tmp
2024-01-31 21:16 - 2024-02-03 02:18 - 008927534 _____ C:\Users\asch8\OneDrive\Desktop\story_referenzen.psd
2024-01-31 11:52 - 2024-01-31 15:12 - 000000385 _____ C:\Users\asch8\OneDrive\Desktop\Dach-Expert.txt

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-02-24 19:41 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-24 19:15 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-24 15:47 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-02-24 15:40 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-02-24 15:18 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-24 14:52 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-02-24 02:38 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-21 11:44 - 2020-11-19 08:33 - 000000000 ____D C:\ProgramData\Packages
2024-02-19 22:00 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-02-18 22:28 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-18 13:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-02-17 22:15 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\appcompat
2024-02-17 20:44 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-02-17 20:44 - 2020-11-19 08:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-02-17 20:06 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-17 19:37 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-02-17 19:37 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-17 19:21 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-17 19:21 - 2020-11-19 08:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-02-17 19:06 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-02-17 19:06 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\OCR
2024-02-17 19:06 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Globalization
2024-02-17 19:06 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2024-02-17 18:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-17 18:55 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows NT
2024-02-17 18:54 - 2022-05-07 06:24 - 000000000 __RHD C:\Users\Public\Libraries
2024-02-17 18:51 - 2022-05-07 06:24 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2024-02-17 18:51 - 2020-11-19 08:32 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-17 18:50 - 2022-05-07 11:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-02-17 18:50 - 2022-05-07 11:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\winrm
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\WCN
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\slmgr
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2024-02-17 18:50 - 2022-05-07 06:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\dsc
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\spool
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\MUI
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Keywords
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\IME
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ta-in
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\si-lk
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\my-mm
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\am-et
2024-02-17 18:49 - 2022-05-07 06:28 - 000000000 ____D C:\WINDOWS\Setup
2024-02-17 18:48 - 2023-10-01 07:59 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-02-17 18:48 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2024-02-17 18:48 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\de
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\id-ID
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-17 18:47 - 2022-05-07 11:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-02-17 18:47 - 2022-05-07 06:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-02-17 18:47 - 2022-05-07 06:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-02-17 18:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-02-17 18:39 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-02-17 17:34 - 2021-02-09 13:54 - 000774870 _____ C:\WINDOWS\system32\perfh015.dat
2024-02-17 17:34 - 2021-02-09 13:54 - 000151942 _____ C:\WINDOWS\system32\perfc015.dat
2024-02-17 17:34 - 2021-02-09 13:45 - 000776404 _____ C:\WINDOWS\system32\perfh013.dat
2024-02-17 17:34 - 2021-02-09 13:45 - 000153756 _____ C:\WINDOWS\system32\perfc013.dat
2024-02-17 17:34 - 2021-02-09 13:36 - 000769258 _____ C:\WINDOWS\system32\perfh010.dat
2024-02-17 17:34 - 2021-02-09 13:36 - 000145474 _____ C:\WINDOWS\system32\perfc010.dat
2024-02-17 17:34 - 2021-02-09 13:27 - 000780536 _____ C:\WINDOWS\system32\perfh00C.dat
2024-02-17 17:34 - 2021-02-09 13:27 - 000149202 _____ C:\WINDOWS\system32\perfc00C.dat
2024-02-17 17:34 - 2021-02-09 13:18 - 000776782 _____ C:\WINDOWS\system32\perfh00A.dat
2024-02-17 17:34 - 2021-02-09 13:18 - 000154912 _____ C:\WINDOWS\system32\perfc00A.dat

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2024-02-19 22:03 - 2024-02-19 22:05 - 000006046 _____ () C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000006046 _____ () C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000000059 _____ () C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000000059 _____ () C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2024-02-19 15:15 - 2024-02-24 00:45 - 000001456 _____ () C:\Users\asch8\AppData\Local\Adobe Für Web speichern 13.0 Prefs

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

Malwarebytes

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 24.02.2024
Scan-Zeit: 21:24
Protokolldatei: bfd5caf2-d352-11ee-9c4b-f02f741e33be.json

-Softwaredaten-
Version: 5.0.17.99
Komponentenversion: 1.0.1169
Version des Aktualisierungspakets: 1.0.81373
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 11 (Build 22631.3155)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-PG9DSVJ\asch8

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 263300
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 0 Min., 30 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)

cosinus · 25.02.2024, 13:10

Bitte zuerst mal Avira deinstallieren. Das Teil ist komplett unnötig und stört nur bei der Bereinigung.

Adrian87 · 25.02.2024, 21:20

Zitat:

Zitat von cosinus

Bitte zuerst mal Avira deinstallieren. Das Teil ist komplett unnötig und stört nur bei der Bereinigung.

Hallo Cosinus

Vielen Dank für die schnelle Rückmeldung.
Ich werde Avira umgehend deinstallieren. Hast du eine andere Empfehlung für mich?

Viele Grüße
Adrian

cosinus · 25.02.2024, 21:33

Ja. Das interne Gerät von Windows.

Adrian87 · 25.02.2024, 23:11

Ich habe jetzt Avira und Malwarebytes deinstalliert da Malwarebytes den Defender blockiert hat.

Danach habe ich sofort eine Offlineüberprüfung und eine Vollständige Überprüfung durchgeführt.

Anbei das Ergebnis.

Kann ich diese Datei löschen?

cosinus · 25.02.2024, 23:19

Bitte keine unaufgeforderten Screenshots mehr.

adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.

Adrian87 · 26.02.2024, 13:02

Hallo Cosinus,

Habe den Scan mit adwCleaner durchgeführt.

Viele Grüße
Adrian

1. Scan

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 8.4.1.0
# -------------------------------
# Build:    01-29-2024
# Database: 2024-01-29.3 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-26-2024
# Duration: 00:00:00
# OS:       Windows 11 (Build 22631.3155)
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1482 octets] - [26/02/2024 12:57:55]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

2. Scan

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 8.4.1.0
# -------------------------------
# Build:    01-29-2024
# Database: 2024-01-29.3 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    02-26-2024
# Duration: 00:00:03
# OS:       Windows 11 (Build 22631.3155)
# Scanned:  32102
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1482 octets] - [26/02/2024 12:57:55]
AdwCleaner[C00].txt - [1652 octets] - [26/02/2024 12:59:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

cosinus · 26.02.2024, 13:05

Dann jetzt bitte neue FRST-Logs.

Adrian87 · 26.02.2024, 18:17

Anbei die FRST Logs

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26.02.2024 01
durchgeführt von asch8 (26-02-2024 18:16:14)
Gestartet von C:\Users\asch8\OneDrive\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) (2024-02-17 17:55:39)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-494115103-3953799370-1247020108-500 - Administrator - Disabled)
asch8 (S-1-5-21-494115103-3953799370-1247020108-1001 - Administrator - Enabled) => C:\Users\asch8
DefaultAccount (S-1-5-21-494115103-3953799370-1247020108-503 - Limited - Disabled)
Gast (S-1-5-21-494115103-3953799370-1247020108-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-494115103-3953799370-1247020108-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avira Security (Enabled) {4EFB3EBA-D5BC-D311-F570-D3065B48D523}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.008.20555 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.1.0.587 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_7_2) (Version: 7.2 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_4) (Version: 25.4.0.319 - Adobe Inc.)
Dell Display Manager 2.2 (HKLM\...\Dell Display Manager 2) (Version: 2.2.0.43 - Dell Inc.)
Discord (HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Discord) (Version: 1.0.9033 - Discord Inc.)
FileZilla 3.66.5 (HKLM-x32\...\FileZilla Client) (Version: 3.66.5 - Tim Kosse)
FiveM (HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\CitizenFX_FiveM) (Version:  - Cfx.re)
Focusrite Audio Drivers 4.119.13.33 (HKLM\...\Focusrite Audio Drivers_is1) (Version: 4.119.13.33 - Focusrite Audio Engineering, Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.189 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 87.0.2.0 - Google LLC)
Microsoft .NET Host - 6.0.22 (x64) (HKLM\...\{A575E059-0C3F-4138-B87A-BAF55CABA9FA}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.22 (x64) (HKLM\...\{E7598167-2D5C-4704-8777-8A25289EB8FE}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.22 (x64) (HKLM\...\{853BA4E9-D41A-4FF6-AB22-A6FFDD77EA78}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.52 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.52 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.020.0128.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM\...\{6B3108CD-E279-4795-BCBF-BDEA037A7913}) (Version: 48.88.914 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM-x32\...\{0f94f805-22c3-4413-b1e5-5ab275ba92d5}) (Version: 6.0.22.32825 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.7.0 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 115.8.0 (x64 de)) (Version: 115.8.0 - Mozilla)
MSVCRT Redists (HKLM\...\{E28F9ECF-1D13-11EC-843A-00155D26A171}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Grafiktreiber 551.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.61 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.85.1858 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.2.7.3 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.6.1 - TeamSpeak Systems GmbH)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VEGAS Pro 19.0 (HKLM\...\{E0A0A00F-1D13-11EC-88E7-00155D26A171}) (Version: 19.0.381 - VEGAS)
Windows*11-Installationsassistent (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.3630 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{4254C1AD-B9B0-4020-A4B1-D8B61D12142A}) (Version: 3.7.2204.15001 - Microsoft Corporation)
WinRAR 6.24 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)

Packages:
=========

Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2024-02-18] (Adobe Systems Incorporated)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1100.416.0_x64__8wekyb3d8bbwe [2024-02-24] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_151.3.1092.0_x64__v10z8vjag6ke6 [2024-02-19] (HP Inc.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21003.0_x64__8wekyb3d8bbwe [2024-02-25] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-02-17] (Microsoft Corp.)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-02-17] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-02-17] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-02-22] (NVIDIA Corp.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-02-19] (Adobe Systems Incorporated)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-17] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0 [2024-02-17] (Spotify AB) [Startup Task]
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.14.9.0_x64__t4vj0pshhgkwm [2024-02-21] (Telegram Messenger LLP) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm [2024-02-18] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-02-17] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2024-02-18] (win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-494115103-3953799370-1247020108-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-494115103-3953799370-1247020108-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-494115103-3953799370-1247020108-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830091b3ebd4b98a\nvshext.dll [2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2024-02-17 20:49 - 2024-02-17 20:49 - 000094720 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GFSDK_TXAA_AlphaResolve.win64.dll
2023-07-24 11:10 - 2023-07-24 11:10 - 000132608 _____ () [Datei ist nicht signiert] C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 003954688 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\gfsdk_shadowlib.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 001952768 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\icui18n.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 001254400 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\icuuc.dll
2024-02-18 15:09 - 2024-02-18 15:09 - 174233600 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\libcef.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 000442368 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\libEGL.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 006435328 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\libGLESv2.dll
2024-02-18 15:09 - 2024-02-18 15:09 - 006358528 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\mono-2.0-sgen.dll
2024-02-18 15:09 - 2024-02-18 15:09 - 000339456 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\ros.dll
2024-02-18 15:09 - 2024-02-18 15:09 - 015249408 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\v8-9.3.345.16.dll
2024-02-18 19:37 - 2024-02-18 19:37 - 000152064 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll
2024-02-18 19:39 - 2024-02-18 19:39 - 000200704 _____ () [Datei ist nicht signiert] C:\Users\asch8\AppData\Roaming\TS3Client\plugins\SaltyChat\VoiceDistortion_win64.dll
2024-02-22 17:05 - 2024-02-22 17:23 - 000376320 _____ (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ChromeBrowser
2024-02-22 17:05 - 2024-02-22 17:23 - 001027648 _____ (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ROSLauncher
2024-02-22 17:05 - 2024-02-22 17:23 - 001027648 _____ (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ROSService
2024-02-18 15:08 - 2024-02-18 15:08 - 000653312 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\avutil-56.dll
2024-02-18 15:09 - 2024-02-18 15:09 - 000376832 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\swresample-3.dll
2024-02-18 19:39 - 2024-02-18 19:39 - 000988672 _____ (gaming.v10networks.com) [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\asch8\AppData\Roaming\TS3Client\plugins\SaltyChat_win64.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 006251520 _____ (Google Inc.) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\SwiftShaderD3D9_64.dll
2024-02-17 20:49 - 2024-02-17 20:49 - 000435712 _____ (RAD Game Tools, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\bink2w64.dll
2024-02-19 11:35 - 2024-01-27 16:16 - 004365536 _____ (ReShade -> crosire) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\plugins\dxgi.dll
2024-02-18 19:37 - 2024-02-18 19:37 - 000329216 _____ (TeamSpeak Systems GmbH) [Datei ist nicht signiert] C:\Users\asch8\AppData\Roaming\TS3Client\plugins\teamspeak_control_plugin_win64.dll
2024-02-18 15:08 - 2024-02-18 15:08 - 001218048 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\bin\chrome_elf.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-12-07 10:14 - 2024-02-20 14:54 - 000000988 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lh.saltmine.de #saltychat fix
127.0.0.1 lh.v10.network #saltychat fix
127.0.0.1 lh.saltmine.de #saltychat fix
127.0.0.1 lh.v10.network #saltychat fix

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-494115103-3953799370-1247020108-1001\Control Panel\Desktop\\Wallpaper -> D:\Eigene Datein\Bilder & Videos\Wallpaper\3425171_2.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Focusrite Notifier"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\StartupFolder: => "DDM2.0.lnk"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_F37BB1A5C7F5DD90127A66EC187105FA"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "ut"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{01018CBA-78FE-48A8-AE6E-96EF970B6F11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B85F87D4-0EF1-4701-B656-6CA03E86EB3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0A9B5112-093A-4DF9-A083-1273822A9485}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1A63F769-8986-4312-A17A-432EB962F439}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B1314DF4-C801-44CD-9751-12921514255C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ACB8A4CA-C461-43AD-B5AC-9A792F7C5315}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ABB824B9-0A76-4929-BA9F-408DF77E17CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1851BF37-DC07-4B88-972A-AEA886ACC296}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B9670AB7-6D3D-4B9E-B538-BA4461D844F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A89BEB45-D507-46CB-9DEC-50A101FCC49C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{328D6467-E5A6-4CA1-B98A-BE83383AC170}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{57D12637-BB9C-4F69-86B1-B494C402952D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DEB6900C-01D5-4CA7-B841-A269130818CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A4909A39-FAFF-4F69-9257-463E179E3216}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8965CA82-CEEA-4CB3-9FA2-F00F86E99F50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5BD92775-3370-42EB-9E5C-2C4236E4EE4B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DF0FAA64-2AE5-451D-8872-DBE9E79B5063}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F9BFB7E5-A290-4420-A16B-BAFEE89E8364}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{922D09EF-1EA6-422D-BE14-46F9E6DE49D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{674CD41B-743D-414D-8753-5BF7E59F13D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{13D7579D-F5C2-4DD4-BC84-E0C5B8BE0A23}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DD5EC410-1ACD-4F05-9200-64A972BC65A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F32F7BE1-3FE5-4BB2-9DBE-6321AD3469DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{10447422-F059-47AF-9B39-86A9CB069C83}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{79335BA9-3509-4987-999D-8242B3151474}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C230193C-2F36-4DD8-B146-CC27D5EA9EFD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A3A1C2B4-627B-44F7-B278-B974E7F71546}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E37FBAB-E1F7-4456-BB69-0851FF38DCD5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{147E9AE7-A997-4A5B-9B1E-D5D4CDE316E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{DC83E0C1-66F7-441E-9F81-C66E36F993D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{19DD8606-EE1E-48CB-B408-17F406078315}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{B77967E5-9F6C-4CA7-91ED-A102BDF9A88F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{B88EAC1D-858D-4105-AD3C-8CE8DCA79243}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DADCA087-4D1A-4BD9-B894-CCA646069989}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{91D50249-2F05-462B-985C-9E944036A75D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C12118EB-5A46-41CE-8053-88D360EF05CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{39B3C51D-3CF5-458F-8672-B3514228CAAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B4963A81-D0A1-4F63-A9F8-E4BA9E7C569F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{4B18664B-2D02-4056-B830-76748A8707C6}C:\program files\ragemp\gta5.exe] => (Allow) C:\program files\ragemp\gta5.exe (ANGRY SOLUTIONS LTD -> RAGE Multiplayer Developers)
FirewallRules: [UDP Query User{0529AE26-63C0-40BB-BC33-382A7427BB58}C:\program files\ragemp\gta5.exe] => (Allow) C:\program files\ragemp\gta5.exe (ANGRY SOLUTIONS LTD -> RAGE Multiplayer Developers)
FirewallRules: [{79598773-C327-4E56-9939-7FD37166EC55}] => (Allow) C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{3F931BF9-DFE8-438F-A486-DBBA2F8EA471}] => (Allow) C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [TCP Query User{ED6EAFEF-425F-477D-8192-1B02FB6C0C60}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{CE88B7FE-3271-4FAB-A25F-DB095FEA2D30}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{625FEDD3-7175-46C6-84B7-2E046A5DD443}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{021E06C8-ED5B-4CEA-8399-32AC88E49A4C}] => (Allow) C:\Users\asch8\AppData\Roaming\uTorrent\uTorrent.exe => Keine Datei
FirewallRules: [{CC71DE3B-EBA4-4A0A-88C2-E8EA8C2E436D}] => (Allow) C:\Users\asch8\AppData\Roaming\uTorrent\uTorrent.exe => Keine Datei
FirewallRules: [{3644F034-0E39-47BD-81BB-F423E181AF76}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{23EFFB6F-9A61-4ACB-BAB0-4A32ACDA60F2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6EFFA5E1-9595-4D2C-B964-160CC8F7B3CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [{F57C1571-7DC4-4DAD-AC37-75174219BA38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [TCP Query User{6E08FEB1-4873-4108-BCA2-99415E389DF2}C:\users\asch8\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Block) C:\users\asch8\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (Cfx.re) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{CC0DCFF4-6AF1-4E1D-8A81-F8C6345BCC13}C:\users\asch8\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Block) C:\users\asch8\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (Cfx.re) [Datei ist nicht signiert]

==================== Wiederherstellungspunkte =========================

20-02-2024 12:02:11 Windows Update
24-02-2024 00:08:52 Removed VEGAS Pro 19.0

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (02/26/2024 04:37:40 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm vegas190.exe Version 19.0.0.381 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (02/26/2024 01:03:37 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-PG9DSVJ)
Description: Name der fehlerhaften Anwendung: caspol.exe, Version: 4.8.9032.0, Zeitstempel: 0x64c2143b
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.22621.3155, Zeitstempel: 0x587de32b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00149542
ID des fehlerhaften Prozesses: 0x0x3730
Startzeit der fehlerhaften Anwendung: 0x0x1da68abd06e144a
Pfad der fehlerhaften Anwendung: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\caspol.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 3eb98700-6e5b-4c89-aa2b-4704cbbedb44
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/26/2024 01:03:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: caspol.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.ExternalException
   bei System.Windows.Forms.Clipboard.ThrowIfFailed(Int32)
   bei System.Windows.Forms.Clipboard.GetDataObject(Int32, Int32)
   bei System.Windows.Forms.Clipboard.GetDataObject()
   bei System.Windows.Forms.Clipboard.ContainsText(System.Windows.Forms.TextDataFormat)
   bei System.Windows.Forms.Clipboard.ContainsText()
   bei ⤨솶⒉਩뒍ቔ綉 覢䀍퐒각怑屎㵄砐犲঩+ꔴ疐䮒棒煴펒뙅೚⡹껴䯱瓭줚顄嶘ڣﾼ꟞.⣅陔࿝炃쉄쭿嫯㮱꛳끐怓䨞拭㼫몑䊙ꀟઝ㫋()
   bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (02/26/2024 01:02:57 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-PG9DSVJ$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 26 Feb 2024 12:02:56 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ea1c1c18-bc27-4643-8570-d701fd7c07d0

Methode: GET(172ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/26/2024 01:02:56 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 26 Feb 2024 12:02:55 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 17a7d646-f74d-44c3-8cb5-2e7effa5ba50

Methode: GET(218ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/26/2024 09:50:51 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-PG9DSVJ$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 26 Feb 2024 08:50:51 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f62f35d0-b51b-4d29-9bdf-0939010b6edd

Methode: GET(188ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/26/2024 09:50:50 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 26 Feb 2024 08:50:50 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 1d9988aa-2ac1-4e08-97c6-02bc6206eef9

Methode: GET(250ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/26/2024 08:07:36 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-PG9DSVJ)
Description: Name der fehlerhaften Anwendung: caspol.exe, Version: 4.8.9032.0, Zeitstempel: 0x64c2143b
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.22621.3155, Zeitstempel: 0x587de32b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00149542
ID des fehlerhaften Prozesses: 0x0x4018
Startzeit der fehlerhaften Anwendung: 0x0x1da688275a362aa
Pfad der fehlerhaften Anwendung: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\caspol.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: aa829caa-d9b8-4b8a-a01a-485bb2a38976
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (02/26/2024 04:03:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/26/2024 01:04:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/26/2024 12:59:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/26/2024 12:59:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office Click-to-Run Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/26/2024 12:59:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/26/2024 12:59:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/26/2024 12:59:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Print Scan Doctor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/26/2024 12:59:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AdobeUpdateService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Windows Defender:
================
Date: 2024-02-26 13:03:31
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperBulkExcl.H&threatid=2147822027&enterprise=0
Name: Trojan:Win32/MpTamperBulkExcl.H
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume3\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: AMSI
Benutzer: DESKTOP-PG9DSVJ\asch8
Prozessname: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Sicherheitsversion: AV: 1.405.625.0, AS: 1.405.625.0, NIS: 1.405.625.0
Modulversion: AM: 1.1.24010.10, NIS: 1.1.24010.10 

Date: 2024-02-26 09:51:33
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperBulkExcl.H&threatid=2147822027&enterprise=0
Name: Trojan:Win32/MpTamperBulkExcl.H
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume3\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: AMSI
Benutzer: DESKTOP-PG9DSVJ\asch8
Prozessname: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Sicherheitsversion: AV: 1.405.607.0, AS: 1.405.607.0, NIS: 1.405.607.0
Modulversion: AM: 1.1.24010.10, NIS: 1.1.24010.10 

Date: 2024-02-26 08:07:29
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperBulkExcl.H&threatid=2147822027&enterprise=0
Name: Trojan:Win32/MpTamperBulkExcl.H
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume3\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: AMSI
Benutzer: DESKTOP-PG9DSVJ\asch8
Prozessname: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Sicherheitsversion: AV: 1.405.607.0, AS: 1.405.607.0, NIS: 1.405.607.0
Modulversion: AM: 1.1.24010.10, NIS: 1.1.24010.10 

Date: 2024-02-25 22:48:13
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {2A22D581-A3CC-40FA-B094-88BEB9C1A51C}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM 

Date: 2024-02-25 22:42:49
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperBulkExcl.H&threatid=2147822027&enterprise=0
Name: Trojan:Win32/MpTamperBulkExcl.H
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume3\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: AMSI
Benutzer: DESKTOP-PG9DSVJ\asch8
Prozessname: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Sicherheitsversion: AV: 1.405.592.0, AS: 1.405.592.0, NIS: 1.405.592.0
Modulversion: AM: 1.1.24010.10, NIS: 1.1.24010.10 

CodeIntegrity:
===============
Date: 2024-02-26 18:10:15
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. 


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 3211 08/10/2021
Hauptplatine: ASUSTeK COMPUTER INC. TUF GAMING B450-PLUS II
Prozessor: AMD Ryzen 7 3700X 8-Core Processor 
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 49062.51 MB
Verfügbarer physikalischer RAM: 26898.76 MB
Summe virtueller Speicher: 52134.51 MB
Verfügbarer virtueller Speicher: 10082.27 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.6 GB) (Free:465.63 GB) (Model: KINGSTON SA2000M81000G) NTFS
Drive d: (Volume) (Fixed) (Total:1863.02 GB) (Free:1376.18 GB) (Model: ST2000DM008-2FR102) NTFS

\\?\Volume{d2cd1927-a087-4184-a500-0e68e67a965c}\ () (Fixed) (Total:0.8 GB) (Free:0.08 GB) NTFS
\\?\Volume{23c29f80-e818-4577-8e1a-9d27a51092df}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

Adrian87 · 26.02.2024, 18:19

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26.02.2024 01
durchgeführt von asch8 (Administrator) auf DESKTOP-PG9DSVJ (CSL-Computer GmbH & Co. KG T8431) (26-02-2024 18:15:04)
Gestartet von C:\Users\asch8\OneDrive\Desktop\FRST64.exe
Geladene Profile: asch8
Plattform: Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Photoshop 2024\Adobe Crash Processor.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Arthur Lepp -> Leppsoft) C:\Program Files (x86)\Steam\steamapps\common\Soundpad\Soundpad.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Rockstar Games, Inc. -> Cfx.re) C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_SteamChild.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(C:\Program Files (x86)\Steam\steamapps\common\Soundpad\Soundpad.exe ->) (Arthur Lepp -> Leppsoft) C:\Program Files (x86)\Steam\steamapps\common\Soundpad\SoundpadService.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe <12>
(C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_b2699_GTAProcess.exe ->) (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ChromeBrowser <7>
(C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ROSLauncher ->) (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ROSService
(C:\Users\asch8\AppData\Local\FiveM\FiveM.exe ->) (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_b2699_GTAProcess.exe
(C:\Users\asch8\AppData\Local\FiveM\FiveM.exe ->) (Cfx.re) [Datei ist nicht signiert] C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_ROSLauncher
(C:\Users\asch8\AppData\Local\FiveM\FiveM.exe ->) (Rockstar Games, Inc. -> Cfx.re) C:\Users\asch8\AppData\Local\FiveM\FiveM.app\data\cache\subprocess\FiveM_b2699_DumpServer
(Discord Inc. -> Discord Inc.) C:\Users\asch8\AppData\Local\Discord\app-1.0.9034\Discord.exe <6>
(explorer.exe ->) (Adobe Inc. -> Adobe) C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <19>
(explorer.exe ->) (Rockstar Games, Inc. -> Cfx.re) C:\Users\asch8\AppData\Local\FiveM\FiveM.exe
(explorer.exe ->) (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830091b3ebd4b98a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe [906840 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2024-02-18] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2024-02-18] (Adobe Inc. -> )
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Run: [MicrosoftEdgeAutoLaunch_F37BB1A5C7F5DD90127A66EC187105FA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4067896 2024-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Run: [Discord] => C:\Users\asch8\AppData\Local\Discord\Update.exe [1525024 2024-02-12] (Discord Inc. -> GitHub)
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11556768 2024-02-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Run: [] => [X]
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\CurrentVersion\Windows: [Run] C:\Users\asch8\AppData\Roaming\Forskrkke\Thanatoid.exe <==== ACHTUNG
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-22] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.189\Installer\chrmstp.exe [2024-02-24] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Startup: C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DDM2.0.lnk [2024-02-22]
ShortcutTarget: DDM2.0.lnk -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (Qisda Corporation -> Dell Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {E59EAD26-421B-48B1-9669-39EFCD8F8EE7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {2003D686-5E71-41E3-AD52-89C35294FEBB} - System32\Tasks\GoogleUpdateTaskMachineCore{8A7D5F01-C168-4DFE-B2F7-4F55B141722E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-02-18] (Google LLC -> Google LLC)
Task: {4E263338-88D6-40C6-8609-283C468E6026} - System32\Tasks\GoogleUpdateTaskMachineUA{13F6BB6B-F30D-4004-A985-34142279A118} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-02-18] (Google LLC -> Google LLC)
Task: {1033FF9E-DD1E-4796-871F-F59F36362F70} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-02-23] (Adobe Inc. -> Adobe Inc.)
Task: {01F52B55-A48B-46AF-8982-01367440BC31} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4A51DC6-400E-48E2-9F3D-B1FE8444269C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1F71F38-82C7-4E68-AE33-75A02CC2F0BB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {00F0A38D-E510-4DB1-864D-7B12FC291F0F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {97380F87-30C1-4610-83D4-D19FED139450} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Keine Datei)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {96C039A9-B81C-41A9-9DA3-DFAAF5A1EC5D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6DC1A6AD-30A9-4379-8B04-E007A5C081F9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FFA725BA-ED81-4148-8BE4-182B09D0165D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58691544-6C9B-4324-833C-4062DD4A3861} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {41E10867-96EA-4547-A7ED-DD7E1E6202D4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {48B57DB2-CD86-41B4-8359-5586EBF8CC25} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88316ED6-C17A-41E9-B2C7-7E30A0D32706} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C1D03AF8-315B-493C-9507-6453C0C1893B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8C94F4E2-E153-4574-A204-014E8935F004} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-02-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {025D1076-0E3A-459E-9BC7-6C96DD692DCC} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {F04D7401-147A-487B-A9E1-BD5DB438F8A3} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-494115103-3953799370-1247020108-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-19] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2f3fbada-2d3f-402d-a583-f294a1bdd806}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8ab4474b-cf46-48e6-992a-18af5ea3b9c7}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8ab4474b-cf46-48e6-992a-18af5ea3b9c7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8ab4474b-cf46-48e6-992a-18af5ea3b9c7}: [DhcpDomain] speedport.ip

Edge: 
=======
Edge Profile: C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-25]
Edge Extension: (Avira Safe Shopping) - C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2024-02-19]
Edge Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2024-02-19]
Edge Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-17]
Edge Extension: (Edge relevant text changes) - C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-17]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-02-18] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-02-18] (Adobe Inc. -> Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default [2024-02-26]
CHR Extension: (GrowBot Automator for Instagram) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\abhcgokmndbiegmmbjffdlpihgdmeejf [2024-02-18]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-19]
CHR Extension: (Adobe Acrobat: Tools zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-23]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-19]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-18]
CHR Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2024-02-18]
CHR Extension: (Shazam: Finde Songtitel in deinem Browser) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-02-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-18]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-02-26]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-19]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-19]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-18]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-18]
CHR Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2024-02-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-18]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-02-26]
CHR StartupUrls: Profile 2 -> "hxxps://www.google.de/?gws_rd=ssl","hxxps://www.bing.com?pc=COS2&ptag=D032522-N0330A366DD6953C8B49FCA5F&form=CONBDF&conlogo=CT3331975","hxxps://www.bing.com?pc=U316&form=CHROMN"
CHR Session Restore: Profile 2 -> ist aktiviert.
CHR Extension: (GrowBot Automator for Instagram) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\abhcgokmndbiegmmbjffdlpihgdmeejf [2024-02-18]
CHR Extension: (Multicheck Checkbox Checker) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bmcleiancmakcoknkgnfgijomcddhpbi [2024-02-18]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-22]
CHR Extension: (Adobe Acrobat: Tools zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-22]
CHR Extension: (Click all checkboxes) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fhlogpdbadmjfpndmaijnibflgnbnhof [2024-02-18]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-22]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-18]
CHR Extension: (mysms - SMS vom Computer) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2024-02-18]
CHR Extension: (ScreenClip - Screenshot, Comment & Annotate) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jmjbgcjbgmcfgbgikmbdioggjlhjegpp [2024-02-24]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-18]
CHR Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2024-02-18]
CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2024-02-18]
CHR Extension: (Shazam: Finde Songtitel in deinem Browser) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-02-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-18]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-02-19]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-19]
CHR Extension: (Avira Safe Shopping) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2024-02-19]
CHR Extension: (Adobe Acrobat: Tools zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-19]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-19]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-19]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-19]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-02-23]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-20]
CHR Extension: (Avira Safe Shopping) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2024-02-20]
CHR Extension: (Adobe Acrobat: Tools zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-20]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-20]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-20]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-20]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-02-24]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-20]
CHR Extension: (Avira Safe Shopping) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2024-02-20]
CHR Extension: (Adobe Acrobat: Tools zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-24]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-20]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-20]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-20]
CHR Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2024-02-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-20]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-02-24]
CHR Extension: (Avira Password Manager) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-24]
CHR Extension: (Avira Safe Shopping) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2024-02-24]
CHR Extension: (Adobe Acrobat: Tools zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-24]
CHR Extension: (Avira Browserschutz) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-24]
CHR Extension: (Google Docs Offline) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-24]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-24]
CHR Profile: C:\Users\asch8\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-26]
CHR HKU\S-1-5-21-494115103-3953799370-1247020108-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-494115103-3953799370-1247020108-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2024-02-18] (Adobe Inc. -> Adobe Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [842128 2024-02-26] (ASUSTeK Computer Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2024-02-18] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncHelper.exe [3515936 2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-02-19] (HP Inc. -> HP Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830091b3ebd4b98a\Display.NvContainer\NVDisplay.Container.exe [1274992 2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\OneDriveUpdaterService.exe [3853856 2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [6669296 2024-02-20] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-02-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-02-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [47216 2022-11-07] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [180664 2019-01-10] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 FocusritePCIeSwRoot; C:\WINDOWS\System32\drivers\FocusritePCIeSwRoot.sys [106208 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsb; C:\WINDOWS\System32\drivers\FocusriteUsb.sys [170312 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbAudio; C:\WINDOWS\System32\drivers\FocusriteUsbAudio.sys [109896 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbSwRoot; C:\WINDOWS\System32\drivers\FocusriteUsbSwRoot.sys [112968 2023-11-27] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2024-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2024-02-07] (Nvidia Corporation -> NVIDIA Corporation)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_75af912c76141870\rt68cx21x64.sys [666576 2022-11-07] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
U5 rtp_filesystem_filter; C:\Windows\System32\Drivers\rtp_filesystem_filter.sys [219448 2024-02-19] (Avira Operations GmbH -> Avira Operations GmbH)
U5 rtp_process_monitor; C:\Windows\System32\Drivers\rtp_process_monitor.sys [199992 2024-02-19] (Avira Operations GmbH -> Avira Operations GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2024-02-17] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2024-02-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-02-17] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-02-26 18:15 - 2024-02-26 18:15 - 000036135 _____ C:\Users\asch8\OneDrive\Desktop\FRST.txt
2024-02-26 18:14 - 2024-02-26 18:14 - 008797968 _____ (Malwarebytes) C:\Users\asch8\OneDrive\Desktop\adwcleaner.exe
2024-02-26 18:14 - 2024-02-26 18:14 - 000000000 ____D C:\Users\asch8\OneDrive\Desktop\FRST-OlderVersion
2024-02-26 18:09 - 2024-02-26 18:09 - 002585496 _____ (Malwarebytes) C:\Users\asch8\OneDrive\Desktop\MBSetup.exe
2024-02-26 16:37 - 2024-02-26 16:37 - 000000000 ____D C:\Users\asch8\AppData\Roaming\MAGIX Computer Products Intl. Co
2024-02-26 16:16 - 2024-02-26 16:16 - 058145308 _____ C:\Users\asch8\Downloads\light-effect-blurred-background.zip
2024-02-26 16:16 - 2024-02-26 16:16 - 033297649 _____ C:\Users\asch8\Downloads\hyper-realisitc-vector-art-coconut-palmtree-beach-scene-caribbean-sunset-backdrop-wallpaper-pic.zip
2024-02-26 16:12 - 2024-02-26 16:12 - 058151881 _____ C:\Users\asch8\Downloads\compact-disc-case-mock-up.zip
2024-02-26 16:06 - 2024-02-26 16:06 - 000106447 _____ C:\Users\asch8\Downloads\2024-02_661200005 (1).pdf
2024-02-26 16:06 - 2024-02-26 16:06 - 000081773 _____ C:\Users\asch8\Downloads\2024-02_661100004.pdf
2024-02-26 16:03 - 2024-02-26 16:03 - 000106351 _____ C:\Users\asch8\Downloads\2024-02_661200005.pdf
2024-02-26 13:09 - 2024-02-26 13:09 - 000758838 _____ C:\WINDOWS\system32\perfh007.dat
2024-02-26 13:09 - 2024-02-26 13:09 - 000157058 _____ C:\WINDOWS\system32\perfc007.dat
2024-02-26 13:00 - 2024-02-26 13:00 - 000001752 _____ C:\Users\asch8\OneDrive\Desktop\Textdokument (neu).txt
2024-02-26 12:57 - 2024-02-26 12:59 - 000000000 ____D C:\AdwCleaner
2024-02-26 10:51 - 2024-02-26 10:51 - 000078761 _____ C:\Users\asch8\Downloads\231119.pdf
2024-02-26 09:48 - 2024-02-26 18:14 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Leppsoft
2024-02-26 09:48 - 2024-02-26 09:48 - 000261432 _____ (Leppsoft) C:\WINDOWS\system32\UniteFx.dll
2024-02-25 22:33 - 2024-02-25 22:33 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2024-02-25 22:30 - 2024-02-26 00:04 - 000000000 ___HD C:\Users\asch8\AppData\Roaming\HDR
2024-02-25 22:24 - 2024-02-25 22:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2024-02-25 19:42 - 2024-02-25 19:42 - 019328392 _____ C:\Users\asch8\Downloads\phone-mockup.zip
2024-02-24 21:11 - 2024-02-25 11:54 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2024-02-24 20:12 - 2024-02-26 18:15 - 000000000 ____D C:\FRST
2024-02-24 20:12 - 2024-02-26 18:14 - 002386944 _____ (Farbar) C:\Users\asch8\OneDrive\Desktop\FRST64.exe
2024-02-24 14:51 - 2024-02-24 14:51 - 002585496 _____ (Malwarebytes) C:\Users\asch8\Downloads\MBSetup.exe
2024-02-24 00:06 - 2024-02-24 00:06 - 000000000 ____D C:\Users\asch8\AppData\Local\VEGAS
2024-02-24 00:06 - 2024-02-24 00:06 - 000000000 ____D C:\ProgramData\VEGAS Pro
2024-02-24 00:06 - 2024-02-24 00:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2024-02-24 00:06 - 2024-02-24 00:06 - 000000000 ____D C:\Program Files\VEGAS
2024-02-24 00:06 - 2024-02-24 00:06 - 000000000 ____D C:\Program Files (x86)\VEGAS
2024-02-24 00:05 - 2024-02-24 00:06 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Sony
2024-02-23 17:43 - 2024-02-25 03:01 - 000003582 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess
2024-02-23 11:21 - 2024-02-23 11:24 - 000009900 _____ C:\Users\asch8\OneDrive\Desktop\Protokoll Diät.xlsx
2024-02-23 01:03 - 2024-02-23 01:03 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2024-02-22 23:55 - 2024-02-22 23:55 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-02-22 23:53 - 2024-02-17 12:38 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-02-22 23:53 - 2024-02-17 12:38 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-02-22 23:53 - 2024-02-17 12:38 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-02-22 23:53 - 2024-02-17 12:38 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-02-22 23:53 - 2024-02-17 12:38 - 001487904 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-02-22 23:53 - 2024-02-17 12:38 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-02-22 23:53 - 2024-02-17 12:38 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-02-22 23:53 - 2024-02-17 12:38 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-02-22 23:53 - 2024-02-17 12:38 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-02-22 23:53 - 2024-02-17 12:38 - 001227296 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-02-22 23:53 - 2024-02-17 12:35 - 001046152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-02-22 23:53 - 2024-02-17 12:35 - 000669816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-02-22 23:53 - 2024-02-17 12:35 - 000505456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-02-22 23:53 - 2024-02-17 12:34 - 001625096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-02-22 23:53 - 2024-02-17 12:34 - 001541640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-02-22 23:53 - 2024-02-17 12:34 - 001199112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-02-22 23:53 - 2024-02-17 12:34 - 000842272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-02-22 23:53 - 2024-02-17 12:34 - 000786952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-02-22 23:53 - 2024-02-17 12:33 - 016033824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-02-22 23:53 - 2024-02-17 12:33 - 012928032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-02-22 23:53 - 2024-02-17 12:33 - 006780528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-02-22 23:53 - 2024-02-17 12:33 - 005773448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-02-22 23:53 - 2024-02-17 12:33 - 003721760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-02-22 23:53 - 2024-02-17 12:33 - 000459272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-02-22 23:53 - 2024-02-17 12:32 - 005912712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-02-22 23:53 - 2024-02-17 12:32 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-02-22 23:53 - 2024-02-17 12:31 - 006030584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-22 23:53 - 2024-02-15 17:42 - 000119184 _____ C:\WINDOWS\system32\nvinfo.pb
2024-02-22 14:35 - 2024-02-22 14:36 - 000000000 ____D C:\Users\asch8\AppData\Local\Dell Display Manager
2024-02-22 14:35 - 2024-02-22 14:35 - 000000000 ____D C:\Users\asch8\AppData\Local\ToastNotificationManagerCompat
2024-02-22 14:35 - 2024-02-22 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2024-02-22 14:35 - 2024-02-22 14:35 - 000000000 ____D C:\ProgramData\{E0DEEA23-C666-42EB-891D-154258949411}
2024-02-22 14:35 - 2024-02-22 14:35 - 000000000 ____D C:\Program Files\dotnet
2024-02-22 14:35 - 2024-02-22 14:35 - 000000000 ____D C:\Program Files\Dell
2024-02-21 11:42 - 2024-02-22 13:04 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Word
2024-02-20 11:40 - 2024-02-21 11:45 - 000000000 ____D C:\Users\Public\Security Sessions
2024-02-19 22:03 - 2024-02-24 00:15 - 000000000 ____D C:\Users\asch8\AppData\Roaming\VEGAS
2024-02-19 22:03 - 2024-02-24 00:09 - 000000000 ____D C:\Users\asch8\AppData\Roaming\VEGAS Pro
2024-02-19 22:03 - 2024-02-19 22:05 - 000006046 _____ C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000006046 _____ C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000000059 _____ C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000000059 _____ C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000000000 ____D C:\Users\asch8\AppData\Roaming\MAGIX
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\Users\asch8\OneDrive\Dokumente\VEGAS
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\Users\asch8\AppData\Local\Sony
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\Users\asch8\AppData\Local\Plugin.OfxStitch
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\Users\asch8\AppData\Local\Plugin.ofx360Stabilizer
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\Users\asch8\AppData\Local\Plugin.MxOfxRotation
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\Users\asch8\AppData\Local\MAGIX
2024-02-19 22:03 - 2024-02-19 22:03 - 000000000 ____D C:\ProgramData\Magix
2024-02-19 22:00 - 2024-02-24 00:09 - 000000000 ____D C:\Users\asch8\AppData\Local\VEGAS Pro
2024-02-19 22:00 - 2024-02-24 00:06 - 000000000 ____D C:\ProgramData\VEGAS
2024-02-19 22:00 - 2024-02-19 22:00 - 000000000 ____D C:\Users\asch8\AppData\Roaming\forskruede
2024-02-19 22:00 - 2024-02-19 22:00 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Forskrkke
2024-02-19 18:52 - 2024-02-20 19:48 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-02-19 18:48 - 2024-02-19 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX VEGAS Pro
2024-02-19 18:48 - 2024-02-19 18:48 - 000000000 ____D C:\Program Files (x86)\MAGIX VEGAS Pro
2024-02-19 18:32 - 2024-02-24 00:05 - 000000000 ____D C:\Users\asch8\AppData\Local\BitTorrentHelper
2024-02-19 18:32 - 2024-02-19 18:32 - 000000000 ____D C:\Users\asch8\AppData\LocalLow\uTorrent.WebView2
2024-02-19 18:29 - 2024-02-24 14:56 - 000000000 ____D C:\Users\asch8\AppData\Roaming\utorrent
2024-02-19 15:15 - 2024-02-26 16:24 - 000001456 _____ C:\Users\asch8\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2024-02-19 14:55 - 2024-02-21 21:29 - 000000000 ____D C:\Program Files\RAGEMP
2024-02-19 13:10 - 2024-02-19 13:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-02-19 13:07 - 2024-02-19 13:07 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-02-19 08:58 - 2024-02-19 08:58 - 000000000 ____D C:\Users\asch8\AppData\Local\SolidDocuments
2024-02-19 08:58 - 2024-02-19 08:58 - 000000000 ____D C:\Users\asch8\.ms-ad
2024-02-19 01:56 - 2024-02-19 11:53 - 000001408 _____ C:\WINDOWS\system32\.tmp
2024-02-19 01:54 - 2024-02-19 01:54 - 000000000 ____D C:\Users\asch8\AppData\Local\AviraWebView2Cache
2024-02-19 01:53 - 2024-02-25 22:24 - 003697792 _____ C:\WINDOWS\system32\rtp.db
2024-02-19 01:53 - 2024-02-20 11:40 - 000000000 ____D C:\Users\asch8\AppData\Local\Avira
2024-02-19 01:53 - 2024-02-19 01:56 - 000219448 ____N (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filesystem_filter.sys
2024-02-19 01:53 - 2024-02-19 01:56 - 000199992 ____N (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_process_monitor.sys
2024-02-19 01:53 - 2024-02-19 01:53 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2024-02-19 01:53 - 2024-02-19 01:53 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2024-02-19 01:52 - 2024-02-25 22:26 - 000000000 ____D C:\ProgramData\Avira
2024-02-19 01:13 - 2024-02-25 14:49 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-19 01:13 - 2024-02-25 14:49 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-19 00:20 - 2024-02-25 21:01 - 000000000 ____D C:\Users\asch8\AppData\Roaming\FileZilla
2024-02-19 00:20 - 2024-02-19 22:43 - 000000000 ____D C:\Users\asch8\AppData\Local\FileZilla
2024-02-18 22:58 - 2024-02-18 22:58 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2024.lnk
2024-02-18 22:49 - 2024-02-23 11:11 - 000000000 ____D C:\Program Files\Adobe
2024-02-18 22:49 - 2024-02-21 23:38 - 000000000 ____D C:\ProgramData\Adobe
2024-02-18 22:49 - 2024-02-19 13:44 - 000000000 ____D C:\Users\asch8\AppData\LocalLow\Adobe
2024-02-18 22:49 - 2024-02-19 01:12 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-02-18 22:49 - 2024-02-18 22:50 - 000000000 ____D C:\Program Files (x86)\Adobe
2024-02-18 22:49 - 2024-02-18 22:49 - 000001382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2024-02-18 22:47 - 2024-02-23 01:03 - 000000000 ____D C:\Users\asch8\AppData\Roaming\com.adobe.dunamis
2024-02-18 22:47 - 2024-02-23 01:03 - 000000000 ____D C:\Users\asch8\AppData\Local\Adobe
2024-02-18 22:14 - 2024-02-18 23:27 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2024-02-18 21:59 - 2024-02-17 12:34 - 002173448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-02-18 21:59 - 2024-02-17 12:34 - 001024032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-02-18 19:50 - 2024-02-19 19:23 - 000000000 ____D C:\WINDOWS\Panther
2024-02-18 19:37 - 2024-02-26 18:12 - 000000000 ____D C:\Users\asch8\AppData\Roaming\TS3Client
2024-02-18 19:37 - 2024-02-18 19:37 - 000000000 ____D C:\Users\asch8\AppData\Local\TeamSpeak 3
2024-02-18 19:37 - 2024-02-18 19:37 - 000000000 ____D C:\Users\asch8\AppData\Local\cache
2024-02-18 19:35 - 2024-02-18 19:36 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2024-02-18 19:35 - 2024-02-18 19:35 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2024-02-18 18:45 - 2024-02-25 22:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-18 18:27 - 2024-02-18 18:27 - 000000000 ____D C:\ProgramData\Focusrite
2024-02-18 18:26 - 2024-02-18 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite Drivers
2024-02-18 18:26 - 2024-02-18 18:26 - 000000000 ____D C:\Program Files\Focusrite
2024-02-18 18:26 - 2023-11-27 15:49 - 000170312 _____ (Focusrite Audio Engineering Ltd.) C:\WINDOWS\system32\Drivers\FocusriteUsb.sys
2024-02-18 18:26 - 2023-11-27 15:49 - 000112968 _____ (Focusrite Audio Engineering Ltd.) C:\WINDOWS\system32\Drivers\FocusriteUsbSwRoot.sys
2024-02-18 18:26 - 2023-11-27 15:49 - 000109896 _____ (Focusrite Audio Engineering Ltd.) C:\WINDOWS\system32\Drivers\FocusriteUsbAudio.sys
2024-02-18 18:26 - 2023-11-27 15:49 - 000106208 _____ (Focusrite Audio Engineering Ltd.) C:\WINDOWS\system32\Drivers\FocusritePCIeSwRoot.sys
2024-02-18 18:26 - 2023-11-27 15:26 - 000097880 _____ C:\WINDOWS\SysWOW64\FocusritePal32.dll
2024-02-18 18:26 - 2023-11-27 15:25 - 000109144 _____ C:\WINDOWS\system32\FocusritePal64.dll
2024-02-18 18:23 - 2024-02-18 18:23 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\MMC
2024-02-18 17:49 - 2024-02-18 17:49 - 000000000 ____D C:\Users\asch8\AppData\Roaming\WinRAR
2024-02-18 17:49 - 2024-02-18 17:49 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-02-18 17:49 - 2024-02-18 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-02-18 17:49 - 2024-02-18 17:49 - 000000000 ____D C:\Program Files\WinRAR
2024-02-18 17:36 - 2024-02-21 11:42 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Office
2024-02-18 17:36 - 2024-02-18 17:36 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\AddIns
2024-02-18 17:35 - 2024-02-23 11:21 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Excel
2024-02-18 17:30 - 2024-02-19 18:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-494115103-3953799370-1247020108-1001
2024-02-18 17:30 - 2024-02-19 18:52 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-02-18 17:30 - 2024-02-19 18:52 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-18 17:30 - 2024-02-18 17:30 - 000000000 ___RD C:\Users\Default\OneDrive
2024-02-18 17:30 - 2024-02-18 17:30 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-18 17:29 - 2024-02-18 17:29 - 000002541 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2024-02-18 17:29 - 2024-02-18 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2024-02-18 17:26 - 2024-02-18 17:29 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-18 17:26 - 2024-02-18 17:26 - 000000000 ____D C:\Program Files\Microsoft Office 15
2024-02-18 16:19 - 2024-02-26 13:03 - 000000000 ____D C:\Users\asch8\AppData\Local\CrashDumps
2024-02-18 16:17 - 2024-02-18 16:19 - 000000000 ____D C:\Users\asch8\OneDrive\Dokumente\Rockstar Games
2024-02-18 16:17 - 2024-02-18 16:19 - 000000000 ____D C:\Users\asch8\AppData\Roaming\EasyAntiCheat
2024-02-18 16:17 - 2024-02-18 16:19 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2024-02-18 15:19 - 2024-02-18 16:19 - 000000000 ____D C:\Users\asch8\AppData\Local\Rockstar Games
2024-02-18 15:18 - 2024-02-18 15:18 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2024-02-18 15:17 - 2024-02-18 15:18 - 000000000 ____D C:\ProgramData\Rockstar Games
2024-02-18 15:17 - 2024-02-18 15:18 - 000000000 ____D C:\Program Files\Rockstar Games
2024-02-18 15:17 - 2024-02-18 15:17 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2024-02-18 15:14 - 2024-02-21 10:59 - 000000000 ____D C:\Users\asch8\AppData\Roaming\CitizenFX
2024-02-18 15:09 - 2024-02-18 15:19 - 000000000 ____D C:\Users\asch8\AppData\Local\DigitalEntitlements
2024-02-18 15:08 - 2024-02-18 15:08 - 000002132 _____ C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk
2024-02-18 15:08 - 2024-02-18 15:08 - 000002124 _____ C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM - Cfx.re Development Kit (FxDK).lnk
2024-02-18 15:08 - 2024-02-18 15:08 - 000000000 ____D C:\Users\asch8\AppData\Local\FiveM
2024-02-18 15:00 - 2024-02-22 18:41 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-02-18 14:27 - 2024-02-19 00:18 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2024-02-18 14:27 - 2024-02-18 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2024-02-18 14:10 - 2024-02-26 17:54 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-02-18 14:10 - 2024-02-18 14:10 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Thunderbird
2024-02-18 14:10 - 2024-02-18 14:10 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Mozilla
2024-02-18 14:10 - 2024-02-18 14:10 - 000000000 ____D C:\Users\asch8\AppData\Local\Thunderbird
2024-02-18 14:09 - 2024-02-25 11:54 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2024-02-18 13:50 - 2024-02-22 14:35 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-18 13:50 - 2024-02-20 22:31 - 000000000 ____D C:\Users\asch8\AppData\Local\NVIDIA Corporation
2024-02-18 13:50 - 2024-02-18 13:50 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-18 13:50 - 2024-02-18 13:50 - 000000000 ____D C:\Users\asch8\AppData\LocalLow\NVIDIA
2024-02-18 13:50 - 2024-02-18 13:50 - 000000000 ____D C:\Users\asch8\ansel
2024-02-18 13:50 - 2024-02-18 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-02-18 13:50 - 2024-02-18 13:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-02-18 13:50 - 2024-02-07 23:49 - 002905128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2024-02-18 13:50 - 2024-02-07 23:49 - 002235944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2024-02-18 13:50 - 2024-02-07 23:49 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2024-02-18 13:50 - 2024-02-07 23:49 - 000170040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2024-02-18 13:50 - 2024-02-07 23:49 - 000149048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2024-02-18 13:50 - 2024-02-07 23:49 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2024-02-18 13:50 - 2024-02-07 23:49 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2024-02-18 13:48 - 2024-02-07 23:49 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2024-02-18 13:48 - 2024-02-07 23:49 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2024-02-18 13:41 - 2024-02-18 13:41 - 000000000 ____D C:\NVIDIA
2024-02-18 13:37 - 2024-02-26 18:07 - 000000000 ____D C:\Users\asch8\AppData\Local\Discord
2024-02-18 13:37 - 2024-02-26 16:07 - 000000000 ____D C:\Users\asch8\AppData\Roaming\discord
2024-02-18 13:37 - 2024-02-18 13:37 - 000000000 ____D C:\Users\asch8\AppData\Roaming\NVIDIA
2024-02-18 13:37 - 2024-02-18 13:37 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-02-18 13:37 - 2024-02-18 13:37 - 000000000 ____D C:\Users\asch8\AppData\Local\SquirrelTemp
2024-02-18 13:36 - 2024-02-26 17:41 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-18 13:36 - 2024-02-24 00:41 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-18 13:36 - 2024-02-18 15:00 - 000000000 ____D C:\Users\asch8\AppData\Local\Google
2024-02-18 13:36 - 2024-02-18 15:00 - 000000000 ____D C:\Program Files\Google
2024-02-18 13:36 - 2024-02-18 13:36 - 000004002 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{13F6BB6B-F30D-4004-A985-34142279A118}
2024-02-18 13:36 - 2024-02-18 13:36 - 000003878 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{8A7D5F01-C168-4DFE-B2F7-4F55B141722E}
2024-02-18 13:34 - 2024-02-18 13:34 - 000000000 ____D C:\WINDOWS\pss
2024-02-17 22:16 - 2024-02-17 22:16 - 000000000 ____D C:\Users\asch8\AppData\Local\Backup
2024-02-17 20:49 - 2024-02-26 09:48 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-02-17 20:47 - 2024-02-19 19:44 - 000000000 ____D C:\Users\asch8\AppData\Local\Steam
2024-02-17 20:47 - 2024-02-17 20:47 - 000000000 ____D C:\Users\asch8\AppData\Local\CEF
2024-02-17 20:46 - 2024-02-26 17:14 - 000000000 ____D C:\Program Files (x86)\Steam
2024-02-17 20:46 - 2024-02-17 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2024-02-17 20:05 - 2024-02-17 20:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-17 20:05 - 2024-02-17 20:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-02-17 19:22 - 2024-02-17 19:22 - 000000000 ____D C:\Users\asch8\AppData\Local\OneDrive
2024-02-17 19:22 - 2024-02-17 19:22 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-02-17 19:21 - 2024-02-22 23:55 - 000000000 ____D C:\Users\asch8\AppData\Local\NVIDIA
2024-02-17 19:21 - 2024-02-17 20:05 - 000000000 ____D C:\XboxGames
2024-02-17 19:21 - 2024-02-17 19:21 - 000000028 ____H C:\.GamingRoot
2024-02-17 19:21 - 2024-02-17 19:21 - 000000020 ___SH C:\Users\asch8\ntuser.ini
2024-02-17 18:59 - 2024-02-26 13:09 - 001754660 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-17 18:57 - 2024-02-26 13:03 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-17 18:57 - 2024-02-18 22:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-02-17 18:57 - 2024-02-18 13:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-02-17 18:57 - 2024-02-18 13:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-02-17 18:57 - 2024-02-17 12:31 - 006943344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-02-17 18:57 - 2024-02-07 23:49 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-02-17 18:57 - 2021-09-22 07:07 - 000676496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2024-02-17 18:57 - 2021-09-22 07:07 - 000564344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2024-02-17 18:57 - 2021-09-22 07:07 - 000046264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2024-02-17 18:56 - 2022-02-08 01:52 - 006591312 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2024-02-17 18:55 - 2024-02-26 13:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-17 18:55 - 2024-02-22 19:32 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-17 18:55 - 2024-02-22 19:32 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-17 18:55 - 2024-02-17 18:55 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2024-02-17 18:55 - 2024-02-17 18:55 - 000011433 _____ C:\WINDOWS\diagerr.xml
2024-02-17 18:55 - 2020-11-19 08:38 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3538912014-3826891016-3662973680-500
2024-02-17 18:53 - 2024-02-17 18:53 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2024-02-17 18:53 - 2024-02-17 18:53 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\SystemCertificates
2024-02-17 18:53 - 2024-02-17 18:53 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Network
2024-02-17 18:53 - 2024-02-17 18:53 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Crypto
2024-02-17 18:51 - 2024-02-26 09:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-17 18:51 - 2024-02-24 00:38 - 000754824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-17 18:51 - 2024-02-24 00:38 - 000000000 ____D C:\Users\asch8
2024-02-17 18:51 - 2024-02-20 14:54 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Windows
2024-02-17 18:51 - 2024-02-18 13:37 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Spelling
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Vorlagen
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Startmenü
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Netzwerkumgebung
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Lokale Einstellungen
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Eigene Dateien
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Druckumgebung
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\AppData\Local\Verlauf
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\AppData\Local\Anwendungsdaten
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 _SHDL C:\Users\asch8\Anwendungsdaten
2024-02-17 18:51 - 2024-02-17 18:51 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2024-02-17 18:50 - 2024-02-17 18:50 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2024-02-17 18:49 - 2024-02-17 18:49 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2024-02-17 18:49 - 2024-02-17 18:49 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2024-02-17 18:48 - 2024-02-17 18:48 - 000000000 ____D C:\WINDOWS\InboxApps
2024-02-17 18:45 - 2024-02-17 18:45 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-17 18:44 - 2024-02-17 18:44 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-17 18:43 - 2024-02-17 19:37 - 000000000 ____D C:\WINDOWS\HoloShell
2024-02-17 18:43 - 2024-02-17 18:48 - 000000000 ____D C:\WINDOWS\TextInput
2024-02-17 18:43 - 2022-05-06 13:02 - 000000002 _____ C:\WINDOWS\system32\hologramcompositor.lock
2024-02-17 18:41 - 2024-02-17 18:50 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\WINDOWS\addins
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\Program Files\MSBuild
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-02-17 18:41 - 2024-02-17 18:41 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-02-17 17:55 - 2024-02-17 17:57 - 000000036 _____ C:\WINDOWS\progress.ini
2024-02-17 17:48 - 2024-02-19 13:04 - 000000000 ____D C:\Users\asch8\AppData\Local\Publishers
2024-02-17 17:48 - 2024-02-17 17:48 - 000000000 ____D C:\Users\asch8\AppData\Local\Comms
2024-02-17 17:37 - 2024-02-17 17:55 - 000000000 ___HD C:\$GetCurrent
2024-02-17 17:36 - 2024-02-17 17:55 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
2024-02-17 17:36 - 2024-02-17 17:36 - 000001345 _____ C:\Users\asch8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2024-02-17 17:36 - 2024-02-17 17:36 - 000000000 ____D C:\Users\asch8\AppData\Local\PCHealthCheck
2024-02-17 17:33 - 2024-02-21 11:44 - 000000000 ____D C:\Users\asch8\AppData\Local\PlaceholderTileLogoFolder
2024-02-17 17:33 - 2024-02-19 01:19 - 000000000 ____D C:\Users\asch8\OneDrive\Dokumente\Adobe
2024-02-17 17:33 - 2024-02-18 17:30 - 000000000 ___RD C:\Users\asch8\OneDrive
2024-02-17 17:33 - 2024-02-17 17:33 - 000000000 ____D C:\Users\asch8\OneDrive\Dokumente\Image-Line
2024-02-17 17:32 - 2024-02-17 17:32 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\InputMethod
2024-02-17 17:31 - 2024-02-26 16:37 - 000000000 ____D C:\Users\asch8\AppData\Local\D3DSCache
2024-02-17 17:31 - 2024-02-25 19:03 - 000000000 ____D C:\Users\asch8\AppData\Local\Packages
2024-02-17 17:31 - 2024-02-23 01:03 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Adobe
2024-02-17 17:31 - 2024-02-17 19:21 - 000000000 ____D C:\Users\asch8\AppData\Local\ConnectedDevicesPlatform
2024-02-17 17:31 - 2024-02-17 17:31 - 000000000 ___RD C:\Users\asch8\3D Objects
2024-02-17 17:31 - 2024-02-17 17:31 - 000000000 ____D C:\Users\asch8\AppData\Roaming\Microsoft\Vault
2024-02-17 17:31 - 2024-02-17 17:31 - 000000000 ____D C:\Users\asch8\AppData\Local\VirtualStore
2024-02-17 17:29 - 2024-02-19 11:48 - 000000000 ___SD C:\Users\asch8\AppData\Roaming\Microsoft\Credentials
2024-02-17 17:29 - 2024-02-17 19:21 - 000338272 _____ () C:\WINDOWS\system32\AsusDownLoadLicense.exe
2024-02-17 17:29 - 2024-02-17 17:29 - 000000000 ___SD C:\Users\asch8\AppData\Roaming\Microsoft\Protect
2024-02-17 17:28 - 2024-02-17 17:28 - 001689088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe
2024-02-17 17:28 - 2024-02-17 17:28 - 001414656 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2024-02-17 17:28 - 2024-02-17 17:28 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2024-02-17 17:28 - 2024-02-17 17:28 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2024-02-17 17:27 - 2024-02-17 17:27 - 000000000 ____D C:\Program Files\MsEdgeCrashpad
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Vorlagen
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Startmenü
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Netzwerkumgebung
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Lokale Einstellungen
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Eigene Dateien
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Druckumgebung
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Users\Default\Anwendungsdaten
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Programme
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\ProgramData\Vorlagen
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\ProgramData\Startmenü
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\ProgramData\Dokumente
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\ProgramData\Anwendungsdaten
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Program Files\Gemeinsame Dateien
2024-02-17 17:25 - 2024-02-17 17:25 - 000000000 _SHDL C:\Dokumente und Einstellungen
2024-02-17 17:23 - 2024-02-17 17:23 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-02-17 17:23 - 2024-02-17 17:23 - 000000000 ____D C:\ProgramData\ASUS
2024-02-17 17:22 - 2024-02-26 13:02 - 000880672 _____ C:\WINDOWS\system32\wpbbin.exe
2024-02-17 17:22 - 2024-02-26 13:02 - 000842128 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2024-02-17 17:22 - 2024-02-26 13:02 - 000012288 ___SH C:\DumpStack.log.tmp
2024-01-31 21:16 - 2024-02-03 02:18 - 008927534 _____ C:\Users\asch8\OneDrive\Desktop\story_referenzen.psd
2024-01-31 11:52 - 2024-01-31 15:12 - 000000385 _____ C:\Users\asch8\OneDrive\Desktop\Dach-Expert.txt

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-02-26 18:13 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-02-26 18:13 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-02-26 18:10 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-26 18:10 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-26 13:02 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-02-25 21:37 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-25 21:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-25 21:37 - 2020-11-19 08:32 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-25 19:03 - 2020-11-19 08:33 - 000000000 ____D C:\ProgramData\Packages
2024-02-19 22:00 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-02-18 22:28 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-18 13:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-02-17 22:15 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\appcompat
2024-02-17 20:44 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-02-17 20:44 - 2020-11-19 08:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-02-17 20:06 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-17 19:37 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-02-17 19:37 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-17 19:21 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-17 19:21 - 2020-11-19 08:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-02-17 19:06 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-02-17 19:06 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\OCR
2024-02-17 19:06 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Globalization
2024-02-17 19:06 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2024-02-17 18:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-17 18:55 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows NT
2024-02-17 18:54 - 2022-05-07 06:24 - 000000000 __RHD C:\Users\Public\Libraries
2024-02-17 18:51 - 2022-05-07 06:24 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2024-02-17 18:50 - 2022-05-07 11:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-02-17 18:50 - 2022-05-07 11:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\winrm
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\WCN
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\slmgr
2024-02-17 18:50 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2024-02-17 18:50 - 2022-05-07 06:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\dsc
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\spool
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\MUI
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Keywords
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\IME
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-02-17 18:50 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ta-in
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\si-lk
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\my-mm
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2024-02-17 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\am-et
2024-02-17 18:49 - 2022-05-07 06:28 - 000000000 ____D C:\WINDOWS\Setup
2024-02-17 18:48 - 2023-10-01 07:59 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-02-17 18:48 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2024-02-17 18:48 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\de
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\id-ID
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-02-17 18:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-17 18:47 - 2022-05-07 11:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-02-17 18:47 - 2022-05-07 06:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-02-17 18:47 - 2022-05-07 06:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-02-17 18:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-02-17 18:39 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-02-17 17:34 - 2021-02-09 13:54 - 000774870 _____ C:\WINDOWS\system32\perfh015.dat
2024-02-17 17:34 - 2021-02-09 13:54 - 000151942 _____ C:\WINDOWS\system32\perfc015.dat
2024-02-17 17:34 - 2021-02-09 13:45 - 000776404 _____ C:\WINDOWS\system32\perfh013.dat
2024-02-17 17:34 - 2021-02-09 13:45 - 000153756 _____ C:\WINDOWS\system32\perfc013.dat
2024-02-17 17:34 - 2021-02-09 13:36 - 000769258 _____ C:\WINDOWS\system32\perfh010.dat
2024-02-17 17:34 - 2021-02-09 13:36 - 000145474 _____ C:\WINDOWS\system32\perfc010.dat
2024-02-17 17:34 - 2021-02-09 13:27 - 000780536 _____ C:\WINDOWS\system32\perfh00C.dat
2024-02-17 17:34 - 2021-02-09 13:27 - 000149202 _____ C:\WINDOWS\system32\perfc00C.dat
2024-02-17 17:34 - 2021-02-09 13:18 - 000776782 _____ C:\WINDOWS\system32\perfh00A.dat
2024-02-17 17:34 - 2021-02-09 13:18 - 000154912 _____ C:\WINDOWS\system32\perfc00A.dat

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2024-02-19 22:03 - 2024-02-19 22:05 - 000006046 _____ () C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000006046 _____ () C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000000059 _____ () C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2024-02-19 22:03 - 2024-02-19 22:05 - 000000059 _____ () C:\Users\asch8\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2024-02-19 15:15 - 2024-02-26 16:24 - 000001456 _____ () C:\Users\asch8\AppData\Local\Adobe Für Web speichern 13.0 Prefs

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

cosinus · 27.02.2024, 09:58

Scripting/Repair mit FRST64

WARNUNG AN ALLE MITLESER !!!
Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!

Kopiere den gesamten Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\CurrentVersion\Windows: [Run] C:\Users\asch8\AppData\Roaming\Forskrkke\Thanatoid.exe <==== ACHTUNG
C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip
C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\caljgklbbfbcjjanaijlacgncafpegll
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\caljgklbbfbcjjanaijlacgncafpegll
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\caljgklbbfbcjjanaijlacgncafpegll
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh
C:\Users\asch8\AppData\Roaming\Forskrkke
emptytemp:
End::

Starte nun FRST und klicke direkt den Reparieren Button.Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
Gegebenenfalls muss dein Rechner neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Adrian87 · 27.02.2024, 19:27

Hallo Cosinus

Vielen Dank. Anbei der Fixlog.

Code:

ATTFilter

Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26.02.2024 01
durchgeführt von asch8 (27-02-2024 19:20:06) Run:1
Gestartet von C:\Users\asch8\OneDrive\Desktop
Geladene Profile: asch8
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Start::
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\CurrentVersion\Windows: [Run] C:\Users\asch8\AppData\Roaming\Forskrkke\Thanatoid.exe <==== ACHTUNG
C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip
C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\caljgklbbfbcjjanaijlacgncafpegll
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\caljgklbbfbcjjanaijlacgncafpegll
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\caljgklbbfbcjjanaijlacgncafpegll
C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh
C:\Users\asch8\AppData\Roaming\Forskrkke
emptytemp:
End::
*****************

Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => erfolgreich entfernt
"HKU\S-1-5-21-494115103-3953799370-1247020108-1001\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Run" => erfolgreich entfernt

"C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip" Ordner verschieben:

C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip => erfolgreich verschoben

"C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle" Ordner verschieben:

C:\Users\asch8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle => erfolgreich verschoben

"C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll" Ordner verschieben:

C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll => erfolgreich verschoben

"C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" Ordner verschieben:

C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => erfolgreich verschoben

"C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll" Ordner verschieben:

C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll => erfolgreich verschoben

"C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" Ordner verschieben:

C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => erfolgreich verschoben

"C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\caljgklbbfbcjjanaijlacgncafpegll" Ordner verschieben:

C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\caljgklbbfbcjjanaijlacgncafpegll => erfolgreich verschoben

"C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" Ordner verschieben:

C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => erfolgreich verschoben

"C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\caljgklbbfbcjjanaijlacgncafpegll" Ordner verschieben:

C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\caljgklbbfbcjjanaijlacgncafpegll => erfolgreich verschoben

"C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh" Ordner verschieben:

C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh => erfolgreich verschoben

"C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" Ordner verschieben:

C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => erfolgreich verschoben

"C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\caljgklbbfbcjjanaijlacgncafpegll" Ordner verschieben:

C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\caljgklbbfbcjjanaijlacgncafpegll => erfolgreich verschoben

"C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh" Ordner verschieben:

C:\Users\asch8\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh => erfolgreich verschoben

"C:\Users\asch8\AppData\Roaming\Forskrkke" Ordner verschieben:

C:\Users\asch8\AppData\Roaming\Forskrkke => erfolgreich verschoben

=========== EmptyTemp: ==========

FlushDNS => abgeschlossen
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 64151704 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 586939421 B
Windows/system/drivers => 3225517186 B
Edge => 0 B
Chrome => 1471657305 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 96328 B
NetworkService => 104490 B
asch8 => 7951802069 B

RecycleBin => 810667001 B
EmptyTemp: => 13.1 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 19:21:19 ====

cosinus · 27.02.2024, 21:02

Wir brauchen neue FRST-Logs.

Adrian87 · 28.02.2024, 23:37

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26.02.2024 01
durchgeführt von asch8 (28-02-2024 23:36:14)
Gestartet von C:\Users\asch8\OneDrive\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) (2024-02-17 17:55:39)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-494115103-3953799370-1247020108-500 - Administrator - Disabled)
asch8 (S-1-5-21-494115103-3953799370-1247020108-1001 - Administrator - Enabled) => C:\Users\asch8
DefaultAccount (S-1-5-21-494115103-3953799370-1247020108-503 - Limited - Disabled)
Gast (S-1-5-21-494115103-3953799370-1247020108-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-494115103-3953799370-1247020108-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avira Security (Enabled) {4EFB3EBA-D5BC-D311-F570-D3065B48D523}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.008.20555 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.1.0.587 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_7_2) (Version: 7.2 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_4) (Version: 25.4.0.319 - Adobe Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - Blizzard Entertainment)
Dell Display Manager 2.2 (HKLM\...\Dell Display Manager 2) (Version: 2.2.0.43 - Dell Inc.)
Discord (HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\Discord) (Version: 1.0.9033 - Discord Inc.)
FileZilla 3.66.5 (HKLM-x32\...\FileZilla Client) (Version: 3.66.5 - Tim Kosse)
FiveM (HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\CitizenFX_FiveM) (Version:  - Cfx.re)
Focusrite Audio Drivers 4.119.13.33 (HKLM\...\Focusrite Audio Drivers_is1) (Version: 4.119.13.33 - Focusrite Audio Engineering, Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.70 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 87.0.2.0 - Google LLC)
Microsoft .NET Host - 6.0.22 (x64) (HKLM\...\{A575E059-0C3F-4138-B87A-BAF55CABA9FA}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.22 (x64) (HKLM\...\{E7598167-2D5C-4704-8777-8A25289EB8FE}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.22 (x64) (HKLM\...\{853BA4E9-D41A-4FF6-AB22-A6FFDD77EA78}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.52 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.52 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.020.0128.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM\...\{6B3108CD-E279-4795-BCBF-BDEA037A7913}) (Version: 48.88.914 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM-x32\...\{0f94f805-22c3-4413-b1e5-5ab275ba92d5}) (Version: 6.0.22.32825 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.7.0 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 115.8.0 (x64 de)) (Version: 115.8.0 - Mozilla)
MSVCRT Redists (HKLM\...\{E28F9ECF-1D13-11EC-843A-00155D26A171}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Grafiktreiber 551.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.61 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.85.1858 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.2.7.3 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.6.1 - TeamSpeak Systems GmbH)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VEGAS Pro 19.0 (HKLM\...\{E0A0A00F-1D13-11EC-88E7-00155D26A171}) (Version: 19.0.381 - VEGAS)
Windows*11-Installationsassistent (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.3630 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{4254C1AD-B9B0-4020-A4B1-D8B61D12142A}) (Version: 3.7.2204.15001 - Microsoft Corporation)
WinRAR 6.24 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)

Packages:
=========

Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2024-02-18] (Adobe Systems Incorporated)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1100.416.0_x64__8wekyb3d8bbwe [2024-02-24] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_151.3.1092.0_x64__v10z8vjag6ke6 [2024-02-19] (HP Inc.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2402.13002.0_x64__8wekyb3d8bbwe [2024-02-28] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-02-17] (Microsoft Corp.)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-02-17] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-02-17] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-02-22] (NVIDIA Corp.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-02-19] (Adobe Systems Incorporated)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-17] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0 [2024-02-17] (Spotify AB) [Startup Task]
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.14.9.0_x64__t4vj0pshhgkwm [2024-02-21] (Telegram Messenger LLP) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2407.10.0_x64__cv1g1gvanyjgm [2024-02-28] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-02-17] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2024-02-18] (win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-494115103-3953799370-1247020108-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-494115103-3953799370-1247020108-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-494115103-3953799370-1247020108-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [     OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [     OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\87.0.2.0\drivefsext.dll [2024-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830091b3ebd4b98a\nvshext.dll [2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-02-18] (Adobe Inc. -> )

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2024-02-27 19:32 - 2024-02-27 19:32 - 165248000 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\libcef.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000379392 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\libegl.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 006679040 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\libglesv2.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 004325888 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\vk_swiftshader.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 001166336 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\chrome_elf.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000046080 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\audio\qtaudio_windows.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000030720 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\iconengines\qsvgicon.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000027136 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\imageformats\qgif.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000025600 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\imageformats\qico.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000353280 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\imageformats\qjpeg.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000021504 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\imageformats\qsvg.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000352256 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\imageformats\qtiff.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000423424 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\imageformats\qwebp.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 001239552 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\platforms\qwindows.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 005550592 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\Qt5Core.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 005812736 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\Qt5Gui.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000594944 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\Qt5Multimedia.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000915456 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\Qt5Network.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 003046400 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\Qt5Qml.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000362496 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\Qt5QmlModels.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 003650560 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\Qt5Quick.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000262144 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\Qt5Svg.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 004702208 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\Qt5Widgets.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000220160 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\Qt5WinExtras.dll
2024-02-27 19:32 - 2024-02-27 19:32 - 000165888 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14647\Qt5Xml.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-12-07 10:14 - 2024-02-20 14:54 - 000000988 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lh.saltmine.de #saltychat fix
127.0.0.1 lh.v10.network #saltychat fix
127.0.0.1 lh.saltmine.de #saltychat fix
127.0.0.1 lh.v10.network #saltychat fix

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-494115103-3953799370-1247020108-1001\Control Panel\Desktop\\Wallpaper -> D:\Eigene Datein\Bilder & Videos\Wallpaper\3425171_2.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Focusrite Notifier"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\StartupFolder: => "DDM2.0.lnk"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_F37BB1A5C7F5DD90127A66EC187105FA"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-494115103-3953799370-1247020108-1001\...\StartupApproved\Run: => "ut"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{01018CBA-78FE-48A8-AE6E-96EF970B6F11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B85F87D4-0EF1-4701-B656-6CA03E86EB3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0A9B5112-093A-4DF9-A083-1273822A9485}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1A63F769-8986-4312-A17A-432EB962F439}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B1314DF4-C801-44CD-9751-12921514255C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ACB8A4CA-C461-43AD-B5AC-9A792F7C5315}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ABB824B9-0A76-4929-BA9F-408DF77E17CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1851BF37-DC07-4B88-972A-AEA886ACC296}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B9670AB7-6D3D-4B9E-B538-BA4461D844F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A89BEB45-D507-46CB-9DEC-50A101FCC49C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{328D6467-E5A6-4CA1-B98A-BE83383AC170}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{57D12637-BB9C-4F69-86B1-B494C402952D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DEB6900C-01D5-4CA7-B841-A269130818CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A4909A39-FAFF-4F69-9257-463E179E3216}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8965CA82-CEEA-4CB3-9FA2-F00F86E99F50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5BD92775-3370-42EB-9E5C-2C4236E4EE4B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DF0FAA64-2AE5-451D-8872-DBE9E79B5063}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F9BFB7E5-A290-4420-A16B-BAFEE89E8364}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{922D09EF-1EA6-422D-BE14-46F9E6DE49D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{674CD41B-743D-414D-8753-5BF7E59F13D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{13D7579D-F5C2-4DD4-BC84-E0C5B8BE0A23}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DD5EC410-1ACD-4F05-9200-64A972BC65A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F32F7BE1-3FE5-4BB2-9DBE-6321AD3469DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{10447422-F059-47AF-9B39-86A9CB069C83}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{147E9AE7-A997-4A5B-9B1E-D5D4CDE316E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{DC83E0C1-66F7-441E-9F81-C66E36F993D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{19DD8606-EE1E-48CB-B408-17F406078315}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{B77967E5-9F6C-4CA7-91ED-A102BDF9A88F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{B88EAC1D-858D-4105-AD3C-8CE8DCA79243}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DADCA087-4D1A-4BD9-B894-CCA646069989}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{91D50249-2F05-462B-985C-9E944036A75D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C12118EB-5A46-41CE-8053-88D360EF05CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{39B3C51D-3CF5-458F-8672-B3514228CAAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B4963A81-D0A1-4F63-A9F8-E4BA9E7C569F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{4B18664B-2D02-4056-B830-76748A8707C6}C:\program files\ragemp\gta5.exe] => (Allow) C:\program files\ragemp\gta5.exe (ANGRY SOLUTIONS LTD -> RAGE Multiplayer Developers)
FirewallRules: [UDP Query User{0529AE26-63C0-40BB-BC33-382A7427BB58}C:\program files\ragemp\gta5.exe] => (Allow) C:\program files\ragemp\gta5.exe (ANGRY SOLUTIONS LTD -> RAGE Multiplayer Developers)
FirewallRules: [{79598773-C327-4E56-9939-7FD37166EC55}] => (Allow) C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{3F931BF9-DFE8-438F-A486-DBBA2F8EA471}] => (Allow) C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [TCP Query User{ED6EAFEF-425F-477D-8192-1B02FB6C0C60}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{CE88B7FE-3271-4FAB-A25F-DB095FEA2D30}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{625FEDD3-7175-46C6-84B7-2E046A5DD443}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{021E06C8-ED5B-4CEA-8399-32AC88E49A4C}] => (Allow) C:\Users\asch8\AppData\Roaming\uTorrent\uTorrent.exe => Keine Datei
FirewallRules: [{CC71DE3B-EBA4-4A0A-88C2-E8EA8C2E436D}] => (Allow) C:\Users\asch8\AppData\Roaming\uTorrent\uTorrent.exe => Keine Datei
FirewallRules: [{23EFFB6F-9A61-4ACB-BAB0-4A32ACDA60F2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6EFFA5E1-9595-4D2C-B964-160CC8F7B3CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [{F57C1571-7DC4-4DAD-AC37-75174219BA38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [TCP Query User{6E08FEB1-4873-4108-BCA2-99415E389DF2}C:\users\asch8\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Block) C:\users\asch8\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (Cfx.re) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{CC0DCFF4-6AF1-4E1D-8A81-F8C6345BCC13}C:\users\asch8\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Block) C:\users\asch8\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (Cfx.re) [Datei ist nicht signiert]
FirewallRules: [{3BF12656-A0A8-4ED8-B233-A77F92AA4E70}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B45B8606-412A-4E26-9FB9-FB1EC6F5AC22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6018C43F-4122-4A7D-B5BA-E5A5D18C9DED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4B54289-6885-4BCE-80D3-26DA5A2BD620}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5FA5F3C-063A-498B-AA44-0761FC8EC295}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Wiederherstellungspunkte =========================

24-02-2024 00:08:52 Removed VEGAS Pro 19.0
28-02-2024 19:51:08 Windows Update
28-02-2024 19:51:08 Windows Update
28-02-2024 19:51:08 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (02/28/2024 10:34:58 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm ShellExperienceHost.exe Version 10.0.22621.3085 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (02/28/2024 10:29:52 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-PG9DSVJ$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 28 Feb 2024 21:29:51 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 30493fd3-26dc-43a0-bc1a-15cf17f159dd

Methode: GET(187ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/28/2024 10:29:52 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 28 Feb 2024 21:29:51 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 2bc5cbb6-073a-48a9-86aa-c11e8f13a6ce

Methode: GET(203ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/28/2024 07:22:43 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm WhatsApp.exe Version 0.0.0.0 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (02/28/2024 07:21:30 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm WhatsApp.exe Version 0.0.0.0 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (02/28/2024 06:37:40 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm WhatsApp.exe Version 0.0.0.0 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (02/28/2024 03:06:03 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm SearchHost.exe Version 623.33304.120.0 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (02/28/2024 02:45:44 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm WhatsApp.exe Version 0.0.0.0 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.


Systemfehler:
=============
Error: (02/28/2024 11:36:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/28/2024 11:36:42 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/28/2024 10:30:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/28/2024 10:29:13 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "{FD06603A-2BDF-4BB1-B7DF-5DC68F353601}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/28/2024 10:28:56 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/28/2024 10:28:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/28/2024 10:28:03 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/28/2024 10:26:16 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PG9DSVJ)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================
Date: 2024-02-27 18:39:17
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {0ADC2177-1EF5-4510-AD37-6A5F0EFA113D}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM 

Date: 2024-02-27 10:05:33
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperBulkExcl.H&threatid=2147822027&enterprise=0
Name: Trojan:Win32/MpTamperBulkExcl.H
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume3\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: AMSI
Benutzer: DESKTOP-PG9DSVJ\asch8
Prozessname: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Sicherheitsversion: AV: 1.405.636.0, AS: 1.405.636.0, NIS: 1.405.636.0
Modulversion: AM: 1.1.24010.10, NIS: 1.1.24010.10 

Date: 2024-02-26 13:03:31
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperBulkExcl.H&threatid=2147822027&enterprise=0
Name: Trojan:Win32/MpTamperBulkExcl.H
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume3\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: AMSI
Benutzer: DESKTOP-PG9DSVJ\asch8
Prozessname: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Sicherheitsversion: AV: 1.405.625.0, AS: 1.405.625.0, NIS: 1.405.625.0
Modulversion: AM: 1.1.24010.10, NIS: 1.1.24010.10 

Date: 2024-02-26 09:51:33
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperBulkExcl.H&threatid=2147822027&enterprise=0
Name: Trojan:Win32/MpTamperBulkExcl.H
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume3\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: AMSI
Benutzer: DESKTOP-PG9DSVJ\asch8
Prozessname: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Sicherheitsversion: AV: 1.405.607.0, AS: 1.405.607.0, NIS: 1.405.607.0
Modulversion: AM: 1.1.24010.10, NIS: 1.1.24010.10 

Date: 2024-02-26 08:07:29
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MpTamperBulkExcl.H&threatid=2147822027&enterprise=0
Name: Trojan:Win32/MpTamperBulkExcl.H
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume3\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: AMSI
Benutzer: DESKTOP-PG9DSVJ\asch8
Prozessname: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Sicherheitsversion: AV: 1.405.607.0, AS: 1.405.607.0, NIS: 1.405.607.0
Modulversion: AM: 1.1.24010.10, NIS: 1.1.24010.10 

CodeIntegrity:
===============
Date: 2024-02-26 18:10:15
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. 


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 3211 08/10/2021
Hauptplatine: ASUSTeK COMPUTER INC. TUF GAMING B450-PLUS II
Prozessor: AMD Ryzen 7 3700X 8-Core Processor 
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 49062.51 MB
Verfügbarer physikalischer RAM: 38968.35 MB
Summe virtueller Speicher: 52134.51 MB
Verfügbarer virtueller Speicher: 38716.06 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.6 GB) (Free:382.7 GB) (Model: KINGSTON SA2000M81000G) NTFS
Drive d: (Volume) (Fixed) (Total:1863.02 GB) (Free:1376.15 GB) (Model: ST2000DM008-2FR102) NTFS

\\?\Volume{d2cd1927-a087-4184-a500-0e68e67a965c}\ () (Fixed) (Total:0.8 GB) (Free:0.08 GB) NTFS
\\?\Volume{23c29f80-e818-4577-8e1a-9d27a51092df}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

25.02.2024, 13:10	#3
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	memorybuffer - HEUR/AGEN.1326623 Bitte zuerst mal Avira deinstallieren. Das Teil ist komplett unnötig und stört nur bei der Bereinigung. __________________ __________________

25.02.2024, 21:33	#5
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	memorybuffer - HEUR/AGEN.1326623 Ja. Das interne Gerät von Windows. __________________ Logfiles bitte immer in CODE-Tags posten

25.02.2024, 23:19	#7
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	memorybuffer - HEUR/AGEN.1326623 Bitte keine unaufgeforderten Screenshots mehr. adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab. __________________ Logfiles bitte immer in CODE-Tags posten

26.02.2024, 13:05	#9
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	memorybuffer - HEUR/AGEN.1326623 Dann jetzt bitte neue FRST-Logs. __________________ Logfiles bitte immer in CODE-Tags posten

27.02.2024, 21:02	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	memorybuffer - HEUR/AGEN.1326623 Wir brauchen neue FRST-Logs. __________________ Logfiles bitte immer in CODE-Tags posten

memorybuffer - HEUR/AGEN.1326623

Log-Analyse und Auswertung: memorybuffer - HEUR/AGEN.1326623