| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: svchost.exe Virus? -> wird geblockt von ESET - Doppelte IP-Adresse im Netzwerk erkannt - PC langsamWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.07.2024, 14:02
| #1 |
| |  svchost.exe Virus? -> wird geblockt von ESET - Doppelte IP-Adresse im Netzwerk erkannt - PC langsam Hallo, wir sind vor einem Monat umgezogen und am neuen Wohnort haben die Probleme angefangen: Ich habe nämlich vor ca 2 Wochen das erste Mal eine Meldung erhalten, dass im Netzwerk eine doppelte IP Adresse erkannt wurde, die vermutlich schädliche Daten senden. Beim ersten Mal habe ich mir erstmal nichts dabei gedacht. Diese Meldung is nun aber immer öfters aufgetaucht auf allen PCs im Netzwerk (alle haben Win10 installiert). Ebenfalls kam hinzu, dass diese Nachricht verschärft wurde von ESET, bei der es dann expliziet hieß, dass schädliche Daten im Netzwerk gesendet werden von dieser doppelten IP-Adresse. Als erste Handlung habe ich dann den Namen und das Passwort von unserem Router umbenannt, aber die doppelte IP-Adresse im Netzwerk blieb bestehen. Vielleicht hat es etwas mit dem Internetanbieterwechsel zu tun, dass etwas auf der Fritzbox nicht richtig eingerichtet ist bzw. bei ESET. Heute habe ich Bilder bearbeitet auf Lightroom und mein PC war extrem langsam. Was sehr unüblich ist. Ich habe einen sehr schnellen PC. Ganz generell lief mein System seltsam langsam, Explorer hängt, Programme brauchen lange zu starten/ Programme reagieren langsam. Auch neu erstellete Ordner im Explorer wurden erst angezeigt, wenn ich aktualisiert habe. Das Problem mit den Ordnern besteht auf 2 der 3 PCs im Netzwerk. Kurz zu meinen Specs: CPU: AMD Ryzen 9 5900X 12-Core Processor 3.70 GHz RAM: 64,0 GB GPU: NVIDIA RTX 2070 Festplatte: 2T SSD Nach längerem recherchieren was das auslösen könnte, sind wir auf die svchost.exe gestoßen, die auf allen PCs (wir haben 3 PCs im Netzwerk) von ESET geblockt wird. Dabei werden sowohl Lokale Anwendungen sowie Remotegeräte geblockt (siehe Screenshots). https://ibb.co/kmNCMpz https://ibb.co/RCsfjDL https://ibb.co/CnjY0cN Ich habe gelesen, dass die svchost.exe eigentlich nicht schädlich ist und von Microsoft stammt, aber gerne von Malware als Tarnname genutzt wird, um Daten unbemerkt abzugreifen. Ich habe nun auch schon sämtliche Viren Scans durchlaufen lassen von ESET, Anti-Malwarebytes, dem ADWCleaner und Combo Cleaner. Auf einem PC wurde etwas gefunden, aber auf den anderen beiden wurde nichts gefunden. Nach dem Löschen bzw. in Quarantäne verschieben, besteht das Problem weiterhin auf allen PCs. Kurz vor dem Absenden dieses Posts ist die Seite abgestürtzt mit dieser Meldung: https://ibb.co/t8gPwmJ Es stimmt also ganz bestimmt irgendetwas nicht mit meinem PC...  Jetzt sind meine Fragen: 1. Müssen wir die svchost.exe, jedenfalls Teile davon, als Virus einstufen? 2. Kann das damit zusammenhängen, dass mein PC langsam läuft? 3. Haben wir etwas falsch gemacht beim Einrichten des neuen Internets mit Eset oder der Fritzbox, dass uns eine doppelte IP-Adresse im Netzwerk angezeigt wird? Ich bedanke mich jetzt schon für die Antworten! Viele Grüße Nichkcin Geändert von Nichkcin (13.07.2024 um 14:08 Uhr) |
|
13.07.2024, 14:07
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | svchost.exe Virus? -> wird geblockt von ESET - Doppelte IP-Adresse im Netzwerk erkannt - PC langsam 1. Wenn ein Adresskonflikt erkannt wird, dann liegt das daran, dass zwei verschiedene Geräte dieselbe IP-Adresse haben. Das passiert nur, wenn mindestens eins davon manuell statisch konfiguriert ist. Heißt du musst jedes Gerät in einem Netzwerk prüfen.
__________________2. Ohne FRST-Logs können wir nichts zu dem Zustand dieses Rechners sagen.
__________________ |
|
13.07.2024, 14:33
| #3 |
| | svchost.exe Virus? -> wird geblockt von ESET - Doppelte IP-Adresse im Netzwerk erkannt - PC langsam Danke für die schnelle Antwort!
__________________1. Ich habe nichts in meinem Netzwerk manuell konfiguriert. Ich hatte nur unserem Homeserver eine statische IP gegeben und der ist gerade nicht mal bei uns im Netzwerk angeschlossen. Alle anderen IPs im Netzwerk wurden automatisch von der Fritzbox vergeben. 2. Was ist ein FRST-Log und wie erstelle ich sowas? |
|
13.07.2024, 14:43
| #4 |
| | svchost.exe Virus? -> wird geblockt von ESET - Doppelte IP-Adresse im Netzwerk erkannt - PC langsam Ich hab es gefunden und die Hier sind die FRST-Logs: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12.07.2024
durchgeführt von Nicholas (Administrator) auf DESKTOP-GUR0ABC (Gigabyte Technology Co., Ltd. X570S AORUS MASTER) (13-07-2024 15:40:14)
Gestartet von C:\Users\Nicholas\Downloads\FRST64.exe
Geladene Profile: Nicholas
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.4651 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.241.434.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Adobe Crash Processor.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <4>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2024.625.600_x64__8wekyb3d8bbwe\olk.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.102\msedgewebview2.exe <8>
(cmd.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(explorer.exe ->) (8bit Solutions LLC -> Bitwarden Inc.) C:\Users\Nicholas\AppData\Local\Programs\Bitwarden\Bitwarden.exe <4>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <41>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2024.625.600_x64__8wekyb3d8bbwe\olk.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(services.exe ->) (Geek Software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdig.inf_amd64_a3a35b9b20ddd8f1\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7b66b6662cf6d72b\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2405.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2424.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2406.1001.20.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2406.1001.20.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2405.8.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4585_none_7e06e2187c9234e2\TiWorker.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7b66b6662cf6d72b\RtkAudUService64.exe [1220312 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196120 2024-07-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [644952 2023-12-08] (Geek Software GmbH -> geek software GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-05-05] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1136560 2024-07-06] (Adobe Inc. -> Adobe Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-4090204583-2270082441-3494668233-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919200 2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4090204583-2270082441-3494668233-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4407656 2024-06-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4090204583-2270082441-3494668233-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3595016 2024-06-27] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-4090204583-2270082441-3494668233-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37550568 2024-07-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3595016 2024-06-27] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\126.0.6478.127\Installer\chrmstp.exe [2024-07-06] (Google LLC -> Google LLC)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {8B2B261F-EEA5-4B5D-889E-E64DA48F98D2} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{922B6762-4217-4966-BCB0-DA047AA62773} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {E02F5645-2953-4E99-8779-396952A75346} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-07-13] (Adobe Inc. -> Adobe Inc.)
Task: {F473B02C-8E17-414E-BEAC-2FCA29F31834} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512336 2024-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD39B1A6-3436-443F-93A5-C9A1AD714857} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512336 2024-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A60461D4-2D2F-4F66-8616-FDA0AE2979DD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221848 2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {83062050-06F8-4FD1-AFB5-ADFA5DCCA464} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221848 2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {77337D89-B934-4FA4-807B-8E149E39A666} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {8C9F4B13-A2A8-4714-8707-C8BB165B00EC} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4090204583-2270082441-3494668233-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{7ad404ad-8cc4-4ac3-9caf-a8bcae1fd646}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{7ad404ad-8cc4-4ac3-9caf-a8bcae1fd646}: [DhcpDomain] fritz.box
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Nicholas\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-13]
Edge HomePage: Default -> hxxp://www.youtube.com/
Edge Extension: (ProxFlow) - C:\Users\Nicholas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2024-01-27]
Edge Extension: (Dark Mode) - C:\Users\Nicholas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2024-01-27]
Edge Extension: (Avast Online Security & Privacy) - C:\Users\Nicholas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2024-07-13]
Edge Extension: (Google Docs Offline) - C:\Users\Nicholas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-28]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Nicholas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-07-13]
Edge Extension: (Edge relevant text changes) - C:\Users\Nicholas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-27]
Edge Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Nicholas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-07-13]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\Nicholas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2024-07-13]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-07-06] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-07-06] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default [2024-07-13]
CHR HomePage: Default -> hxxp://www.youtube.com/
CHR Extension: (ProxFlow) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2024-01-27]
CHR Extension: (Dunkles Theme für Google Chrome) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2024-01-27]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-07-06]
CHR Extension: (Dark Mode) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2024-01-27]
CHR Extension: (Google Docs Offline) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-13]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-07-06]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2024-06-05]
CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2024-01-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-27]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-07-06]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-07-06] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14023752 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
S3 ComboCleaner.Guard; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe [144616 2024-06-04] (RCS LT UAB -> RCS LT)
S3 ComboCleaner.WinService; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.WinService.exe [152296 2024-06-04] (RCS LT UAB -> RCS LT)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [213432 2021-02-21] (DTS, Inc. -> DTS Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5592440 2024-07-13] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4206328 2024-07-13] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4206328 2024-07-13] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncHelper.exe [3519392 2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8901528 2024-07-13] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-07-13] (Malwarebytes Inc. -> Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdig.inf_amd64_a3a35b9b20ddd8f1\Display.NvContainer\NVDisplay.Container.exe [1275440 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.126.0623.0001\OneDriveUpdaterService.exe [3860400 2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [146688 2024-07-13] (Facebook Technologies, LLC -> Facebook Technologies, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [418048 2024-07-13] (Facebook Technologies, LLC -> Facebook Technologies, LLC)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [644952 2023-12-08] (Geek Software GmbH -> geek software GmbH)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1878448 2024-06-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [231856 2024-06-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [298248 2024-06-26] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2024-05-15] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522200 2024-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 GigabyteUpdateService; C:\Windows\system32\GigabyteUpdateService.exe [553104 2024-07-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [800672 2023-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [219984 2024-07-13] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [119424 2024-07-13] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2023-12-12] (Microsoft Windows Early Launch Anti-Malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [265944 2024-07-13] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [57848 2024-07-13] (ESET, spol. s r.o. -> ESET)
R3 ELO71AIR; C:\Windows\System32\drivers\ELO71AIR.sys [4251552 2020-08-16] (Microsoft Windows Hardware Compatibility Publisher -> C-MEDIA Inc.)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [84136 2024-07-13] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [126480 2024-07-13] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [177056 2021-10-10] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [221264 2024-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-07-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [201280 2024-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78928 2024-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [189776 2024-07-13] (Malwarebytes Inc. -> Malwarebytes)
S3 mt7612US; C:\Windows\System32\drivers\mt7612US.sys [377232 2017-03-11] (Windows Central Build Account - X -> MediaTek Inc.)
S3 OCULUSUDSVR; C:\Windows\System32\drivers\OCULUSUD.sys [3867552 2024-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Oculus VR, LLC.)
R3 oculusvad_oculusvad; C:\Windows\System32\drivers\oculusvad.sys [73400 2024-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\Windows\System32\drivers\Oculus_ViGEmBus.sys [32856 2024-05-05] (Oculus VR, LLC -> Facebook Inc.)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0228; C:\Windows\System32\drivers\RzDev_0228.sys [56136 2021-03-22] (Razer USA Ltd. -> Razer Inc)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [633264 2022-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55856 2024-01-23] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [594304 2024-01-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-23] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-07-13 15:40 - 2024-07-13 15:40 - 000029761 _____ C:\Users\Nicholas\Downloads\FRST.txt
2024-07-13 15:39 - 2024-07-13 15:40 - 000000000 ____D C:\FRST
2024-07-13 15:39 - 2024-07-13 15:39 - 002395648 _____ (Farbar) C:\Users\Nicholas\Downloads\FRST64.exe
2024-07-13 14:50 - 2024-07-13 15:02 - 000002872 _____ C:\Users\Nicholas\Desktop\Neues Textdokument.txt
2024-07-13 14:28 - 2024-07-13 14:28 - 000000000 ____D C:\Users\Nicholas\AppData\Roaming\Microsoft\MMC
2024-07-13 14:20 - 2024-07-13 15:02 - 000000000 ____D C:\Users\Nicholas\Desktop\SVCHOST
2024-07-13 12:42 - 2024-07-13 12:42 - 000189776 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2024-07-13 12:28 - 2024-07-13 12:28 - 000000000 ____D C:\Windows\system32\o2
2024-07-13 12:27 - 2024-07-13 12:41 - 000000000 ____D C:\ProgramData\Avast Software
2024-07-13 12:27 - 2024-07-13 12:27 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2024-07-13 12:27 - 2024-07-13 12:27 - 000271712 _____ (AVAST Software) C:\Users\Nicholas\Downloads\avast_one_free_antivirus.exe
2024-07-13 12:15 - 2024-07-13 12:15 - 000000000 ____D C:\Windows\system32\compatrel
2024-07-13 11:12 - 2024-07-13 11:14 - 000000000 ____D C:\Program Files (x86)\Combo Cleaner
2024-07-13 11:12 - 2024-07-13 11:12 - 000001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Combo Cleaner.lnk
2024-07-13 11:12 - 2024-07-13 11:12 - 000001957 _____ C:\Users\Public\Desktop\Combo Cleaner.lnk
2024-07-13 11:12 - 2024-07-13 11:12 - 000000000 ____D C:\Users\Nicholas\AppData\Local\RCS_LT
2024-07-13 11:12 - 2024-07-13 11:12 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2024-07-13 11:11 - 2024-07-13 11:11 - 003607336 _____ (RCS LT) C:\Users\Nicholas\Downloads\CCSetup.exe
2024-07-13 10:41 - 2024-07-13 10:41 - 008791352 _____ (Malwarebytes) C:\Users\Nicholas\Downloads\adwcleaner (1).exe
2024-07-13 10:41 - 2024-07-13 10:41 - 008790880 _____ (Malwarebytes) C:\Users\Nicholas\Downloads\adwcleaner(1).exe
2024-07-13 10:33 - 2024-07-13 10:33 - 002591728 _____ (Malwarebytes) C:\Users\Nicholas\Downloads\MBSetup (1).exe
2024-07-13 10:31 - 2024-07-13 12:08 - 000000000 ____D C:\AdwCleaner
2024-07-13 10:31 - 2024-07-13 10:31 - 008790880 _____ (Malwarebytes) C:\Users\Nicholas\Downloads\adwcleaner.exe
2024-07-13 10:29 - 2024-07-13 15:35 - 000000000 ____D C:\Users\Nicholas\AppData\Local\Malwarebytes
2024-07-13 10:29 - 2024-07-13 10:29 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-07-13 10:29 - 2024-07-13 10:29 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-07-13 10:28 - 2024-07-13 10:28 - 002591728 _____ (Malwarebytes) C:\Users\Nicholas\Downloads\MBSetup.exe
2024-07-13 10:28 - 2024-07-13 10:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-07-13 10:28 - 2024-07-13 10:28 - 000000000 ____D C:\Program Files\Malwarebytes
2024-07-13 10:18 - 2024-07-13 10:18 - 000021724 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-07-13 10:18 - 2024-07-13 10:18 - 000021724 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-07-13 10:15 - 2024-07-13 10:15 - 000000000 ___HD C:\$WinREAgent
2024-07-13 10:08 - 2024-07-13 10:08 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop (Beta).lnk
2024-07-13 10:07 - 2024-07-13 12:52 - 000000000 ____D C:\Users\Nicholas\Desktop\BadSalzschlirf
2024-07-07 20:41 - 2024-07-07 20:41 - 252561680 _____ C:\Users\Nicholas\Desktop\IMG_20230401_193344-Recovered.psd
2024-07-07 20:41 - 2024-07-07 20:41 - 101882209 _____ C:\Users\Nicholas\Desktop\Bewerbungsbild-Recovered.psd
2024-07-07 13:52 - 2024-07-07 13:52 - 018518913 _____ C:\Users\Nicholas\Desktop\geburtstagsbild.psd
2024-07-06 22:40 - 2024-07-06 22:47 - 000092026 _____ C:\Users\Nicholas\Desktop\FRITZ!Box 7530.pdf
2024-07-06 11:19 - 2024-07-06 11:19 - 000001191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Substance 3D Painter.lnk
2024-07-06 11:12 - 2024-07-06 11:12 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2024-07-06 11:12 - 2024-07-06 11:12 - 000001038 _____ C:\Users\Nicholas\Desktop\Lightroom.lnk
2024-07-06 11:00 - 2024-07-06 11:00 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2024.lnk
2024-06-25 09:56 - 2024-06-25 09:56 - 000356784 _____ (Razer Inc.) C:\Windows\system32\RzChromaSDK64.dll
2024-06-25 09:55 - 2024-06-25 09:55 - 000049072 _____ (Razer Inc.) C:\Windows\system32\RzChromatic64.dll
2024-06-25 09:54 - 2024-06-25 09:54 - 000043440 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromatic.dll
2024-06-25 09:49 - 2024-06-25 09:49 - 000315312 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaSDK.dll
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-07-13 15:40 - 2024-01-27 11:30 - 000000000 ____D C:\Users\Nicholas\AppData\Roaming\Bitwarden
2024-07-13 15:39 - 2024-01-27 11:46 - 000000000 ____D C:\Program Files (x86)\Steam
2024-07-13 14:28 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-07-13 14:05 - 2024-01-23 22:02 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-07-13 13:30 - 2024-01-27 10:46 - 000000000 ____D C:\Users\Nicholas\AppData\Local\D3DSCache
2024-07-13 12:48 - 2024-01-23 22:07 - 001723308 _____ C:\Windows\system32\PerfStringBackup.INI
2024-07-13 12:48 - 2019-12-07 16:51 - 000743838 _____ C:\Windows\system32\perfh007.dat
2024-07-13 12:48 - 2019-12-07 16:51 - 000150260 _____ C:\Windows\system32\perfc007.dat
2024-07-13 12:45 - 2024-05-05 14:24 - 000000000 ____D C:\Users\Nicholas\AppData\Local\Oculus
2024-07-13 12:45 - 2024-01-23 22:06 - 000089232 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\system32\GigabyteDownloadAssistant.exe
2024-07-13 12:42 - 2024-01-23 22:23 - 000000000 ____D C:\ProgramData\NVIDIA
2024-07-13 12:42 - 2024-01-23 22:02 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-07-13 12:42 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-07-13 12:41 - 2024-01-23 22:02 - 000567312 _____ C:\Windows\system32\wpbbin.exe
2024-07-13 12:41 - 2024-01-23 22:02 - 000553104 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\system32\GigabyteUpdateService.exe
2024-07-13 12:41 - 2024-01-23 22:02 - 000008192 ___SH C:\DumpStack.log.tmp
2024-07-13 12:41 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-07-13 12:38 - 2024-03-24 13:17 - 000000000 ____D C:\Users\Nicholas\AppData\Local\CrashDumps
2024-07-13 12:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-07-13 12:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-07-13 12:16 - 2024-01-23 22:02 - 000440072 _____ C:\Windows\system32\FNTCACHE.DAT
2024-07-13 12:15 - 2023-12-04 04:56 - 000000000 ____D C:\Windows\InboxApps
2024-07-13 12:15 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-07-13 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-07-13 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2024-07-13 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-07-13 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2024-07-13 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-07-13 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2024-07-13 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2024-07-13 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-07-13 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-07-13 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2024-07-13 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-07-13 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2024-07-13 10:20 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2024-07-13 10:18 - 2024-01-23 22:05 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-07-13 10:15 - 2024-01-23 22:15 - 000000000 ____D C:\Windows\system32\MRT
2024-07-13 10:14 - 2024-01-23 22:15 - 194135240 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-07-13 10:08 - 2024-01-27 11:45 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-07-13 10:02 - 2024-01-27 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2024-07-13 10:01 - 2024-01-27 15:05 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2024-07-13 10:01 - 2024-01-27 11:45 - 000000000 ____D C:\Program Files\Adobe
2024-07-13 10:00 - 2024-01-29 18:52 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-07-13 10:00 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-07-13 09:57 - 2024-02-24 13:40 - 000003594 _____ C:\Windows\system32\Tasks\Launch Adobe CCXProcess
2024-07-13 09:05 - 2024-01-23 22:02 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-07-13 09:03 - 2024-05-05 14:29 - 000000000 ____D C:\Program Files\Oculus
2024-07-13 09:01 - 2024-01-27 15:30 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-07-13 08:59 - 2024-01-27 15:35 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-07-13 08:59 - 2024-01-27 15:35 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-07-13 08:59 - 2024-01-23 22:20 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4090204583-2270082441-3494668233-1001
2024-07-13 08:58 - 2024-01-23 22:02 - 000003754 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-07-13 08:58 - 2024-01-23 22:02 - 000003630 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-07-13 08:56 - 2023-12-12 12:35 - 000265944 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2024-07-13 08:56 - 2023-12-12 12:35 - 000219984 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2024-07-13 08:56 - 2023-12-12 12:35 - 000126480 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2024-07-13 08:56 - 2023-12-12 12:35 - 000119424 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2024-07-13 08:56 - 2023-12-12 12:35 - 000084136 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2024-07-13 08:56 - 2023-12-12 12:35 - 000057848 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2024-07-06 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-07-06 22:39 - 2024-01-23 22:06 - 000000000 ____D C:\Users\Nicholas\AppData\Local\Packages
2024-07-06 22:37 - 2024-01-23 22:06 - 000000000 ___SD C:\Users\Nicholas\AppData\Roaming\Microsoft\Credentials
2024-07-06 13:29 - 2024-01-27 15:35 - 000000000 ____D C:\Users\Nicholas\AppData\Roaming\Microsoft\Word
2024-07-06 13:27 - 2024-01-28 13:07 - 000000000 ____D C:\Users\Nicholas\AppData\Roaming\Microsoft\Excel
2024-07-06 13:23 - 2024-02-15 23:58 - 000000000 ____D C:\Users\Nicholas\AppData\Roaming\Microsoft\UProof
2024-07-06 11:25 - 2023-12-04 04:56 - 000000000 ____D C:\Windows\SystemTemp
2024-07-06 11:03 - 2024-01-23 22:06 - 000000000 ____D C:\Users\Nicholas\AppData\Roaming\Adobe
2024-07-06 11:00 - 2024-01-27 11:45 - 000000000 ____D C:\ProgramData\Adobe
2024-07-06 10:59 - 2024-03-29 15:08 - 002799208 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2024-07-06 10:59 - 2024-03-29 15:08 - 000145000 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2024-07-06 10:59 - 2024-03-29 15:08 - 000108024 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2024-07-06 10:59 - 2024-03-29 15:08 - 000075368 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2024-07-06 10:59 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-07-06 10:58 - 2024-03-29 15:08 - 000267768 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_4.dll
2024-07-06 10:57 - 2024-03-29 15:08 - 000751096 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2024-07-06 10:57 - 2024-03-29 15:08 - 000222824 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2024-07-06 10:57 - 2024-03-29 15:08 - 000206440 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2024-07-06 10:48 - 2024-01-27 11:45 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2024-07-06 10:48 - 2024-01-27 11:45 - 000000000 ____D C:\Program Files (x86)\Adobe
2024-07-06 10:48 - 2024-01-27 11:27 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-07-06 10:47 - 2024-01-27 11:47 - 000000000 ____D C:\Users\Nicholas\AppData\Local\Steam
2024-07-06 10:47 - 2024-01-23 22:12 - 000000000 ____D C:\Program Files (x86)\Razer
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12.07.2024
durchgeführt von Nicholas (13-07-2024 15:41:00)
Gestartet von C:\Users\Nicholas\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.4651 (X64) (2024-01-23 20:03:56)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-4090204583-2270082441-3494668233-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4090204583-2270082441-3494668233-503 - Limited - Disabled)
Gast (S-1-5-21-4090204583-2270082441-3494668233-501 - Limited - Disabled)
Nicholas (S-1-5-21-4090204583-2270082441-3494668233-1001 - Administrator - Enabled) => C:\Users\Nicholas
WDAGUtilityAccount (S-1-5-21-4090204583-2270082441-3494668233-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.3.0.207 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_7_4_1) (Version: 7.4.1 - Adobe Inc.)
Adobe Photoshop (Beta) (HKLM-x32\...\PHSPBETA_25_12) (Version: 25.12.0.2694 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_9_1) (Version: 25.9.1.626 - Adobe Inc.)
Adobe Substance 3D Painter (HKLM-x32\...\SBSTP_10_0_1) (Version: 10.0.1 - Adobe Inc.)
Anno 1800 (HKLM-x32\...\Uplay Install 4553) (Version: - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bitwarden (HKU\S-1-5-21-4090204583-2270082441-3494668233-1001\...\173a9bac-6f0d-50c4-8202-4744c69d091a) (Version: 2024.6.4 - Bitwarden Inc.)
blender (HKLM\...\{9895B058-9168-49B2-A99D-31970EC35033}) (Version: 4.0.2 - Blender Foundation)
Combo Cleaner (HKLM\...\{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.63.0 - RCS LT) Hidden
Combo Cleaner (HKLM-x32\...\InstallShield_{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.63.0 - RCS LT)
Discord (HKU\S-1-5-21-4090204583-2270082441-3494668233-1001\...\Discord) (Version: 1.0.9031 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{9483ABD9-C772-487B-ADF8-09347CF8F2D2}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{D49B87B7-D6F4-43F9-8CC5-097B0715F6D3}) (Version: 17.2.7.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 126.0.6478.127 - Google LLC)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 5.1.6.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.6.117 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.102 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.102 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.17726.20160 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.126.0623.0001 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.14501 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
NVIDIA Grafiktreiber 551.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.17726.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.17726.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
PDF24 Creator 11.15.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.15.2 - geek software GmbH)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.0630.062714 - Razer Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 151.2.11050 - Ubisoft)
UE Prerequisites (x64) (HKLM\...\{C4175120-313E-467B-AAA7-825979CBAEE7}) (Version: 1.0.20.0 - Epic Games, Inc.) Hidden
UE Prerequisites (x64) (HKLM-x32\...\{b24cae82-bb64-4ad2-820a-dc2c4031c914}) (Version: 1.0.20.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 6.24 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-05-22] (Adobe Systems Incorporated)
DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.13.5.0_x64__t5j2fzbtdg37r [2024-04-20] (DTS, Inc.)
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe [2024-07-13] (Microsoft) [Startup Task]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2024-07-06] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-05-05] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2024-01-23] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.241.434.0_x64__zpdnekdrzrea0 [2024-07-07] (Spotify AB) [Startup Task]
Websuche von Microsoft Bing -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-06] (Microsoft Corporation)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2424.6.0_x64__cv1g1gvanyjgm [2024-07-06] (WhatsApp Inc.) [Startup Task]
Windows Package Manager Source (platform) -> C:\Program Files\WindowsApps\Microsoft.Winget.Platform.Source_2024.105.1947.899_neutral__8wekyb3d8bbwe [2024-02-23] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4090204583-2270082441-3494668233-1001_Classes\CLSID\{04271989-C4D2-E013-A5A7-36F6577974B4} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-4090204583-2270082441-3494668233-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-14C49C3D2A06} -> [Creative Cloud Files Personal Account nicholas-nickel@hotmail.de ABA620DE61D571E50A495FBC@AdobeID] => C:\Users\Nicholas\Creative Cloud Files Personal Account nicholas-nickel@hotmail.de ABA620DE61D571E50A495FBC@AdobeID [2024-01-27 11:45]
CustomCLSID: HKU\S-1-5-21-4090204583-2270082441-3494668233-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Nicholas\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.14501\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4090204583-2270082441-3494668233-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-4090204583-2270082441-3494668233-1001_Classes\CLSID\{995f8d89-8ab5-dd20-098d-b9419e93fd76}\localserver32 -> "C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-4090204583-2270082441-3494668233-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-17] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-17] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-17] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-17] (Adobe Inc. -> )
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-07-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-07-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-07-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdig.inf_amd64_a3a35b9b20ddd8f1\nvshext.dll [2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-17] (Adobe Inc. -> )
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-07-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-07-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2023-11-09 11:59 - 2023-02-27 22:39 - 001393152 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2024-07-06 22:36 - 2024-07-06 22:36 - 000975360 _____ () [Datei ist nicht signiert] \\?\C:\Users\Nicholas\AppData\Local\Programs\Bitwarden\resources\app.asar.unpacked\node_modules\@bitwarden\desktop-native\desktop_native.win32-x64-msvc.node
2024-07-06 22:36 - 2024-07-06 22:36 - 000216064 _____ () [Datei ist nicht signiert] \\?\C:\Users\Nicholas\AppData\Local\Programs\Bitwarden\resources\app.asar.unpacked\node_modules\argon2\lib\binding\napi-v3\argon2.node
2024-01-27 11:30 - 2024-07-06 22:36 - 002866176 _____ () [Datei ist nicht signiert] C:\Users\Nicholas\AppData\Local\Programs\Bitwarden\ffmpeg.dll
2024-01-27 11:30 - 2024-07-06 22:36 - 000479232 _____ () [Datei ist nicht signiert] C:\Users\Nicholas\AppData\Local\Programs\Bitwarden\libegl.dll
2024-01-27 11:30 - 2024-07-06 22:36 - 007671808 _____ () [Datei ist nicht signiert] C:\Users\Nicholas\AppData\Local\Programs\Bitwarden\libglesv2.dll
2024-01-27 11:30 - 2024-07-06 22:36 - 005312000 _____ () [Datei ist nicht signiert] C:\Users\Nicholas\AppData\Local\Programs\Bitwarden\vk_swiftshader.dll
2024-01-27 15:34 - 2024-01-27 15:34 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2024-01-27 15:34 - 2024-01-27 15:34 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Nicholas\Downloads\adwcleaner (1).exe:MBAM.Zone.Identifier [166]
AlternateDataStreams: C:\Users\Nicholas\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [140]
AlternateDataStreams: C:\Users\Nicholas\Downloads\avast_one_free_antivirus.exe:MBAM.Zone.Identifier [211]
AlternateDataStreams: C:\Users\Nicholas\Downloads\CCSetup.exe:MBAM.Zone.Identifier [141]
AlternateDataStreams: C:\Users\Nicholas\Downloads\FRST64.exe:MBAM.Zone.Identifier [193]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-07-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-4090204583-2270082441-3494668233-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nicholas\Pictures\RETROWAVE-OASIS-33331.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{4A12AFA9-7653-4FCE-B855-C8D84AB1ABEE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4DD0D752-CE81-4CAD-833F-A3CEDBC2B42B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{417AF3B9-D891-400D-B2D3-4D86C02D6AF6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A57088C7-FCF9-4937-BCF1-EB88E211EBE0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FAFA5025-F867-40D8-B523-DD6DD7F9C477}] => (Allow) F:\SteamLibrary\steamapps\common\Hollow Knight\hollow_knight.exe () [Datei ist nicht signiert]
FirewallRules: [{1287BB4C-6EA1-43B8-823B-6849910CA5F6}] => (Allow) F:\SteamLibrary\steamapps\common\Hollow Knight\hollow_knight.exe () [Datei ist nicht signiert]
FirewallRules: [{1B1C5FF9-C040-4E96-A4F7-008ABB730DD1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{37A2CFD5-BDFF-435E-BD5E-C38116F17068}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1D59124-DE6F-4ED0-8489-9D5FEF461D8A}] => (Allow) F:\SteamLibrary\steamapps\common\The Saboteur\Saboteur.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F425EE3C-0773-474E-B07A-96D0C3DDB1AE}] => (Allow) F:\SteamLibrary\steamapps\common\The Saboteur\Saboteur.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5E1AF9F4-250C-4F8A-BFCE-97FB41468F0F}] => (Allow) F:\SteamLibrary\steamapps\common\The Saboteur\VideoSetup.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D8DCE6ED-3BCF-4E61-BC09-A4A76092CA24}] => (Allow) F:\SteamLibrary\steamapps\common\The Saboteur\VideoSetup.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{05666A45-FAD4-4A0E-AE86-ECDADC58051B}] => (Allow) F:\SteamLibrary\steamapps\common\Days Gone\BendGame\Binaries\Win64\DaysGone.exe (Sony Interactive Entertainment LLC) [Datei ist nicht signiert]
FirewallRules: [{2A303D27-D66E-4922-9C3F-0F3A8A3AE740}] => (Allow) F:\SteamLibrary\steamapps\common\Days Gone\BendGame\Binaries\Win64\DaysGone.exe (Sony Interactive Entertainment LLC) [Datei ist nicht signiert]
FirewallRules: [{D011BDBB-E2AE-47FA-9C24-DD01B6600B8D}] => (Allow) F:\SteamLibrary\steamapps\common\SOMA\Soma.exe () [Datei ist nicht signiert]
FirewallRules: [{BC89D56E-77CA-41E4-AF2C-8D879CD41FDB}] => (Allow) F:\SteamLibrary\steamapps\common\SOMA\Soma.exe () [Datei ist nicht signiert]
FirewallRules: [{1B559CD1-4964-41AF-80CA-897DBF58E989}] => (Allow) F:\SteamLibrary\steamapps\common\SOMA\ModLauncher.exe () [Datei ist nicht signiert]
FirewallRules: [{53F7CBE9-099D-4CDC-AA70-52986A32682C}] => (Allow) F:\SteamLibrary\steamapps\common\SOMA\ModLauncher.exe () [Datei ist nicht signiert]
FirewallRules: [{099A3A42-9EC9-456A-B3B6-2CC37D89F072}] => (Allow) F:\SteamLibrary\steamapps\common\Firewatch\Firewatch.exe () [Datei ist nicht signiert]
FirewallRules: [{A7254CFE-463D-405D-88F6-E8A8BD57F006}] => (Allow) F:\SteamLibrary\steamapps\common\Firewatch\Firewatch.exe () [Datei ist nicht signiert]
FirewallRules: [{E8A6589E-215A-430D-B510-66C7A86C96F2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC2B8581-5046-41E1-AE3F-6C2D30558382}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7620B5BA-C82E-4876-85F3-7C1064613813}] => (Allow) F:\UplayLibrary\Anno 1800\Bin\Win64\Anno1800.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{43E7CFF4-BB2C-4984-8F5B-DC872A9D9AF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manor Lords\ManorLords.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{E9CB59D1-9F98-438C-96DD-1B88850EC454}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manor Lords\ManorLords.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{BE992A5D-B010-446A-80E4-7E8181B0E6DB}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{F69BCE21-273A-43CF-AA80-F4E0DAD31458}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{EC49C964-AA61-43A7-94EA-51B76DCD6DE4}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{7F884736-069D-42F2-A304-51DF9B04A590}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{6C0C1D4C-1245-4BB8-938A-77A4F2692D45}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{F775033C-66E3-4900-9A98-A4F870EA2741}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{F10DA9F6-5B99-4298-B7BA-A18CCF25FE09}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Facebook Technologies, LLC -> )
FirewallRules: [{72687CA8-E354-4DE8-950F-9CBE68467D9A}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Facebook Technologies, LLC -> )
FirewallRules: [{03DC6DDE-5EFD-413B-8EE2-A9D85BD4E607}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert]
FirewallRules: [{63D0449C-E972-454F-A949-8BB082BA4206}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert]
FirewallRules: [{D41BBEF1-A2A5-404F-9F8E-552F0C5038D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{12B5CAC6-361C-4DDF-B4E8-38267A47C8AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{656B6750-2042-4FBE-8E3B-3A9196021CD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win64\vrserver.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{953D6DC8-5B71-4C41-94F9-48B7168911FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win64\vrserver.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{43009C20-96F9-4C26-96DB-E07BF1009636}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve Corp. -> )
FirewallRules: [{1E725F43-76F3-4807-84F7-F1B09118D510}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve Corp. -> )
FirewallRules: [{18FEE66E-452A-42B6-A89F-0507744122E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve Corp. -> )
FirewallRules: [{695B3FD4-1423-4EC5-BBF0-427E6B5E9FDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve Corp. -> )
FirewallRules: [{783988B5-DFEB-430F-9AE8-2CEBA280448C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5DCF910D-D0A0-4449-97B4-C85A0BBAFFF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{999B5DF5-DF6C-404B-92AC-4DFB98FD6A2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ADED3F21-E71B-4032-AAD7-F201F1E20DF4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{68C5148C-437C-4BA2-84D1-E6CC68DECF73}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F8810B8C-B87A-491D-8DE2-5BD7B242740F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4EE82758-098C-4954-8271-8A05D48A80B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{30183C18-4065-43F6-8579-E61944702520}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{944006E7-6331-4850-BCCE-C34B94E7CF24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{83695E59-A663-48D8-8BD9-EF7A2C1E5DB3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{04447688-38EA-4B4C-8B5C-5BA7E6A9E79B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1E5B5220-4646-4F44-8E42-CFC27195C722}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38558838-8C93-4E5C-A5D9-57CC1FFC0B44}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.122.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1BF337A4-9616-404D-9E21-371259007B12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.122.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A908FB62-02F7-4815-99C7-A55FF062CA93}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.122.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB371C46-F488-4EAA-B9BD-FFBF6372AEC2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.122.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D28CEB90-5948-4D33-B4F1-5B57164150A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.241.434.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4D138D07-63E8-4EE0-8359-72E5C384D40A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.241.434.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2178542E-9708-459B-948B-82109FDD5DC6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.241.434.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F8798CDA-0A2D-4860-AF84-BC344632B8D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.241.434.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{95AA635A-2213-4AB7-B99C-F22D0771A594}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.241.434.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{23C7EBB5-984F-400E-AD2F-997E72FD28B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.241.434.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2D7490FA-D666-4F28-ABAE-8A9679144B95}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.241.434.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C991B0BE-8E8F-473D-8797-ABFC8344105E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.241.434.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E969160F-43F5-48BF-BBEB-FF9C78BBAF4B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.241.434.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{464DD8B9-B6D9-4B05-A83C-84EDE7809028}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.241.434.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A568849F-968E-4491-820E-8C53EE0058F9}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A1F07F7-2F21-4FF6-86D4-F0DCD93600F5}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2C23FF9-B0BE-497F-B166-E076452F97A2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.102\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
06-07-2024 11:51:42 Windows Modules Installer
13-07-2024 10:15:15 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (07/13/2024 01:49:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Festplatte (F:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)
Error: (07/13/2024 01:42:39 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf System-reserviert (D:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)
Error: (07/13/2024 01:05:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmiprvse.exe, Version: 10.0.19041.3636, Zeitstempel: 0x71c3372a
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x80131623
Fehleroffset: 0x00007ff8eda7200f
ID des fehlerhaften Prozesses: 0x11f4
Startzeit der fehlerhaften Anwendung: 0x01dad5148c6af61d
Pfad der fehlerhaften Anwendung: C:\Windows\system32\wbem\wmiprvse.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 36f12088-db9a-4f89-ac5f-8383d1a73587
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/13/2024 01:05:19 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Unerwartete Anbieterausnahme:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (07/13/2024 01:05:19 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (07/13/2024 01:05:19 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (07/13/2024 01:05:19 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (07/13/2024 12:42:03 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Systemfehler:
=============
Error: (07/13/2024 12:44:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (07/13/2024 12:44:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.
Error: (07/13/2024 12:42:02 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Das Secure Boot-Update konnte eine Secure Boot-Variable mit dem Fehler -2147020471 nicht aktualisieren. Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931
Error: (07/13/2024 12:18:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (07/13/2024 12:18:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.
Error: (07/13/2024 12:16:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\system32\IntelIHVRouter08.dll
Error: (07/13/2024 12:16:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\system32\IntelIHVRouter08.dll
Error: (07/13/2024 12:15:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\system32\IntelIHVRouter08.dll
Windows Defender:
================
Date: 2024-01-27 10:15:43
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {12A663E5-BF1E-4F18-B520-D1FA78D32DE4}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2024-01-27 10:10:57
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {6EBFDF05-8D44-4D08-9BC8-AED559BC72D9}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2024-01-27 10:03:40
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {A728B872-82D4-4CDA-B995-08D2993936D1}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
CodeIntegrity:
===============
Date: 2024-07-13 15:41:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends International, LLC. F2 07/08/2021
Hauptplatine: Gigabyte Technology Co., Ltd. X570S AORUS MASTER
Prozessor: AMD Ryzen 9 5900X 12-Core Processor
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 65471.45 MB
Verfügbarer physikalischer RAM: 44223.51 MB
Summe virtueller Speicher: 75199.45 MB
Verfügbarer virtueller Speicher: 52371.09 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:1862.39 GB) (Free:1588.48 GB) (Model: Samsung SSD 980 PRO 2TB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: ST2000DX001-1CM164) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (Festplatte) (Fixed) (Total:1862.08 GB) (Free:524.86 GB) (Model: ST2000DX001-1CM164) NTFS
\\?\Volume{561857ca-affd-4b08-9005-159802b63947}\ () (Fixed) (Total:0.51 GB) (Free:0.06 GB) NTFS
\\?\Volume{e97f5330-0000-0000-0000-508bd1010000}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS
\\?\Volume{354f74b5-b200-4dab-9b8c-90c9bea7af3c}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: E97F5330)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=858 MB) - (Type=27)
==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt =======================
|
|
13.07.2024, 15:09
| #5 | |||
| /// Winkelfunktion /// TB-Süch-Tiger™ | svchost.exe Virus? -> wird geblockt von ESET - Doppelte IP-Adresse im Netzwerk erkannt - PC langsamZitat:
Grundsätzlich sind aber solche Programe wie ESET Internet Security hochproblemtaisch und kontraproduktiv. Diese Programme machen sich extra wichtig, melden fast jeden Furz, den die Anwender auch viel zu oft nicht einordnen können. Daher wird so gut wie immer empfohlen, sowas zu deinstallieren und sich auf den Microsoft Defender plus Windows Firewall zu beschränken. Deine Screenshots sind wenig aussagekräftig, da du dort zuviel zensiert hast. Und mit unkonkreten Aussagen wie Zitat:
Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.07.2024, 08:53
| #6 | |||||
| | svchost.exe Virus? -> wird geblockt von ESET - Doppelte IP-Adresse im Netzwerk erkannt - PC langsamZitat:
Zitat:
Zitat:
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 13.07.2024
Scan-Zeit: 12:16
Protokolldatei: ead9d8f8-4100-11ef-b801-c8ff28ea5746.json
-Softwaredaten-
Version: 5.1.6.117
Komponentenversion: 1.0.1280
Version des Aktualisierungspakets: 1.0.86782
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.4651)
CPU: x64
Dateisystem: NTFS
Benutzer: LAPTOP-MUPV1BII\Nicholas
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 261185
Erkannte Bedrohungen: 9
In die Quarantäne verschobene Bedrohungen: 9
Abgelaufene Zeit: 3 Min., 6 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 6
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\APPID\Amazon1ButtonBrowserHelper.dll, In Quarantäne, 4537, 468987, 1.0.86782, , ame, , ,
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Amazon1ButtonBrowserHelper.dll, In Quarantäne, 4537, 468987, 1.0.86782, , ame, , ,
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\APPID\Amazon1ButtonRuntime.dll, In Quarantäne, 4537, 468987, 1.0.86782, , ame, , ,
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Amazon1ButtonRuntime.dll, In Quarantäne, 4537, 468987, 1.0.86782, , ame, , ,
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\Amazon1ButtonBrowserHelper.dll, In Quarantäne, 4537, 468987, 1.0.86782, , ame, , ,
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\Amazon1ButtonRuntime.dll, In Quarantäne, 4537, 468987, 1.0.86782, , ame, , ,
Registrierungswert: 2
PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, 7806, -1, 0.0.0, , action, , ,
PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, 7806, -1, 0.0.0, , action, , ,
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 1
PUP.Optional.Amazon1Button.AppFlsh, C:\PROGRAM FILES (X86)\AMAZON\AMAZON1BUTTONAPP, In Quarantäne, 7806, 809559, 1.0.86782, , ame, , ,
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-13-2024
# Duration: 00:00:07
# OS: Windows 10 (Build 19045.4651)
# Scanned: 32101
# Detected: 101
***** [ Services ] *****
PUP.Optional.Amazon1Button Amazon 1Button App Service
***** [ Folders ] *****
Adware.pokki C:\Users\Default\AppData\Local\Host App Service
Adware.pokki C:\Users\Nicholas\AppData\Local\Host App Service
PUP.Optional.AmazonAssistant C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com
PUP.Optional.Booking C:\Program Files\Booking.com
PUP.Optional.Legacy C:\Users\Nicholas\Documents\TotalAV
PUP.Optional.Legacy C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
PUP.Optional.PCProtect C:\ProgramData\SecuritySuite
***** [ Files ] *****
Adware.pokki C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
PUP.Optional.Booking C:\Users\Nicholas\Favorites\Booking.com.url
PUP.Optional.TotalAV C:\Users\Nicholas\Downloads\TOTALAV_SETUP.EXE
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Amazon1Button HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
PUP.Optional.Amazon1Button HKLM\Software\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
PUP.Optional.Amazon1Button HKLM\Software\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
PUP.Optional.Amazon1Button HKLM\Software\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
PUP.Optional.Amazon1Button HKLM\Software\Classes\Installer\Features\F5415905096AA504A9FB967C7A138943
PUP.Optional.Amazon1Button HKLM\Software\Classes\Installer\Products\F5415905096AA504A9FB967C7A138943
PUP.Optional.Amazon1Button HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5095145F-A690-405A-9ABF-69C7A7319834}
PUP.Optional.AmazonAssistant HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{6B7479D5-C493-40F0-99B6-BFC901980034}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{BFF94CF8-2D3B-4B2F-BB83-3600280AFEBA}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.PCProtect HKCU\Software\SSProtect
PUP.Optional.PCProtect HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
PUP.Optional.TotalAV HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\Software\Classes\totalav
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|BacKGround Agent
Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{900E89CC-B16D-4228-8139-B224AFA746DC}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EE516ED-39C8-45CD-9B48-55A1E88E789E}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{900E89CC-B16D-4228-8139-B224AFA746DC}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART
Preinstalled.AcerPortal Folder C:\Program Files (x86)\ACER\ACER PORTAL
Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8B1190E-BC80-4071-A144-73E9EBB868BE}
Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCloud
Preinstalled.AcerPortal Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9216C2AF-98D4-49E2-B7E3-42456D8B2973}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7024BEF-3ED3-4F00-862E-CB8234D4FBF4}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{134D0AD7-410B-4DE6-9CCC-74A203FED35C}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\12 LABOURS OF HERCULES III GIRL POWER
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\HOME MAKEOVER
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH 3
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH SNOWSCAPES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER 1ST FRAME
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\RUNEFALL
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-acer-vegasworld
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-acer-villagersandheroes
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-genres
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-main
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer
Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-13-2024
# Duration: 00:00:07
# OS: Windows 10 (Build 19045.4651)
# Scanned: 32101
# Detected: 101
***** [ Services ] *****
PUP.Optional.Amazon1Button Amazon 1Button App Service
***** [ Folders ] *****
Adware.pokki C:\Users\Default\AppData\Local\Host App Service
Adware.pokki C:\Users\Nicholas\AppData\Local\Host App Service
PUP.Optional.AmazonAssistant C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com
PUP.Optional.Booking C:\Program Files\Booking.com
PUP.Optional.Legacy C:\Users\Nicholas\Documents\TotalAV
PUP.Optional.Legacy C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
PUP.Optional.PCProtect C:\ProgramData\SecuritySuite
***** [ Files ] *****
Adware.pokki C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
PUP.Optional.Booking C:\Users\Nicholas\Favorites\Booking.com.url
PUP.Optional.TotalAV C:\Users\Nicholas\Downloads\TOTALAV_SETUP.EXE
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Amazon1Button HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
PUP.Optional.Amazon1Button HKLM\Software\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
PUP.Optional.Amazon1Button HKLM\Software\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
PUP.Optional.Amazon1Button HKLM\Software\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
PUP.Optional.Amazon1Button HKLM\Software\Classes\Installer\Features\F5415905096AA504A9FB967C7A138943
PUP.Optional.Amazon1Button HKLM\Software\Classes\Installer\Products\F5415905096AA504A9FB967C7A138943
PUP.Optional.Amazon1Button HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5095145F-A690-405A-9ABF-69C7A7319834}
PUP.Optional.AmazonAssistant HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{6B7479D5-C493-40F0-99B6-BFC901980034}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{BFF94CF8-2D3B-4B2F-BB83-3600280AFEBA}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.PCProtect HKCU\Software\SSProtect
PUP.Optional.PCProtect HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
PUP.Optional.TotalAV HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\Software\Classes\totalav
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|BacKGround Agent
Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{900E89CC-B16D-4228-8139-B224AFA746DC}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EE516ED-39C8-45CD-9B48-55A1E88E789E}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{900E89CC-B16D-4228-8139-B224AFA746DC}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART
Preinstalled.AcerPortal Folder C:\Program Files (x86)\ACER\ACER PORTAL
Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8B1190E-BC80-4071-A144-73E9EBB868BE}
Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCloud
Preinstalled.AcerPortal Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9216C2AF-98D4-49E2-B7E3-42456D8B2973}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7024BEF-3ED3-4F00-862E-CB8234D4FBF4}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{134D0AD7-410B-4DE6-9CCC-74A203FED35C}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\12 LABOURS OF HERCULES III GIRL POWER
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\HOME MAKEOVER
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH 3
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH SNOWSCAPES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER 1ST FRAME
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\RUNEFALL
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-acer-vegasworld
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-acer-villagersandheroes
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-genres
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-main
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer
Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Zitat:
Zitat:
|
|
15.07.2024, 17:23
| #7 | |||
| /// Winkelfunktion /// TB-Süch-Tiger™ | svchost.exe Virus? -> wird geblockt von ESET - Doppelte IP-Adresse im Netzwerk erkannt - PC langsamZitat:
Zitat:
Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.07.2024, 22:35
| #8 |
| /// TB-Ausbilder | svchost.exe Virus? -> wird geblockt von ESET - Doppelte IP-Adresse im Netzwerk erkannt - PC langsam Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
|
| Themen zu svchost.exe Virus? -> wird geblockt von ESET - Doppelte IP-Adresse im Netzwerk erkannt - PC langsam |
| anwendungen, eset unbekannte geräte mit gleicher ip, explorer, falsch, frage, hängen, hängt, langsam, löschen, malware, microsoft, namen, netzwerk, netzwerkangriff, neue, nvidia, ordner, passwort, pc langsam, probleme, programme, router, seite, svchost.exe, svchost.exe virus, system, viren, virus, virus? |
Linear-Darstellung
