Trojaner-Board - Virenwarnung durch websvs.co.in

Hallo Cosinus,
danke für Deine Antwort.
Hier die Informationen.

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2023

durchgeführt von Heinz (Administrator) auf HTR (Acer Swift SF316-51) (09-07-2023 18:22:09)

Gestartet von C:\Users\Heinz\Downloads\FRST64.exe

Geladene Profile: Heinz

Plattform: Microsoft Windows 11 Home Version 22H2 22621.1848 (X64) Sprache: Deutsch (Deutschland)

Standard-Browser: FF

Start-Modus: Normal
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe

(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(C:\Program Files\WindowsApps\MicrosoftTeams_23153.2000.2140.6533_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.67\msedgewebview2.exe <13>

(C:\Users\Heinz\Downloads\FRST64.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2112.32.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2>

(DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxEMN.exe

(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe

(Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>

(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <17>

(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe

(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe

(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe

(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>

(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe

(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIServiceN.exe

(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_a5ea1b1d8db1527e\RstMwService.exe

(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a439e07c373809e2\OneApp.IGCC.WinService.exe

(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3a2f90c1eb2e1524\IntelCpHDCPSvc.exe

(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe

(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_e5855ce1805681c2\AS\IAS\IntelAudioService.exe

(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe

(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_e3868713e3d137ef\esif_uf.exe

(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncHelper.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.23.1.21\NortonSecurity.exe <2>

(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.23.1.21\nsWscSvc.exe

(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe <3>

(sihost.exe ->) (EAF76292-FADE-4EAB-A62C-FE5E78661D58 -> ) C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3030.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe

(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe

(svchost.exe ->) (Acer Incorporated -> Microsoft) C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe

(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxextN.exe

(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.StorePurchaseApp_12008.1001.1.0_x64__8wekyb3d8bbwe\StoreExperienceHost.exe

(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe

(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\Heinz\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe [1262512 2021-06-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [558144 2020-12-15] (geek software GmbH -> geek software GmbH)

HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [414432 2023-03-14] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG

HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2605960 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\Run: [MicrosoftEdgeAutoLaunch_D2E8542DDDEBFF636897817371F35F7C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113872 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\MountPoints2: {f4a34dfe-bb98-11ed-b128-3ce9f7e7c169} - "D:\LaunchU3.exe" -a

HKU\S-1-5-18\...\Run: [Norton Download ManagerFORCE_UPGRADE_22_22_9] => C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui /instversion "22.22.9" (Keine Datei)

HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 

HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\Windows\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM\...\Print\Monitors\PDFCreator: C:\Windows\system32\pdfcmnnt.dll [87040 2005-03-12] () [Datei ist nicht signiert]

Startup: C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon MX490 series Printer.lnk [2023-07-09]

ShortcutAndArgument: Canon IJ Status Monitor Canon MX490 series Printer.lnk -> C:\Windows\system32\rundll32.exe => "C:\Users\Heinz\CNMSSC~1.DLL",SMStarterEntryPoint LPT1:;Canon MX490 series Printer;cnmss Canon MX490 series Printer (Local).dll;Canon IJ Status Monitor Canon MX490 series Printer.lnk
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {00C1CB4C-4013-43B4-A3B3-9FA6C674FEE8} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971792 2022-05-20] (Acer Incorporated -> )

Task: {4D17532F-F0E6-4E56-BFF8-751A8A3AF982} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41616 2022-05-20] (Acer Incorporated -> )

Task: {3D79F00C-BA34-4324-917E-112A33C83BF0} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836496 2022-05-20] (Acer Incorporated -> )

Task: {909C9B34-C9A2-473C-8B0F-51228640E5FA} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )

Task: {E8CE6E63-7A79-4A42-8321-F567BBB1FC1A} - System32\Tasks\App Explorer => C:\Users\Heinz\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7574560 2023-03-29] (SweetLabs Inc -> SweetLabs, Inc) <==== ACHTUNG

Task: {549AD1C3-0C12-402B-B7DC-24F57339639E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616792 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {019111CD-26C3-48AB-B951-E18FBB8DE797} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616792 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {6F518B8E-E19F-4421-B62F-53423FA4C853} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {33AB6707-0B8E-4629-B933-4E0E1116BB17} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {27BE13A2-5B5C-4734-AF73-9A8076E81D44} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [164752 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)

Task: {06CC9D5A-BA5A-4B80-B3EA-303FC559B4B4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-06-22] (Mozilla Corporation -> Mozilla Foundation)

Task: {2F3FD616-E12E-4C85-977B-42970DDA6218} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Autofix => C:\Program Files\Norton Security\Engine\22.23.1.21\SymErr.exe [379024 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Task: {9193F4DA-1EF3-4E20-9178-2533D20B882F} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Analyzer => C:\Program Files\Norton Security\Engine\22.23.1.21\SymErr.exe [379024 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Task: {70B969BB-BB44-4B3F-AD4C-FBB21CF22388} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Processor => C:\Program Files\Norton Security\Engine\22.23.1.21\SymErr.exe [379024 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Task: {7F53DE7C-C294-4EF5-9615-FAB4CCF1C911} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.23.1.21\WSCStub.exe [646520 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Task: {42EA0A94-0283-4A4E-A53B-7E2DA4788B76} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )

Task: {4BD30EC5-CA49-4BCF-8018-E788717A3ED2} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-22] (Acer Incorporated -> )

Task: {3D740331-AC06-4F87-A9E9-DB8CDB4B77F8} - System32\Tasks\Oem\xvpnHelperTask => C:\Users\Heinz\AppData\Local\OEM\PromoX\XvpnHelper\XvpnInstaller.exe [70016 2022-10-24] (Acer Incorporated -> )

Task: {6DFEDF3F-03CD-423E-BD87-2C7A997239EA} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

Task: {683D3C7A-270C-4B90-BAD9-8152A9632442} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3774415946-2383157043-3044040638-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

Task: {DCE0376C-794D-41B4-854C-47EB7E1D323F} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [450536 2022-05-24] (Acer Incorporated -> Acer Incorporated)

Task: {C1E04C3A-9069-4AF9-ABC2-1147D4271E23} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Ultra\Upgrade.exe [2353000 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Task: {AD0804EC-04C6-49B8-8587-9DCE94DB8E9E} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-03-01] (Acer Incorporated -> Acer Incorporated)

Task: {A1FC2F21-C369-4A0A-8659-3443CCAE410F} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2021-03-29] (Acer Incorporated -> Microsoft)

Task: {54851851-A4C2-4B12-A1C9-7A801CC8F99E} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [342672 2022-06-01] (Acer Incorporated -> Acer Incorporated)

Task: {F9B3CA6F-4ADB-4D1C-B335-14044044D0F8} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211560 2022-05-17] (Acer Incorporated -> Acer Incorporated)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{9488c15e-b339-44a4-9085-4584ff6f1e23}: [DhcpNameServer] 192.168.2.1
 

Edge: 

=======

Edge DefaultProfile: Default

Edge Profile: C:\Users\Heinz\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-09]

Edge Notifications: Default -> hxxps://websvs.co.in

Edge Extension: (Edge relevant text changes) - C:\Users\Heinz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-25]
 

FireFox:

========

FF DefaultProfile: sk6g5hu0.default

FF ProfilePath: C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\sk6g5hu0.default [2023-02-12]

FF ProfilePath: C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release [2023-07-09]

FF Homepage: Mozilla\Firefox\Profiles\0v7o52re.default-release -> hxxps://www.bing.com/?PC=L621

FF Extension: (Language: Deutsch (German)) - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release\Extensions\langpack-de@firefox.mozilla.org.xpi [2023-06-20]

FF Extension: (uBlock Origin) - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-06-14]

FF Extension: (Add-ons Restricted Domains) - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release\features\{52f9b337-33c7-47e4-8e80-95a05c6630ce}\addons-restricted-domains@mozilla.com.xpi [2023-06-22]

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
 

==================== Dienste (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259216 2022-05-20] (Acer Incorporated -> Acer Incorporated)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11851144 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [210872 2021-03-21] (DTS, Inc. -> DTS Inc.)

S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\elfoService.exe [1283336 2017-06-15] (Bayerisches Landesamt fuer Steuern -> )

R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncHelper.exe [3447176 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_e5855ce1805681c2\\AS\\IAS\\IntelAudioService.exe [539832 ] (Intel Corporation -> Intel)

R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [74464 2023-03-14] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9266864 2023-07-09] (Malwarebytes Inc. -> Malwarebytes)

R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.23.1.21\NortonSecurity.exe [344888 2023-02-02] (NortonLifeLock Inc. -> NortonLifelock Inc.)

R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.23.1.21\nsWscSvc.exe [1059176 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.127.0618.0001\OneDriveUpdaterService.exe [3783048 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

R2 PDF24; C:\Program Files\PDF24\pdf24.exe [558144 2020-12-15] (geek software GmbH -> geek software GmbH)

S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [469992 2022-05-24] (Acer Incorporated -> Acer Incorporated)

R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [508392 2022-05-24] (Acer Incorporated -> Acer Incorporated)

S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [334992 2022-06-01] (Acer Incorporated -> Acer Incorporated)

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-01] (Acer Incorporated -> Acer Incorporated)

S3 AcxHdAudio; C:\Windows\System32\drivers\AcxHdAudio.sys [561152 2023-05-10] (Microsoft Windows -> Microsoft Corporation)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.22.9.11\Definitions\BASHDefs\20230705.001\BHDrvx64.sys [1696736 2023-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2022-07-05] (Microsoft Corporation) [Datei ist nicht signiert]

S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2022-07-05] (Microsoft Corporation) [Datei ist nicht signiert]

S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-07-05] (Microsoft Corporation) [Datei ist nicht signiert]

R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1617010.015\ccSetx64.sys [198280 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2023-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R0 fse; C:\Windows\System32\drivers\fse.sys [218464 2023-02-20] (Microsoft Windows -> Microsoft Corporation)

R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-12] (Intel Corporation -> Intel Corporation)

R3 iaLPSS2_I2C_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_ab87bf17a571e523\iaLPSS2_I2C_TGL.sys [197272 2020-08-12] (Intel Corporation -> Intel Corporation)

S3 iaLPSS2_SPI_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_b6ea3d48ee329530\iaLPSS2_SPI_TGL.sys [155816 2020-08-12] (Intel Corporation -> Intel Corporation)

S3 iaLPSS2_UART2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_1a8e964d43720594\iaLPSS2_UART2_TGL.sys [310440 2020-08-12] (Intel Corporation -> Intel Corporation)

R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1544912 2021-08-29] (Intel Corporation -> Intel Corporation)

R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.22.9.11\Definitions\IPSDefs\20230707.061\IDSvia64.sys [1527816 2023-02-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R3 IntcSDW; C:\Windows\System32\DriverStore\FileRepository\intcsdw.inf_amd64_c447f3ebbd1456bd\IntcSDW.sys [864336 2021-05-17] (Intel Corporation -> Intel(R) Corporation)

R3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_781687200d129207\IntcUSB.sys [1668672 2021-05-17] (Intel Corporation -> Intel(R) Corporation)

R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84880 2020-11-06] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)

R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [233216 2023-07-09] (Malwarebytes Inc. -> Malwarebytes)

R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77752 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181984 2023-07-09] (Malwarebytes Inc. -> Malwarebytes)

S3 nsvst_NGC; C:\Windows\System32\drivers\NGCx64\1617010.015\nsvst.sys [57120 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

S3 rtux64w10; C:\Windows\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-07] (Microsoft Windows -> Realtek Corporation)

R3 SRTSP; C:\Windows\System32\drivers\NGCx64\1617010.015\SRTSP64.SYS [956048 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1617010.015\SRTSPX64.SYS [52872 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1617010.015\SYMEFASI64.SYS [2180248 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1617010.015\SymELAM.sys [36016 2023-02-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100328 2022-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.22.9.11\SymPlatform\SymEvnt.sys [722400 2022-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1617010.015\Ironx64.SYS [306824 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1617010.015\symnets.sys [492728 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2022-10-18] (Microsoft Windows -> )

S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49608 2023-03-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [495896 2023-03-28] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-28] (Microsoft Windows -> Microsoft Corporation)

S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1617010.015\wpCtrlDrv.sys [1016792 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2023-07-09 18:21 - 2023-07-09 18:21 - 000032531 _____ C:\Users\Heinz\Downloads\Addition.txt

2023-07-09 18:20 - 2023-07-09 18:22 - 000028423 _____ C:\Users\Heinz\Downloads\FRST.txt

2023-07-09 18:20 - 2023-07-09 18:22 - 000000000 ____D C:\FRST

2023-07-09 18:18 - 2023-07-09 18:19 - 002383872 _____ (Farbar) C:\Users\Heinz\Downloads\FRST64.exe

2023-07-09 13:40 - 2023-07-09 13:40 - 000000000 ____D C:\Windows\system32\Tasks\Remediation

2023-07-09 13:18 - 2023-07-09 13:18 - 000761564 _____ C:\Windows\system32\perfh007.dat

2023-07-09 13:18 - 2023-07-09 13:18 - 000157732 _____ C:\Windows\system32\perfc007.dat

2023-07-09 13:14 - 2023-07-09 13:14 - 000233216 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys

2023-07-09 13:14 - 2023-07-09 13:14 - 000181984 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys

2023-07-09 13:04 - 2023-07-09 13:15 - 000000000 ____D C:\Users\Heinz\AppData\Local\Malwarebytes

2023-07-09 13:04 - 2023-07-09 13:04 - 000000000 ____D C:\Users\Heinz\AppData\Local\mbam

2023-07-09 13:03 - 2023-07-09 13:03 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk

2023-07-09 13:03 - 2023-07-09 13:03 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2023-07-09 13:03 - 2023-07-09 13:03 - 000000000 ____D C:\ProgramData\Malwarebytes

2023-07-09 13:03 - 2023-07-09 13:03 - 000000000 ____D C:\Program Files\Malwarebytes

2023-07-09 13:00 - 2023-07-09 13:00 - 002649072 _____ (Malwarebytes) C:\Users\Heinz\Downloads\MBSetup.exe

2023-07-09 12:16 - 2023-07-09 12:16 - 000070672 _____ C:\Users\Heinz\Downloads\0907231216.pdf

2023-07-06 18:53 - 2023-07-06 18:59 - 000003788 _____ C:\Users\Heinz\Downloads\1087463459(1).csv

2023-07-05 21:19 - 2023-07-05 21:19 - 000109772 _____ C:\Users\Heinz\Downloads\invoice_nordic-nest_2023-06-02_e590-1.pdf

2023-07-05 21:18 - 2023-07-05 21:18 - 000109769 _____ C:\Users\Heinz\Downloads\invoice_nordic-nest_2023-06-02_e590.pdf

2023-07-05 16:35 - 2023-07-05 16:35 - 000000022 _____ C:\Users\Heinz\Downloads\Anhänge_20230705.zip

2023-07-04 22:46 - 2023-07-04 22:46 - 000020696 _____ C:\Users\Heinz\Downloads\IQQH_holdings.csv

2023-07-04 22:46 - 2023-07-04 22:46 - 000020696 _____ C:\Users\Heinz\Downloads\IQQH_holdings(1).csv

2023-07-04 09:33 - 2023-07-04 09:34 - 000000152 _____ C:\Users\Heinz\Downloads\Anhänge_20230704.zip

2023-07-03 21:26 - 2023-07-03 21:26 - 000200967 _____ C:\Users\Heinz\Downloads\Serienbrief_2058740466_2023-05-24_MKK_fbcff34c-0505-487d-96bf-578a69efd6fe.pdf

2023-07-03 21:23 - 2023-07-03 21:23 - 000028409 _____ C:\Users\Heinz\Downloads\Untitled.pdf

2023-07-03 21:21 - 2023-07-03 21:21 - 000054289 _____ C:\Users\Heinz\Downloads\Kontoauszug_205721067700EUR_2023-06-30_KK_205721067700KD401E05070100501479457.pdf

2023-07-03 18:45 - 2023-07-03 18:45 - 000014234 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230703_184522.csv

2023-07-02 17:53 - 2023-07-02 17:53 - 000002709 _____ C:\Users\Heinz\Downloads\Energiebilanz_2023_06.csv

2023-07-01 14:13 - 2023-07-01 14:13 - 000001688 _____ C:\Users\Heinz\Downloads\1087463459.csv

2023-06-28 07:52 - 2023-06-28 07:52 - 000012100 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230628_075201.csv

2023-06-26 22:26 - 2023-06-26 22:26 - 000342240 _____ C:\Windows\SysWOW64\LxDNT121.dll

2023-06-26 22:26 - 2023-06-26 22:26 - 000233184 _____ C:\Windows\SysWOW64\LXPrnUtil10.dll

2023-06-26 22:26 - 2023-06-26 22:26 - 000161504 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxReportManage.ocx

2023-06-26 22:26 - 2023-06-26 22:26 - 000148192 _____ C:\Windows\SysWOW64\LxDNTvmc121.dll

2023-06-26 22:26 - 2023-06-26 22:26 - 000083680 _____ C:\Windows\SysWOW64\LxDNTvm121.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 004971232 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxXtreme130.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 001262304 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxTool200.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 000220384 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxBasics200.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 000132832 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxMail200.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 000095456 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxPXTree200.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 000093920 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxCI20.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 000080608 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LXCurr200.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 000053472 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxTPSW200.dll

2023-06-25 19:50 - 2023-06-25 19:50 - 000119008 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxUISettingsN200.dll

2023-06-23 15:54 - 2023-06-23 15:54 - 000005623 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230623_155427.csv

2023-06-23 14:02 - 2023-06-23 14:02 - 000326734 _____ C:\Users\Heinz\Downloads\Zusammenfassung Kontowechsel-1.pdf

2023-06-23 12:04 - 2023-06-23 12:04 - 000109029 _____ C:\Users\Heinz\Downloads\Zusammenfassung Kontowechsel.pdf

2023-06-22 11:15 - 2023-06-22 13:28 - 000000000 ____D C:\Program Files\Mozilla Firefox

2023-06-21 12:58 - 2023-06-21 12:58 - 000038918 _____ C:\Users\Heinz\Downloads\DHL-Paketmarke_EZLNSVGND5890_Michael_Grünke.pdf

2023-06-19 20:35 - 2023-06-19 20:38 - 000002554 _____ C:\Users\Heinz\Downloads\Umsatzanzeige_DE80500105170773411765_20230619.csv

2023-06-19 20:24 - 2023-06-19 20:24 - 000263070 _____ C:\Users\Heinz\Downloads\Direkt_Depot_8011141080_Abrechnung_Kauf_LU1861136247_Order_297890447_001_20230616.pdf

2023-06-19 20:23 - 2023-06-19 20:23 - 000263067 _____ C:\Users\Heinz\Downloads\Direkt_Depot_8011141080_Abrechnung_Kauf_IE00BJ0KDQ92_Order_298006742_001_20230616-1.pdf

2023-06-19 20:22 - 2023-06-19 20:22 - 000263067 _____ C:\Users\Heinz\Downloads\Direkt_Depot_8011141080_Abrechnung_Kauf_IE00BJ0KDQ92_Order_298006742_001_20230616.pdf

2023-06-18 12:40 - 2023-06-18 12:40 - 000001426 _____ C:\Users\Heinz\Downloads\watchlist.csv

2023-06-18 09:36 - 2023-06-18 09:36 - 003253492 _____ C:\Users\Heinz\Downloads\Anhänge_20230618.zip

2023-06-16 21:40 - 2023-06-16 21:40 - 004235819 _____ C:\Users\Heinz\Downloads\ubs-etf-visa-stamped-prospectus.pdf

2023-06-16 21:40 - 2023-06-16 21:40 - 000050990 _____ C:\Users\Heinz\Downloads\kiid-LU0950674332-de.pdf

2023-06-15 17:56 - 2023-06-15 17:56 - 000074776 _____ C:\Users\Heinz\Downloads\Synthetische Fondszusammensetzung_Amundi MSCI Europe Small Cap ESG Climate Net Zero Ambition CTB UCITS ETF Acc_LU1681041544_13_06_2023.xlsx

2023-06-15 14:29 - 2023-06-15 14:29 - 000045741 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230615_122925.csv

2023-06-14 18:31 - 2023-06-14 18:31 - 000000000 ___HD C:\$WinREAgent

2023-06-13 10:16 - 2023-06-13 10:16 - 002336953 _____ C:\Users\Heinz\Downloads\Energiedepesche Heft 2 2023.pdf

2023-06-12 20:42 - 2023-06-12 20:42 - 000068055 _____ C:\Users\Heinz\Downloads\SUSW_holdings.csv

2023-06-12 20:27 - 2023-06-12 20:27 - 000032563 _____ C:\Users\Heinz\Downloads\Synthetic Fund Holdings_Lyxor EURO STOXX 50 (DR) UCITS ETF - Daily Hedged to USD - Acc_FR0012399806_08_06_2023.xlsx

2023-06-11 21:24 - 2023-06-11 21:25 - 000039546 _____ C:\Users\Heinz\Downloads\Synthetische Fondszusammensetzung_Lyxor MSCI Future Mobility ESG Filtered (DR) UCITS ETF - Acc_LU2023679090_07_06_2023.xlsx

2023-06-11 21:23 - 2023-06-11 21:23 - 000069944 _____ C:\Users\Heinz\Downloads\Indexaufteilung_Lyxor MSCI Future Mobility ESG Filtered (DR) UCITS ETF_LU2023679090_07_06_2023.xlsx
 

==================== Ein Monat (geänderte) ==================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2023-07-09 18:19 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2023-07-09 18:07 - 2022-10-18 01:57 - 000000000 ____D C:\Windows\system32\SleepStudy

2023-07-09 17:28 - 2023-02-12 15:44 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38

2023-07-09 16:35 - 2023-02-12 14:59 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\Microsoft\Excel

2023-07-09 16:30 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\NDF

2023-07-09 14:32 - 2023-03-11 11:05 - 000000000 ____D C:\Windows\system32\Tasks\Norton Security Ultra

2023-07-09 14:01 - 2023-02-18 17:41 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\Microsoft\Word

2023-07-09 13:18 - 2022-10-18 02:04 - 001754668 _____ C:\Windows\system32\PerfStringBackup.INI

2023-07-09 13:18 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF

2023-07-09 13:15 - 2022-05-07 07:17 - 000032768 _____ C:\Windows\system32\config\ELAM

2023-07-09 13:14 - 2023-02-18 15:42 - 000000000 ____D C:\Program Files\Microsoft OneDrive

2023-07-09 13:14 - 2023-02-12 14:47 - 000000000 ___RD C:\Users\Heinz\OneDrive

2023-07-09 13:14 - 2023-02-12 14:45 - 000000000 __SHD C:\Users\Heinz\IntelGraphicsProfiles

2023-07-09 13:14 - 2022-10-18 01:57 - 000012288 ___SH C:\DumpStack.log.tmp

2023-07-09 13:14 - 2022-10-18 01:57 - 000001623 _____ C:\Windows\system32\config\VSMIDK

2023-07-09 13:14 - 2022-10-18 01:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2023-07-09 13:14 - 2022-10-18 01:57 - 000000000 ___HD C:\Intel

2023-07-09 13:14 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState

2023-07-09 13:14 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness

2023-07-09 13:14 - 2022-05-07 07:17 - 000524288 _____ C:\Windows\system32\config\BBI

2023-07-09 13:05 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp

2023-07-09 13:03 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP

2023-07-09 12:57 - 2023-02-12 14:45 - 000000000 ____D C:\Users\Heinz\AppData\Local\D3DSCache

2023-07-09 11:59 - 2023-02-12 14:27 - 000000000 ____D C:\Users\Heinz\AppData\Local\Host App Service

2023-07-07 19:46 - 2023-02-22 18:24 - 000000000 ____D C:\ProgramData\Lexware

2023-07-07 18:03 - 2023-02-23 12:50 - 000000000 ____D C:\Users\Heinz\AppData\Local\ElevatedDiagnostics

2023-07-07 17:56 - 2023-02-12 14:27 - 000000000 ____D C:\Users\Heinz

2023-07-07 16:16 - 2023-02-12 14:45 - 000000000 ____D C:\Users\Heinz\AppData\Local\Packages

2023-07-07 16:16 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps

2023-07-06 19:30 - 2023-02-12 15:45 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\Microsoft\Office

2023-07-06 18:35 - 2023-02-22 18:29 - 000002247 _____ C:\Users\Public\Desktop\Lexware buchhaltung.lnk

2023-07-06 18:35 - 2023-02-22 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware

2023-07-06 18:35 - 2022-10-18 02:32 - 000000000 ____D C:\ProgramData\Package Cache

2023-07-06 18:28 - 2022-10-18 01:57 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2023-07-06 18:28 - 2022-10-18 01:57 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

2023-07-06 08:41 - 2022-10-18 02:33 - 000000000 ____D C:\Program Files\Microsoft Office

2023-07-06 08:33 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth

2023-07-01 14:49 - 2023-05-29 18:52 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\vlc

2023-07-01 11:38 - 2022-10-18 01:57 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2023-06-29 09:33 - 2023-02-15 21:04 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task

2023-06-29 09:33 - 2023-02-15 21:04 - 000002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2023-06-29 09:33 - 2023-02-12 14:47 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3774415946-2383157043-3044040638-1001

2023-06-22 13:28 - 2022-10-18 02:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2023-06-22 11:22 - 2022-10-18 02:31 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

2023-06-22 11:17 - 2022-10-18 01:57 - 000482200 _____ C:\Windows\system32\FNTCACHE.DAT

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\WUModels

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\UUS

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Dism

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr

2023-06-22 11:17 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing

2023-06-14 18:36 - 2023-02-12 15:51 - 000000000 ____D C:\Windows\system32\MRT

2023-06-14 18:34 - 2023-02-12 15:51 - 170078616 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

2023-06-14 18:34 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp

2023-06-14 18:33 - 2022-10-18 02:02 - 003211776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll

2023-06-14 11:05 - 2023-02-18 17:59 - 000000000 ____D C:\EIGENE DATEIEN
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
 

2023-07-07 17:56 - 2014-09-10 06:00 - 000106496 _____ (CANON INC.) C:\Users\Heinz\cnmss Canon MX490 series Printer (Local).dll
 

==================== SigCheck ============================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

==================== Ende von FRST.txt ========================

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-07-2023

durchgeführt von Heinz (09-07-2023 18:22:52)

Gestartet von C:\Users\Heinz\Downloads

Microsoft Windows 11 Home Version 22H2 22621.1848 (X64) (2023-02-11 16:38:48)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

Administrator (S-1-5-21-3774415946-2383157043-3044040638-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-3774415946-2383157043-3044040638-503 - Limited - Disabled)

Gast (S-1-5-21-3774415946-2383157043-3044040638-501 - Limited - Disabled)

Heinz (S-1-5-21-3774415946-2383157043-3044040638-1001 - Administrator - Enabled) => C:\Users\Heinz

WDAGUtilityAccount (S-1-5-21-3774415946-2383157043-3044040638-504 - Limited - Disabled)
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Norton Security Ultra (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}

FW: Norton Security Ultra (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)

Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)

App Explorer (HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\Host App Service) (Version: 0.273.4.677 - SweetLabs)

Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3046 - Acer Incorporated)

DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)

ElsterFormular (HKLM-x32\...\{80B76B12-92BE-4177-BB7B-070AAEED239B}) (Version: 18.4.1 - Thüringer Landesfinanzdirektion)

ExpressVPN (HKLM-x32\...\{5B1D5290-DC0D-43D1-8220-8BB29BDDA0BE}) (Version: 2.5.22300.30 - Acer)

Lexware buchhalter 2023 (HKLM-x32\...\{2DDAC478-5E03-456F-A534-51E795778EBE}) (Version: 28.07.00.0337 - Haufe-Lexware GmbH & Co.KG) Hidden

Lexware buchhaltung plus 2023 (HKLM-x32\...\{773dbd33-b64b-440a-b530-18bb9c2ef9fb}) (Version: 28.7.0.239 - Haufe-Lexware GmbH & Co. KG)

Lexware EasyArchive 2023 (HKLM-x32\...\{BCCD6706-BDCF-437C-8079-305ED891091A}) (Version: 8.02.00.0171 - Haufe-Lexware GmbH & Co.KG) Hidden

Lexware Elster 2023 (HKLM-x32\...\{57286E5F-1704-4309-846F-852C65F30848}) (Version: 23.03.00.0352 - Haufe-Lexware GmbH & Co.KG) Hidden

Lexware Elster 2023 (HKLM-x32\...\{c375d4c4-b145-49aa-bb65-2dba05fbc847}) (Version: 23.3.0.258 - Haufe-Lexware GmbH & Co. KG)

Lexware FolderPermission 2023 (HKLM-x32\...\{CF7B7E51-2475-4102-934D-C09300DA5E7C}) (Version: 5.02.00.0211 - Haufe-Lexware GmbH & Co.KG) Hidden

Lexware Info Service 2023 (HKLM-x32\...\{D46EC7B4-83EE-436B-8DF2-576C5BD593BC}) (Version: 23.01.00.0200 - Haufe-Lexware GmbH & Co.KG) Hidden

Lexware Installations Dienst 2023 (HKLM-x32\...\{14F7538D-3BE1-4E9A-BA85-C436FB46BB0A}) (Version: 12.01.00.0184 - Haufe-Lexware GmbH & Co.KG) Hidden

Lexware online banking 2023 (HKLM-x32\...\{C9495433-F6BF-4355-8051-756BD8D51682}) (Version: 30.04.00.0223 - Haufe-Lexware GmbH & Co.KG) Hidden

Malwarebytes version 4.5.32.271 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.32.271 - Malwarebytes)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.67 - Microsoft Corporation)

Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.67 - Microsoft Corporation)

Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.16529.20154 - Microsoft Corporation)

Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.127.0618.0001 - Microsoft Corporation)

Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.16529.20154 - Microsoft Corporation)

Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e52a6842-b0ac-476e-b48f-378a97a67346}) (Version: 14.10.25017.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 x64 Additional Runtime - 14.10.25017 (HKLM\...\{E512788E-C50B-3858-A4B9-73AD5F3F9E93}) (Version: 14.10.25017 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.10.25017 (HKLM\...\{8D4F7A6D-6B81-3DC8-9C21-6008E4866727}) (Version: 14.10.25017 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden

Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 114.0.2 (x64 en-US)) (Version: 114.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 101.0 - Mozilla)

Norton Security Ultra (HKLM-x32\...\NGC) (Version: 22.23.1.21 - NortonLifeLock Inc)

Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20154 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20154 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.16529.20154 - Microsoft Corporation) Hidden

PDF24 Creator 10.0.7 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.0.7 - PDF24.org)

PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.9 - Frank Heindörfer, Philip Chinery)

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)

Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3044 - Acer Incorporated)

TAXMAN 2023 (HKLM-x32\...\{C8AF0B55-2410-4F16-81B3-946ABA364FDA}) (Version: 28.28.59 - Haufe-Lexware GmbH & Co.KG)

User Experience Improvement Program Service (HKLM\...\{323EA05D-046D-449D-9D7C-89243C957CCE}) (Version: 5.00.3016 - Acer Incorporated)

VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
 

Packages:

=========

Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3030.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)

Any Word to PDF -> C:\Program Files\WindowsApps\AnywaySoftInc.AnyWordtoPDF_1.2.8.0_x64__0qkrc2qacwvfm [2023-02-21] (AnywaySoft, Inc.)

Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-02-23] (Canon Inc.)

Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3046.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)

DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.9.0_x64__t5j2fzbtdg37r [2023-02-12] (DTS, Inc.)

Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-02-12] (INTEL CORP)

Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corp.)

ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.54.42772.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corporation) [Startup Task]

ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.50332.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corporation)

ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.D3DMappingLayers_1.2201.1.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corporation)

ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2023-02-21] (Microsoft Corporation)

ms-resource:gameName -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.3899848563C1F_1.0.81.0_x64__kx24dqmazqk8j [2023-02-12] (Random Salad Games LLC)

ms-resource:GameTitle -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.12.89.0_x64__kx24dqmazqk8j [2023-02-12] (Random Salad Games LLC)

ms-resource:OEMAppName -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.2.0_x64__xbfy0k16fey96 [2023-02-12] (Dropbox Inc.)

ms-resource:PACKAGE_DISPLAY_NAME -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2023-02-12] (INTEL CORP)

ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt [2023-02-12] (INTEL CORP) [Startup Task]

Norton Security -> C:\Program Files\Norton Security\Engine\22.23.1.21 [2023-07-09] (0)

QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3044.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)

Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2023-02-12] (Realtek Semiconductor Corp)

Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0 [2023-02-12] (Spotify AB) [Startup Task]

User Experience Improvement Program V5 -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgramV_5.0.3016.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

ShellIconOverlayIdentifiers: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.1.21\NavShExt.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.1.21\NavShExt.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-09] (Malwarebytes Inc. -> Malwarebytes)

ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-09] (Malwarebytes Inc. -> Malwarebytes)

ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.1.21\NavShExt.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
 

==================== Codecs (Nicht auf der Ausnahmeliste) ====================
 

==================== Verknüpfungen & WMI ========================
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
 

2023-02-21 21:41 - 2005-03-12 01:07 - 000087040 _____ () [Datei ist nicht signiert] C:\Windows\System32\pdfcmnnt.dll

2022-10-18 02:33 - 2022-10-18 02:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll

2022-10-18 02:33 - 2022-10-18 02:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 

AlternateDataStreams: C:\Users\Heinz\Downloads\FRST64.exe:MBAM.Zone.Identifier [193]
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
 

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
 

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
 

==================== Hosts Inhalt: =========================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 ____N C:\Windows\system32\drivers\etc\hosts
 

==================== Andere Bereiche ===========================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg

DNS Servers: 192.168.2.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

 ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [{23A321A7-6086-4800-A4FE-C8C1AA9DFD4D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{29E56D7E-0E93-416D-B555-B9B90223E456}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{CD877A6B-8840-4A4C-A1BF-151F755CB747}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{E8266791-E65D-44C8-A0D9-98BD180E60BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{19B385ED-EA80-4F4C-A036-750EB663F7AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{13E9812A-2461-4162-B101-F8A03A1EC1FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{2CD333F6-8E4A-4868-8657-1702955FA5F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{722815D3-AC46-4D95-8F4D-444B508247A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{E81B3C14-8FD1-41EB-BBE7-C3792ADA0A2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{A3F2EB9E-CFC8-41AE-BACE-E42BD499EDB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{B6D38968-06AE-4763-A7D0-5F9D07202C99}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{29587350-3534-45AB-8835-E93D3945DEE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{D58D08D9-934D-448B-B525-FAD35196EFB0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{408AEDCC-4E5F-4AE5-BC67-F47EAA741487}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{6AA5E224-2660-476F-AA55-96A52165ABEE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{026EDBE9-1F66-412C-B50D-4BB72AF7B65E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23153.2000.2140.6533_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{76DEA0B3-F267-4B96-830F-422F4AD6E890}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23153.2000.2140.6533_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{63603F86-6232-43E1-A478-77A4E1C4C9F5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
 

==================== Wiederherstellungspunkte =========================
 

ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:475.67 GB) (Free:120.81 GB) (25%)
 

==================== Fehlerhafte Geräte im Gerätemanager ============
 
 

==================== Fehlereinträge in der Ereignisanzeige: ========================
 

Applikationsfehler:

==================

Error: (07/09/2023 06:18:37 PM) (Source: IntelAPO) (EventID: 138) (User: NT-AUTORITÄT)

Description: [1] Intel SST APO (MFX)APO Watchdog -> Out of rythm: time_ms = 439927.98 frames_ms = 439930.00 diff = -2.017600.2
 

Error: (07/09/2023 06:17:23 PM) (Source: IntelAPO) (EventID: 138) (User: NT-AUTORITÄT)

Description: [0] Intel SST APO (DNSMFX)APO Watchdog -> Out of rythm: time_ms = 365467.99 frames_ms = 365470.00 diff = -2.012200.2
 

Error: (07/09/2023 05:54:43 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)

Description: Das Programm ShellExperienceHost.exe Version 10.0.22621.1778 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.
 

Error: (07/09/2023 04:52:59 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )

Description: Event-ID 2
 

Error: (07/09/2023 12:49:46 PM) (Source: Application Error) (EventID: 1000) (User: NT-AUTORITÄT)

Description: Name der fehlerhaften Anwendung: SecurityHealthService.exe, Version: 10.0.22621.1635, Zeitstempel: 0xc9cb2878

Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.22621.608, Zeitstempel: 0xf5fc15a3

Ausnahmecode: 0xc0000409

Fehleroffset: 0x000000000007f61e

ID des fehlerhaften Prozesses: 0x0x2bd4

Startzeit der fehlerhaften Anwendung: 0x0x1d9a4fcca034f81

Pfad der fehlerhaften Anwendung: C:\Windows\system32\SecurityHealthService.exe

Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ucrtbase.dll

Berichtskennung: 92f901b3-25cb-456b-8144-4161492fce0f

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
 

Error: (07/09/2023 11:56:13 AM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)

Description: Event-ID 17
 

Error: (07/08/2023 05:09:39 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )

Description: Event-ID 2
 

Error: (07/07/2023 06:45:55 PM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)

Description: Event-ID 17
 
 

Systemfehler:

=============

Error: (07/09/2023 03:01:24 PM) (Source: DCOM) (EventID: 10010) (User: HTR)

Description: Der Server "{628ACE20-B77A-456F-A88D-547DB6CEEDD5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (07/09/2023 02:42:58 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)

Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (07/09/2023 02:40:30 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)

Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (07/09/2023 02:38:30 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)

Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (07/09/2023 12:49:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Windows-Sicherheitsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (07/09/2023 11:56:14 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )

Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {b8254bba-7337-4c52-8082-cfd4f2424c9b}" ist das Ereignis "74" aufgetreten.
 

Error: (07/09/2023 11:55:48 AM) (Source: DCOM) (EventID: 10010) (User: HTR)

Description: Der Server "{628ACE20-B77A-456F-A88D-547DB6CEEDD5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (07/09/2023 10:16:18 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )

Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {b8254bba-7337-4c52-8082-cfd4f2424c9b}" ist das Ereignis "74" aufgetreten.
 
 

CodeIntegrity:

===============

Date: 2023-07-09 18:08:57

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.23.1.21\symamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements. 
 
 

==================== Speicherinformationen =========================== 
 

BIOS: Insyde Corp. V1.13 07/29/2022

Hauptplatine: TGL Sangria_TL

Prozessor: 11th Gen Intel(R) Core(TM) i7-11370H @ 3.30GHz

Prozentuale Nutzung des RAM: 55%

Installierter physikalischer RAM: 16179.3 MB

Verfügbarer physikalischer RAM: 7276.97 MB

Summe virtueller Speicher: 17203.3 MB

Verfügbarer virtueller Speicher: 7148.46 MB
 

==================== Laufwerke ================================
 

Drive c: (Acer) (Fixed) (Total:475.67 GB) (Free:120.83 GB) (Model: NVMe WDC PC SN530 SDBPNPZ-512G-1114) NTFS
 

\\?\Volume{e5535db4-9f3e-4daf-b9fc-c030b385aa2a}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.48 GB) NTFS

\\?\Volume{4ec376b2-6c66-463a-9c97-2fd0a3877093}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
 

==================== MBR & Partitionstabelle ====================
 

==================== Ende von Addition.txt =======================

Code:

Kategorie: Scanergebnisse

Datum/Uhrzeit,Risiko,Aktivität,Status,Scandauer (T:S:M:S),Insgesamt gescannte Elemente,Dateien und Verzeichnisse,Registrierungseinträge,Prozesse und Startobjekte,Netzwerk- und Browserelemente,Andere,Vertrauenswürdige Dateien,Übersprungene Dateien,Insgesamt erkannte Sicherheitsrisiken,Insgesamt behobene Sicherheitsrisiken,"Sicherkeitsrisiken insgesamt, die ein Eingreifen erfordern",Sicherheitsrisiko,Sicherheitsrisiko behoben

09.07.2023 14:27:02,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,12.607,7.898,654,3.338,604,113,808,78,0,0,0,,

,,,,,,,,,,,,,,,,,,

09.07.2023 12:46:48,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,12.566,7.877,652,3.313,611,113,793,78,0,0,0,,

09.07.2023 11:55:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:17,12.453,7.871,652,3.206,611,113,789,76,0,0,0,,

08.07.2023 17:09:38,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:03:33,14.533,8.547,652,4.610,611,113,1.411,0,0,0,0,,

05.07.2023 12:22:46,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:31:07,12.516,7.880,652,3.267,604,113,802,0,0,0,0,,

02.07.2023 22:18:40,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:26:06,12.496,7.881,652,3.246,604,113,804,0,0,0,0,,

30.06.2023 17:43:25,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:42,12.501,7.879,652,3.253,604,113,803,0,0,0,0,,

29.06.2023 21:01:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:39,12.513,7.884,656,3.256,604,113,807,0,0,0,0,,

29.06.2023 19:34:46,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,12.551,7.887,656,3.291,604,113,809,0,0,0,0,,

29.06.2023 19:10:24,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,12.536,7.884,656,3.279,604,113,807,0,0,0,0,,

28.06.2023 18:00:35,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:37,12.546,7.887,652,3.290,604,113,807,0,0,0,0,,

23.06.2023 19:48:59,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:05,12.310,7.761,652,3.173,611,113,784,71,0,0,0,,

23.06.2023 15:04:27,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:41,12.422,7.779,652,3.274,604,113,800,0,0,0,0,,

23.06.2023 12:24:16,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:39,12.414,7.781,652,3.264,604,113,749,0,0,0,0,,

22.06.2023 18:52:23,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:44,12.418,7.780,652,3.269,604,113,748,0,0,0,0,,

20.06.2023 18:34:05,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:38,12.222,7.599,652,3.254,604,113,806,0,0,0,0,,

20.06.2023 17:30:24,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:41,12.174,7.597,652,3.208,604,113,802,0,0,0,0,,

18.06.2023 21:46:01,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:36,12.267,7.627,652,3.271,604,113,932,67,0,0,0,,

14.06.2023 19:21:50,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:21:07,11.944,7.291,652,3.284,604,113,810,0,0,0,0,,

12.06.2023 21:11:37,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:39,11.818,7.204,652,3.245,604,113,807,0,0,0,0,,

12.06.2023 18:48:19,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:18:09,11.819,7.203,652,3.247,604,113,805,0,0,0,0,,

09.06.2023 21:17:35,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:11:16,11.838,7.153,652,3.316,604,113,807,0,0,0,0,,

09.06.2023 12:01:13,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:03:37,11.763,7.234,652,3.153,611,113,832,26,0,0,0,,

09.06.2023 10:07:14,Infos,Schnellscan - Ergebnisse,Abgebrochen,0:00:00:28,1.657,447,0,1.210,0,0,417,0,0,0,0,,

08.06.2023 12:25:53,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:22:09,11.824,7.152,652,3.303,604,113,805,0,0,0,0,,

08.06.2023 09:26:17,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:39:37,11.722,7.232,652,3.121,604,113,837,60,0,0,0,,

07.06.2023 12:18:04,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,11.827,7.141,652,3.317,604,113,812,0,0,0,0,,

05.06.2023 12:03:07,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:41,11.902,7.146,654,3.385,604,113,817,0,0,0,0,,

04.06.2023 17:39:36,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:36,11.808,7.136,652,3.303,604,113,806,0,0,0,0,,

01.06.2023 18:12:34,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:49,11.776,7.122,652,3.285,604,113,810,0,0,0,0,,

31.05.2023 19:59:39,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:51,11.752,7.119,652,3.264,604,113,807,0,0,0,0,,

29.05.2023 21:28:20,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,11.810,7.124,654,3.315,604,113,812,0,0,0,0,,

28.05.2023 19:44:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:41,11.536,7.087,646,3.086,604,113,775,57,0,0,0,,

28.05.2023 14:36:58,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:39,11.761,7.118,646,3.280,604,113,735,0,0,0,0,,

25.05.2023 18:29:43,Infos,Schnellscan - Ergebnisse,Abgebrochen,0:00:00:16,3.598,939,610,1.922,14,113,802,135,0,0,0,,

25.05.2023 14:07:18,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:15:11,11.653,7.115,644,3.177,604,113,726,3,0,0,0,,

24.05.2023 19:00:09,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:41,11.854,7.217,648,3.272,604,113,898,0,0,0,0,,

23.05.2023 10:51:03,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:11:09,11.778,7.118,644,3.299,604,113,845,0,0,0,0,,

21.05.2023 20:29:30,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:39,11.773,7.120,644,3.292,604,113,847,0,0,0,0,,

20.05.2023 18:39:30,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:48,11.865,7.214,648,3.286,604,113,887,0,0,0,0,,

11.05.2023 17:56:44,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:17:05,11.688,7.112,644,3.215,604,113,841,0,0,0,0,,

11.05.2023 16:22:15,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:34,11.527,7.081,644,3.078,611,113,811,28,0,0,0,,

11.05.2023 16:18:20,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:08:50,11.803,7.170,644,3.272,604,113,900,0,0,0,0,,

10.05.2023 22:37:22,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:21:15,11.767,7.122,644,3.284,604,113,850,0,0,0,0,,

09.05.2023 17:29:48,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:19:12,11.728,7.117,644,3.250,604,113,845,0,0,0,0,,

09.05.2023 11:09:43,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:33,11.807,7.208,644,3.238,604,113,888,0,0,0,0,,

06.05.2023 17:08:41,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:32,11.740,7.120,644,3.259,604,113,848,0,0,0,0,,

06.05.2023 17:05:27,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:35,12.024,7.251,644,3.412,604,113,976,0,0,0,0,,

02.05.2023 21:39:04,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:38,11.770,7.120,644,3.289,604,113,848,0,0,0,0,,

29.04.2023 14:22:33,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:36,11.628,7.100,655,3.156,604,113,828,0,0,0,0,,

28.04.2023 10:37:58,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:13:02,11.503,7.078,655,3.053,604,113,809,19,0,0,0,,

27.04.2023 09:43:00,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:34,11.893,7.207,659,3.303,611,113,933,24,0,0,0,,

27.04.2023 09:41:21,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:15,11.812,7.267,655,3.173,604,113,948,6,0,0,0,,

24.04.2023 09:59:06,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:29,11.662,7.110,655,3.180,604,113,839,0,0,0,0,,

21.04.2023 10:23:00,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:36,11.677,7.112,655,3.193,604,113,840,0,0,0,0,,

21.04.2023 01:06:00,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:02:45,10.869,6.892,655,2.605,604,113,818,0,0,0,0,,

21.04.2023 00:05:02,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:10:41,10.875,6.893,655,2.610,604,113,815,0,0,0,0,,

19.04.2023 20:53:31,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:35,11.770,7.118,655,3.280,604,113,834,0,0,0,0,,

17.04.2023 21:15:17,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:41,11.703,7.115,655,3.216,604,113,831,0,0,0,0,,

17.04.2023 17:39:31,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,11.681,7.117,655,3.192,604,113,785,0,0,0,0,,

17.04.2023 12:16:27,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:44,12.096,7.249,655,3.475,604,113,962,0,0,0,0,,

12.04.2023 22:31:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,11.791,7.117,655,3.302,604,113,830,0,0,0,0,,

12.04.2023 22:30:10,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:39,11.566,7.078,655,3.116,604,113,785,51,0,0,0,,

12.04.2023 21:48:06,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:25,11.946,7.211,655,3.356,611,113,919,42,0,0,0,,

09.04.2023 17:34:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:42,11.594,7.097,657,3.123,604,113,812,0,0,0,0,,

08.04.2023 19:37:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:25:43,11.772,7.117,655,3.283,604,113,831,0,0,0,0,,

07.04.2023 20:15:02,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:45,11.592,7.081,655,3.139,604,113,797,34,0,0,0,,

07.04.2023 11:53:00,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,11.802,7.114,654,3.317,604,113,829,0,0,0,0,,

07.04.2023 11:51:50,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,11.820,7.117,654,3.332,604,113,831,0,0,0,0,,

06.04.2023 19:55:16,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:38,11.809,7.115,654,3.323,604,113,829,0,0,0,0,,

06.04.2023 19:53:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:33,11.922,7.208,654,3.343,604,113,875,0,0,0,0,,

01.04.2023 17:43:48,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,11.975,7.182,658,3.418,604,113,896,0,0,0,0,,

29.03.2023 15:37:34,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:54,11.659,7.172,654,3.109,611,113,889,42,0,0,0,,

29.03.2023 15:22:18,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,11.800,7.119,654,3.310,604,113,834,0,0,0,0,,

27.03.2023 19:31:59,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:50,11.767,7.120,656,3.273,604,114,835,0,0,0,0,,

27.03.2023 16:59:33,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:25:02,11.691,7.146,656,3.171,604,114,863,36,0,0,0,,

24.03.2023 18:22:54,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:14:29,11.818,7.120,656,3.324,604,114,835,0,0,0,0,,

24.03.2023 11:32:45,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:06:22,11.744,7.119,656,3.251,604,114,833,0,0,0,0,,

23.03.2023 12:41:56,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:19:25,11.616,7.088,658,3.152,604,114,803,18,0,0,0,,

19.03.2023 22:09:53,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:42,11.783,7.101,656,3.308,604,114,803,0,0,0,0,,

16.03.2023 17:32:24,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:01:07:11,11.868,7.102,678,3.370,604,114,805,0,0,0,0,,

16.03.2023 15:14:50,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:38,11.819,7.102,678,3.321,604,114,800,0,0,0,0,,

15.03.2023 10:07:36,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,11.734,7.096,674,3.246,604,114,830,0,0,0,0,,

10.03.2023 09:56:01,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,11.720,7.095,674,3.234,604,113,836,0,0,0,0,,

09.03.2023 17:47:26,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:15:59,11.860,7.102,674,3.367,604,113,843,0,0,0,0,,

08.03.2023 20:01:38,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,11.794,7.102,677,3.298,604,113,837,0,0,0,0,,

06.03.2023 22:35:54,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:41,11.754,7.094,673,3.270,604,113,835,0,0,0,0,,

21.02.2023 17:24:28,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:37,11.517,7.066,627,3.106,604,114,819,0,0,0,0,,

21.02.2023 10:57:15,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:13:58,11.629,7.077,627,3.207,604,114,787,7,0,0,0,,

19.02.2023 17:54:29,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:25:20,11.572,7.075,627,3.152,604,114,830,0,0,0,0,,

18.02.2023 19:38:58,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:24,11.558,7.079,627,3.135,604,113,585,138,1,1,0,1,1

12.02.2023 14:13:41,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:52,11.493,7.090,548,3.136,606,113,117,1,0,0,0,,

Code:

Malwarebytes

www.malwarebytes.com
 

-Protokolldetails-

Scan-Datum: 09.07.23

Scan-Zeit: 13:05

Protokolldatei: 7be94982-1e48-11ee-81a8-3ce9f7e7c169.json
 

-Softwaredaten-

Version: 4.5.32.271

Komponentenversion: 1.0.2051

Version des Aktualisierungspakets: 1.0.72137

Lizenz: Testversion
 

-Systemdaten-

Betriebssystem: Windows 11 (Build 22621.1848)

CPU: x64

Dateisystem: NTFS

Benutzer: HTR\Heinz
 

-Scan-Übersicht-

Scan-Typ: Bedrohungs-Scan

Scan gestartet von: Manuell

Ergebnis: Abgeschlossen

Gescannte Objekte: 256787

Erkannte Bedrohungen: 5

In die Quarantäne verschobene Bedrohungen: 5

Abgelaufene Zeit: 1 Min., 10 Sek.
 

-Scan-Optionen-

Speicher: Aktiviert

Start: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristik: Aktiviert

PUP: Erkennung

PUM: Erkennung
 

-Scan-Details-

Prozess: 0

(keine bösartigen Elemente erkannt)
 

Modul: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsschlüssel: 0

(keine bösartigen Elemente erkannt)
 

Registrierungswert: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsdaten: 0

(keine bösartigen Elemente erkannt)
 

Daten-Stream: 0

(keine bösartigen Elemente erkannt)
 

Ordner: 0

(keine bösartigen Elemente erkannt)
 

Datei: 5

PUP.Optional.ChipDe, C:\$RECYCLE.BIN\S-1-5-21-3774415946-2383157043-3044040638-1001\$RCTOCQ7.EXE, In Quarantäne, 6894, 562568, 1.0.72137, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B

PUP.Optional.ChipDe, C:\$RECYCLE.BIN\S-1-5-21-3774415946-2383157043-3044040638-1001\$R15EP0T.EXE, In Quarantäne, 6894, 562568, 1.0.72137, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B

PUP.Optional.ChipDe, C:\$RECYCLE.BIN\S-1-5-21-3774415946-2383157043-3044040638-1001\$R5I0XUC.EXE, In Quarantäne, 6894, 562568, 1.0.72137, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B

PUP.Optional.ChipDe, C:\$RECYCLE.BIN\S-1-5-21-3774415946-2383157043-3044040638-1001\$RFEKN51.EXE, In Quarantäne, 6894, 562568, 1.0.72137, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B

PUP.Optional.ChipDe, C:\$RECYCLE.BIN\S-1-5-21-3774415946-2383157043-3044040638-1001\$RG0P0T5.EXE, In Quarantäne, 6894, 562568, 1.0.72137, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B
 

Physischer Sektor: 0

(keine bösartigen Elemente erkannt)
 

WMI: 0

(keine bösartigen Elemente erkannt)
 
 

(end)

Viele Grüße und vielen Dank im Voraus!

Heinrich

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2023

durchgeführt von Heinz (Administrator) auf HTR (Acer Swift SF316-51) (15-07-2023 17:26:26)

Gestartet von C:\Users\Heinz\Downloads\FRST64.exe

Geladene Profile: Heinz

Plattform: Microsoft Windows 11 Home Version 22H2 22621.1992 (X64) Sprache: Deutsch (Deutschland)

Standard-Browser: FF

Start-Modus: Normal
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(C:\Users\Heinz\Downloads\adwcleaner.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2112.32.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe

(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Users\Heinz\Downloads\adwcleaner.exe

(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>

(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe

(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe

(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe

(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_e3868713e3d137ef\esif_uf.exe

(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.23.4.6\NortonSecurity.exe <2>

(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.23.4.6\nsWscSvc.exe

(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe <2>

(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe

(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftTeams_23167.1300.2174.9186_x64__8wekyb3d8bbwe\msteamsupdate.exe <2>

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe [1262512 2021-06-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [558144 2020-12-15] (geek software GmbH -> geek software GmbH)

HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [414432 2023-03-14] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG

HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2607536 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\Run: [MicrosoftEdgeAutoLaunch_D2E8542DDDEBFF636897817371F35F7C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\MountPoints2: {f4a34dfe-bb98-11ed-b128-3ce9f7e7c169} - "D:\LaunchU3.exe" -a

HKU\S-1-5-18\...\Run: [Norton Download ManagerFORCE_UPGRADE_22_22_9] => C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui /instversion "22.22.9" (Keine Datei)

HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 

HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\Windows\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM\...\Print\Monitors\PDFCreator: C:\Windows\system32\pdfcmnnt.dll [87040 2005-03-12] () [Datei ist nicht signiert]

Startup: C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon MX490 series Printer.lnk [2023-07-15]

ShortcutAndArgument: Canon IJ Status Monitor Canon MX490 series Printer.lnk -> C:\Windows\system32\rundll32.exe => "C:\Users\Heinz\CNMSSC~1.DLL",SMStarterEntryPoint LPT1:;Canon MX490 series Printer;cnmss Canon MX490 series Printer (Local).dll;Canon IJ Status Monitor Canon MX490 series Printer.lnk
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {00C1CB4C-4013-43B4-A3B3-9FA6C674FEE8} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe  -auto (Keine Datei)

Task: {909C9B34-C9A2-473C-8B0F-51228640E5FA} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )

Task: {549AD1C3-0C12-402B-B7DC-24F57339639E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616792 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {019111CD-26C3-48AB-B951-E18FBB8DE797} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616792 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {6F518B8E-E19F-4421-B62F-53423FA4C853} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {33AB6707-0B8E-4629-B933-4E0E1116BB17} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {27BE13A2-5B5C-4734-AF73-9A8076E81D44} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [164752 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)

Task: {06CC9D5A-BA5A-4B80-B3EA-303FC559B4B4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-13] (Mozilla Corporation -> Mozilla Foundation)

Task: {336A7833-DF39-4E36-982B-97EF45CBD033} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Autofix => C:\Program Files\Norton Security\Engine\22.23.4.6\SymErr.exe [379024 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Task: {D5D6C19E-8FCA-4AD9-9FDD-B06976572C12} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Analyzer => C:\Program Files\Norton Security\Engine\22.23.4.6\SymErr.exe [379024 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Task: {BBB51FD1-34EE-4174-9E39-EED426600D89} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Processor => C:\Program Files\Norton Security\Engine\22.23.4.6\SymErr.exe [379024 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Task: {9C1075EE-481C-4A63-BDFD-B9BD19F5CAD3} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.23.4.6\WSCStub.exe [646520 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Task: {42EA0A94-0283-4A4E-A53B-7E2DA4788B76} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe"  /default (Keine Datei)

Task: {4BD30EC5-CA49-4BCF-8018-E788717A3ED2} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-22] (Acer Incorporated -> )

Task: {3D740331-AC06-4F87-A9E9-DB8CDB4B77F8} - System32\Tasks\Oem\xvpnHelperTask => C:\Users\Heinz\AppData\Local\OEM\PromoX\XvpnHelper\XvpnInstaller.exe [70016 2022-10-24] (Acer Incorporated -> )

Task: {51F86D31-F53E-40AB-94BA-8A003CB43D66} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125616 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

Task: {683D3C7A-270C-4B90-BAD9-8152A9632442} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3774415946-2383157043-3044040638-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125616 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

Task: {C8E98854-C93E-4404-A9CF-6D9D521CE9C3} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Ultra\Upgrade.exe [2353000 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

Task: {AD0804EC-04C6-49B8-8587-9DCE94DB8E9E} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-03-01] (Acer Incorporated -> Acer Incorporated)

Task: {A1FC2F21-C369-4A0A-8659-3443CCAE410F} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2021-03-29] (Acer Incorporated -> Microsoft)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{9488c15e-b339-44a4-9085-4584ff6f1e23}: [DhcpNameServer] 192.168.2.1
 

Edge: 

=======

Edge DefaultProfile: Default

Edge Profile: C:\Users\Heinz\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-15]

Edge Notifications: Default -> hxxps://websvs.co.in

Edge Extension: (Edge relevant text changes) - C:\Users\Heinz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-25]
 

FireFox:

========

FF DefaultProfile: sk6g5hu0.default

FF ProfilePath: C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\sk6g5hu0.default [2023-02-12]

FF ProfilePath: C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release [2023-07-15]

FF Homepage: Mozilla\Firefox\Profiles\0v7o52re.default-release -> hxxps://www.bing.com/?PC=L621

FF Extension: (Language: Deutsch (German)) - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release\Extensions\langpack-de@firefox.mozilla.org.xpi [2023-07-13]

FF Extension: (uBlock Origin) - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-06-14]

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
 

==================== Dienste (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11851144 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

S2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [210872 2021-03-21] (DTS, Inc. -> DTS Inc.)

S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\elfoService.exe [1283336 2017-06-15] (Bayerisches Landesamt fuer Steuern -> )

S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncHelper.exe [3447712 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

S2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_e5855ce1805681c2\\AS\\IAS\\IntelAudioService.exe [539832 ] (Intel Corporation -> Intel)

R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [74464 2023-03-14] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9266864 2023-07-09] (Malwarebytes Inc. -> Malwarebytes)

R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.23.4.6\NortonSecurity.exe [344888 2023-05-10] (NortonLifeLock Inc. -> NortonLifelock Inc.)

R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.23.4.6\nsWscSvc.exe [1059176 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.137.0702.0001\OneDriveUpdaterService.exe [3783584 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

R2 PDF24; C:\Program Files\PDF24\pdf24.exe [558144 2020-12-15] (geek software GmbH -> geek software GmbH)

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)

S2 ACCSvc; "C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe" [X]

S3 QALSvc; "C:\Program Files\Acer\Quick Access Service\QALSvc.exe" [X]

S3 QASvc; "C:\Program Files\Acer\Quick Access Service\QASvc.exe" [X]

S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe" [X]
 

===================== Treiber (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-01] (Acer Incorporated -> Acer Incorporated)

S3 AcxHdAudio; C:\Windows\System32\drivers\AcxHdAudio.sys [561152 2023-07-09] (Microsoft Windows -> Microsoft Corporation)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.22.9.11\Definitions\BASHDefs\20230713.001\BHDrvx64.sys [1696736 2023-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2022-07-05] (Microsoft Corporation) [Datei ist nicht signiert]

S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2022-07-05] (Microsoft Corporation) [Datei ist nicht signiert]

S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-07-05] (Microsoft Corporation) [Datei ist nicht signiert]

R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1617040.006\ccSetx64.sys [198280 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2023-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R0 fse; C:\Windows\System32\drivers\fse.sys [218464 2023-02-20] (Microsoft Windows -> Microsoft Corporation)

R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-12] (Intel Corporation -> Intel Corporation)

R3 iaLPSS2_I2C_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_ab87bf17a571e523\iaLPSS2_I2C_TGL.sys [197272 2020-08-12] (Intel Corporation -> Intel Corporation)

S3 iaLPSS2_SPI_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_b6ea3d48ee329530\iaLPSS2_SPI_TGL.sys [155816 2020-08-12] (Intel Corporation -> Intel Corporation)

S3 iaLPSS2_UART2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_1a8e964d43720594\iaLPSS2_UART2_TGL.sys [310440 2020-08-12] (Intel Corporation -> Intel Corporation)

R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1544912 2021-08-29] (Intel Corporation -> Intel Corporation)

R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.22.9.11\Definitions\IPSDefs\20230714.062\IDSvia64.sys [1527816 2023-02-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R3 IntcSDW; C:\Windows\System32\DriverStore\FileRepository\intcsdw.inf_amd64_c447f3ebbd1456bd\IntcSDW.sys [864336 2021-05-17] (Intel Corporation -> Intel(R) Corporation)

R3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_781687200d129207\IntcUSB.sys [1668672 2021-05-17] (Intel Corporation -> Intel(R) Corporation)

R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84880 2020-11-06] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)

R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [233216 2023-07-15] (Malwarebytes Inc. -> Malwarebytes)

R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77752 2023-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181984 2023-07-15] (Malwarebytes Inc. -> Malwarebytes)

S3 nsvst_NGC; C:\Windows\System32\drivers\NGCx64\1617040.006\nsvst.sys [57120 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

S3 rtux64w10; C:\Windows\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-07] (Microsoft Windows -> Realtek Corporation)

R3 SRTSP; C:\Windows\System32\drivers\NGCx64\1617040.006\SRTSP64.SYS [956048 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1617040.006\SRTSPX64.SYS [52872 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1617040.006\SYMEFASI64.SYS [2180248 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1617040.006\SymELAM.sys [36016 2023-05-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100328 2022-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.22.9.11\SymPlatform\SymEvnt.sys [722400 2022-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1617040.006\Ironx64.SYS [306824 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1617040.006\symnets.sys [492728 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)

S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2022-10-18] (Microsoft Windows -> )

S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49608 2023-03-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [495896 2023-03-28] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-28] (Microsoft Windows -> Microsoft Corporation)

S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1617040.006\wpCtrlDrv.sys [1016792 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2023-07-15 17:26 - 2023-07-15 17:26 - 000000000 ____D C:\Users\Heinz\Downloads\FRST-OlderVersion

2023-07-15 12:32 - 2023-07-15 12:32 - 000000000 ____D C:\Windows\system32\Tasks\Remediation

2023-07-15 11:27 - 2023-07-15 16:57 - 000000000 ____D C:\Windows\system32\Tasks\Norton Security Ultra

2023-07-15 11:27 - 2023-07-15 11:27 - 000761564 _____ C:\Windows\system32\perfh007.dat

2023-07-15 11:27 - 2023-07-15 11:27 - 000157732 _____ C:\Windows\system32\perfc007.dat

2023-07-15 11:21 - 2023-07-15 11:21 - 000233216 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys

2023-07-15 11:21 - 2023-07-15 11:21 - 000181984 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys

2023-07-15 11:20 - 2023-07-15 11:20 - 000003374 _____ C:\Windows\system32\Tasks\Norton WSC Integration

2023-07-15 11:20 - 2023-07-15 11:20 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security

2023-07-15 10:54 - 2023-07-15 10:54 - 000033719 _____ C:\Users\Heinz\Downloads\DHL-Paketmarke_AAMABHYL4HN80_Martin_Vahlbruch.pdf

2023-07-14 17:49 - 2023-07-14 17:49 - 000025005 _____ C:\Users\Heinz\Downloads\Fund_Holdings_INV_LU2365458145_de.xlsx

2023-07-13 20:25 - 2023-07-13 20:25 - 000026656 _____ C:\Users\Heinz\Downloads\Persoenliche_Nachricht_20230713-1.pdf

2023-07-13 20:23 - 2023-07-13 20:23 - 000026179 _____ C:\Users\Heinz\Downloads\Persoenliche_Nachricht_20230713.pdf

2023-07-13 11:00 - 2023-07-13 11:00 - 000141661 _____ C:\Users\Heinz\Downloads\23RN133484.PDF

2023-07-11 10:50 - 2023-07-11 10:50 - 000030457 _____ C:\Users\Heinz\Downloads\2023-05-05__Rechnung_0661748496.pdf

2023-07-10 20:55 - 2023-07-10 20:55 - 000004506 _____ C:\Users\Heinz\Downloads\1087463459(2).csv

2023-07-10 20:27 - 2023-07-10 20:27 - 000030455 _____ C:\Users\Heinz\Downloads\2023-03-06__Rechnung_0661453991.pdf

2023-07-10 20:27 - 2023-07-10 20:27 - 000030455 _____ C:\Users\Heinz\Downloads\2023-01-05__Rechnung_0661106309.pdf

2023-07-10 20:25 - 2023-07-10 20:25 - 000030455 _____ C:\Users\Heinz\Downloads\2023-04-05__Rechnung_0661606912.pdf

2023-07-10 18:42 - 2023-07-10 18:44 - 000000000 ____D C:\AdwCleaner

2023-07-10 18:39 - 2023-07-10 18:42 - 008791352 _____ (Malwarebytes) C:\Users\Heinz\Downloads\adwcleaner.exe

2023-07-09 18:50 - 2023-07-09 18:50 - 000002616 _____ C:\Users\Heinz\Desktop\Scan-Ergebnisse Malwarebytes.txt

2023-07-09 18:41 - 2023-07-09 18:41 - 000023426 _____ C:\Users\Heinz\Desktop\Scanergebnisse.txt

2023-07-09 18:21 - 2023-07-09 18:23 - 000032531 _____ C:\Users\Heinz\Downloads\Addition.txt

2023-07-09 18:20 - 2023-07-15 17:26 - 000023343 _____ C:\Users\Heinz\Downloads\FRST.txt

2023-07-09 18:20 - 2023-07-15 17:26 - 000000000 ____D C:\FRST

2023-07-09 18:18 - 2023-07-15 17:26 - 002384384 _____ (Farbar) C:\Users\Heinz\Downloads\FRST64.exe

2023-07-09 13:04 - 2023-07-15 11:22 - 000000000 ____D C:\Users\Heinz\AppData\Local\Malwarebytes

2023-07-09 13:04 - 2023-07-09 13:04 - 000000000 ____D C:\Users\Heinz\AppData\Local\mbam

2023-07-09 13:03 - 2023-07-09 13:03 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk

2023-07-09 13:03 - 2023-07-09 13:03 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2023-07-09 13:03 - 2023-07-09 13:03 - 000000000 ____D C:\ProgramData\Malwarebytes

2023-07-09 13:03 - 2023-07-09 13:03 - 000000000 ____D C:\Program Files\Malwarebytes

2023-07-09 13:00 - 2023-07-09 13:00 - 002649072 _____ (Malwarebytes) C:\Users\Heinz\Downloads\MBSetup.exe

2023-07-09 12:16 - 2023-07-09 12:16 - 000070672 _____ C:\Users\Heinz\Downloads\0907231216.pdf

2023-07-06 18:53 - 2023-07-06 18:59 - 000003788 _____ C:\Users\Heinz\Downloads\1087463459(1).csv

2023-07-05 21:19 - 2023-07-05 21:19 - 000109772 _____ C:\Users\Heinz\Downloads\invoice_nordic-nest_2023-06-02_e590-1.pdf

2023-07-05 21:18 - 2023-07-05 21:18 - 000109769 _____ C:\Users\Heinz\Downloads\invoice_nordic-nest_2023-06-02_e590.pdf

2023-07-04 22:46 - 2023-07-04 22:46 - 000020696 _____ C:\Users\Heinz\Downloads\IQQH_holdings.csv

2023-07-04 22:46 - 2023-07-04 22:46 - 000020696 _____ C:\Users\Heinz\Downloads\IQQH_holdings(1).csv

2023-07-03 21:26 - 2023-07-03 21:26 - 000200967 _____ C:\Users\Heinz\Downloads\Serienbrief_2058740466_2023-05-24_MKK_fbcff34c-0505-487d-96bf-578a69efd6fe.pdf

2023-07-03 21:23 - 2023-07-03 21:23 - 000028409 _____ C:\Users\Heinz\Downloads\Untitled.pdf

2023-07-03 21:21 - 2023-07-03 21:21 - 000054289 _____ C:\Users\Heinz\Downloads\Kontoauszug_205721067700EUR_2023-06-30_KK_205721067700KD401E05070100501479457.pdf

2023-07-03 18:45 - 2023-07-03 18:45 - 000014234 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230703_184522.csv

2023-07-02 17:53 - 2023-07-02 17:53 - 000002709 _____ C:\Users\Heinz\Downloads\Energiebilanz_2023_06.csv

2023-07-01 14:13 - 2023-07-01 14:13 - 000001688 _____ C:\Users\Heinz\Downloads\1087463459.csv

2023-06-28 07:52 - 2023-06-28 07:52 - 000012100 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230628_075201.csv

2023-06-26 22:26 - 2023-06-26 22:26 - 000342240 _____ C:\Windows\SysWOW64\LxDNT121.dll

2023-06-26 22:26 - 2023-06-26 22:26 - 000233184 _____ C:\Windows\SysWOW64\LXPrnUtil10.dll

2023-06-26 22:26 - 2023-06-26 22:26 - 000161504 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxReportManage.ocx

2023-06-26 22:26 - 2023-06-26 22:26 - 000148192 _____ C:\Windows\SysWOW64\LxDNTvmc121.dll

2023-06-26 22:26 - 2023-06-26 22:26 - 000083680 _____ C:\Windows\SysWOW64\LxDNTvm121.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 004971232 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxXtreme130.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 001262304 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxTool200.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 000220384 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxBasics200.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 000132832 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxMail200.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 000095456 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxPXTree200.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 000093920 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxCI20.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 000080608 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LXCurr200.dll

2023-06-26 20:35 - 2023-06-26 20:35 - 000053472 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxTPSW200.dll

2023-06-25 19:50 - 2023-06-25 19:50 - 000119008 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxUISettingsN200.dll

2023-06-23 15:54 - 2023-06-23 15:54 - 000005623 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230623_155427.csv

2023-06-23 14:02 - 2023-06-23 14:02 - 000326734 _____ C:\Users\Heinz\Downloads\Zusammenfassung Kontowechsel-1.pdf

2023-06-23 12:04 - 2023-06-23 12:04 - 000109029 _____ C:\Users\Heinz\Downloads\Zusammenfassung Kontowechsel.pdf

2023-06-22 11:15 - 2023-07-15 11:19 - 000000000 ____D C:\Program Files\Mozilla Firefox

2023-06-21 12:58 - 2023-06-21 12:58 - 000038918 _____ C:\Users\Heinz\Downloads\DHL-Paketmarke_EZLNSVGND5890_Michael_Grünke.pdf

2023-06-19 20:35 - 2023-06-19 20:38 - 000002554 _____ C:\Users\Heinz\Downloads\Umsatzanzeige_DE80500105170773411765_20230619.csv

2023-06-19 20:24 - 2023-06-19 20:24 - 000263070 _____ C:\Users\Heinz\Downloads\Direkt_Depot_8011141080_Abrechnung_Kauf_LU1861136247_Order_297890447_001_20230616.pdf

2023-06-19 20:23 - 2023-06-19 20:23 - 000263067 _____ C:\Users\Heinz\Downloads\Direkt_Depot_8011141080_Abrechnung_Kauf_IE00BJ0KDQ92_Order_298006742_001_20230616-1.pdf

2023-06-19 20:22 - 2023-06-19 20:22 - 000263067 _____ C:\Users\Heinz\Downloads\Direkt_Depot_8011141080_Abrechnung_Kauf_IE00BJ0KDQ92_Order_298006742_001_20230616.pdf

2023-06-18 12:40 - 2023-06-18 12:40 - 000001426 _____ C:\Users\Heinz\Downloads\watchlist.csv

2023-06-16 21:40 - 2023-06-16 21:40 - 004235819 _____ C:\Users\Heinz\Downloads\ubs-etf-visa-stamped-prospectus.pdf

2023-06-16 21:40 - 2023-06-16 21:40 - 000050990 _____ C:\Users\Heinz\Downloads\kiid-LU0950674332-de.pdf

2023-06-15 17:56 - 2023-06-15 17:56 - 000074776 _____ C:\Users\Heinz\Downloads\Synthetische Fondszusammensetzung_Amundi MSCI Europe Small Cap ESG Climate Net Zero Ambition CTB UCITS ETF Acc_LU1681041544_13_06_2023.xlsx

2023-06-15 14:29 - 2023-06-15 14:29 - 000045741 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230615_122925.csv
 

==================== Ein Monat (geänderte) ==================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2023-07-15 17:23 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2023-07-15 17:21 - 2022-10-18 01:57 - 000000000 ____D C:\Windows\system32\SleepStudy

2023-07-15 14:31 - 2023-02-12 15:44 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38

2023-07-15 14:20 - 2022-10-18 02:30 - 000000000 ____D C:\Program Files (x86)\Acer

2023-07-15 12:58 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp

2023-07-15 12:32 - 2023-02-17 21:12 - 000000000 ____D C:\Program Files\Common Files\AV

2023-07-15 11:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness

2023-07-15 11:27 - 2022-10-18 02:04 - 001754668 _____ C:\Windows\system32\PerfStringBackup.INI

2023-07-15 11:27 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF

2023-07-15 11:25 - 2023-02-12 14:45 - 000000000 ____D C:\Users\Heinz\AppData\Local\Packages

2023-07-15 11:25 - 2023-02-11 18:38 - 000000000 ____D C:\ProgramData\Packages

2023-07-15 11:25 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps

2023-07-15 11:22 - 2023-02-12 14:47 - 000000000 ___RD C:\Users\Heinz\OneDrive

2023-07-15 11:21 - 2023-02-12 14:45 - 000000000 __SHD C:\Users\Heinz\IntelGraphicsProfiles

2023-07-15 11:21 - 2022-10-18 01:57 - 000012288 ___SH C:\DumpStack.log.tmp

2023-07-15 11:21 - 2022-10-18 01:57 - 000001623 _____ C:\Windows\system32\config\VSMIDK

2023-07-15 11:21 - 2022-10-18 01:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2023-07-15 11:21 - 2022-10-18 01:57 - 000000000 ___HD C:\Intel

2023-07-15 11:21 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState

2023-07-15 11:20 - 2022-10-18 02:35 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64

2023-07-15 11:20 - 2022-10-18 01:57 - 000483120 _____ C:\Windows\system32\FNTCACHE.DAT

2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\UUS

2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\setup

2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources

2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm

2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\setup

2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates

2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr

2023-07-15 11:20 - 2022-05-07 07:17 - 000524288 _____ C:\Windows\system32\config\BBI

2023-07-15 11:19 - 2023-02-18 15:42 - 000000000 ____D C:\Program Files\Microsoft OneDrive

2023-07-15 11:19 - 2022-10-18 02:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2023-07-15 11:18 - 2022-10-18 02:32 - 000000000 ____D C:\Program Files\Acer

2023-07-15 11:18 - 2022-10-18 02:30 - 000000000 ____D C:\ProgramData\Acer

2023-07-15 10:50 - 2022-10-18 01:57 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2023-07-14 22:14 - 2023-02-12 14:45 - 000000000 ____D C:\Users\Heinz\AppData\Local\D3DSCache

2023-07-14 22:10 - 2023-02-12 14:59 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\Microsoft\Excel

2023-07-14 21:15 - 2023-02-12 15:45 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\Microsoft\Office

2023-07-14 17:28 - 2023-02-18 17:41 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\Microsoft\Word

2023-07-14 17:03 - 2023-02-12 16:11 - 000000000 ____D C:\Users\Heinz\AppData\Local\CrashDumps

2023-07-13 11:23 - 2023-02-15 21:04 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task

2023-07-13 11:23 - 2023-02-15 21:04 - 000002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2023-07-13 11:23 - 2023-02-12 14:47 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3774415946-2383157043-3044040638-1001

2023-07-13 10:53 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp

2023-07-13 10:51 - 2023-02-12 15:51 - 000000000 ____D C:\Windows\system32\MRT

2023-07-13 10:48 - 2023-02-12 15:51 - 173351160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

2023-07-13 09:58 - 2022-10-18 02:31 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

2023-07-12 21:09 - 2023-02-22 18:24 - 000000000 ____D C:\ProgramData\Lexware

2023-07-09 19:18 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel

2023-07-09 19:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe

2023-07-09 19:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\migwiz

2023-07-09 19:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\DDFs

2023-07-09 19:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\appraiser

2023-07-09 19:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents

2023-07-09 19:08 - 2022-10-18 02:02 - 003211776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll

2023-07-09 16:30 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\NDF

2023-07-09 13:15 - 2022-05-07 07:17 - 000032768 _____ C:\Windows\system32\config\ELAM

2023-07-09 13:03 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP

2023-07-07 18:03 - 2023-02-23 12:50 - 000000000 ____D C:\Users\Heinz\AppData\Local\ElevatedDiagnostics

2023-07-07 17:56 - 2023-02-12 14:27 - 000000000 ____D C:\Users\Heinz

2023-07-06 18:35 - 2023-02-22 18:29 - 000002247 _____ C:\Users\Public\Desktop\Lexware buchhaltung.lnk

2023-07-06 18:35 - 2023-02-22 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware

2023-07-06 18:35 - 2022-10-18 02:32 - 000000000 ____D C:\ProgramData\Package Cache

2023-07-06 18:28 - 2022-10-18 01:57 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2023-07-06 18:28 - 2022-10-18 01:57 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

2023-07-06 08:41 - 2022-10-18 02:33 - 000000000 ____D C:\Program Files\Microsoft Office

2023-07-06 08:33 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth

2023-07-01 14:49 - 2023-05-29 18:52 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\vlc

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\WUModels

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Dism

2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences

2023-06-22 11:17 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
 

2023-07-07 17:56 - 2014-09-10 06:00 - 000106496 _____ (CANON INC.) C:\Users\Heinz\cnmss Canon MX490 series Printer (Local).dll
 

==================== SigCheck ============================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

==================== Ende von FRST.txt ========================

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-07-2023

durchgeführt von Heinz (15-07-2023 17:27:15)

Gestartet von C:\Users\Heinz\Downloads

Microsoft Windows 11 Home Version 22H2 22621.1992 (X64) (2023-02-11 16:38:48)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

Administrator (S-1-5-21-3774415946-2383157043-3044040638-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-3774415946-2383157043-3044040638-503 - Limited - Disabled)

Gast (S-1-5-21-3774415946-2383157043-3044040638-501 - Limited - Disabled)

Heinz (S-1-5-21-3774415946-2383157043-3044040638-1001 - Administrator - Enabled) => C:\Users\Heinz

WDAGUtilityAccount (S-1-5-21-3774415946-2383157043-3044040638-504 - Limited - Disabled)
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Norton Security Ultra (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}

FW: Norton Security Ultra (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)

Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)

DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)

ElsterFormular (HKLM-x32\...\{80B76B12-92BE-4177-BB7B-070AAEED239B}) (Version: 18.4.1 - Thüringer Landesfinanzdirektion)

ExpressVPN (HKLM-x32\...\{5B1D5290-DC0D-43D1-8220-8BB29BDDA0BE}) (Version: 2.5.22300.30 - Acer)

Lexware buchhalter 2023 (HKLM-x32\...\{2DDAC478-5E03-456F-A534-51E795778EBE}) (Version: 28.07.00.0337 - Haufe-Lexware GmbH & Co.KG) Hidden

Lexware buchhaltung plus 2023 (HKLM-x32\...\{773dbd33-b64b-440a-b530-18bb9c2ef9fb}) (Version: 28.7.0.239 - Haufe-Lexware GmbH & Co. KG)

Lexware EasyArchive 2023 (HKLM-x32\...\{BCCD6706-BDCF-437C-8079-305ED891091A}) (Version: 8.02.00.0171 - Haufe-Lexware GmbH & Co.KG) Hidden

Lexware Elster 2023 (HKLM-x32\...\{57286E5F-1704-4309-846F-852C65F30848}) (Version: 23.03.00.0352 - Haufe-Lexware GmbH & Co.KG) Hidden

Lexware Elster 2023 (HKLM-x32\...\{c375d4c4-b145-49aa-bb65-2dba05fbc847}) (Version: 23.3.0.258 - Haufe-Lexware GmbH & Co. KG)

Lexware FolderPermission 2023 (HKLM-x32\...\{CF7B7E51-2475-4102-934D-C09300DA5E7C}) (Version: 5.02.00.0211 - Haufe-Lexware GmbH & Co.KG) Hidden

Lexware Info Service 2023 (HKLM-x32\...\{D46EC7B4-83EE-436B-8DF2-576C5BD593BC}) (Version: 23.01.00.0200 - Haufe-Lexware GmbH & Co.KG) Hidden

Lexware Installations Dienst 2023 (HKLM-x32\...\{14F7538D-3BE1-4E9A-BA85-C436FB46BB0A}) (Version: 12.01.00.0184 - Haufe-Lexware GmbH & Co.KG) Hidden

Lexware online banking 2023 (HKLM-x32\...\{C9495433-F6BF-4355-8051-756BD8D51682}) (Version: 30.04.00.0223 - Haufe-Lexware GmbH & Co.KG) Hidden

Malwarebytes version 4.5.32.271 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.32.271 - Malwarebytes)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.82 - Microsoft Corporation)

Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.79 - Microsoft Corporation)

Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.16529.20154 - Microsoft Corporation)

Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.137.0702.0001 - Microsoft Corporation)

Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.16529.20154 - Microsoft Corporation)

Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e52a6842-b0ac-476e-b48f-378a97a67346}) (Version: 14.10.25017.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 x64 Additional Runtime - 14.10.25017 (HKLM\...\{E512788E-C50B-3858-A4B9-73AD5F3F9E93}) (Version: 14.10.25017 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.10.25017 (HKLM\...\{8D4F7A6D-6B81-3DC8-9C21-6008E4866727}) (Version: 14.10.25017 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden

Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 115.0.2 (x64 en-US)) (Version: 115.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 101.0 - Mozilla)

Norton Security Ultra (HKLM-x32\...\NGC) (Version: 22.23.4.6 - NortonLifeLock Inc)

Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20154 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20154 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.16529.20154 - Microsoft Corporation) Hidden

PDF24 Creator 10.0.7 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.0.7 - PDF24.org)

PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.9 - Frank Heindörfer, Philip Chinery)

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)

TAXMAN 2023 (HKLM-x32\...\{C8AF0B55-2410-4F16-81B3-946ABA364FDA}) (Version: 28.28.59 - Haufe-Lexware GmbH & Co.KG)

User Experience Improvement Program Service (HKLM\...\{323EA05D-046D-449D-9D7C-89243C957CCE}) (Version: 5.00.3016 - Acer Incorporated)

VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
 

Packages:

=========

Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3030.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)

Any Word to PDF -> C:\Program Files\WindowsApps\AnywaySoftInc.AnyWordtoPDF_1.2.8.0_x64__0qkrc2qacwvfm [2023-02-21] (AnywaySoft, Inc.)

Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-02-23] (Canon Inc.)

Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3046.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)

DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.9.0_x64__t5j2fzbtdg37r [2023-02-12] (DTS, Inc.)

Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-02-12] (INTEL CORP)

Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corp.)

ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.50332.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corporation)

ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.D3DMappingLayers_1.2201.1.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corporation)

ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2023-02-21] (Microsoft Corporation)

ms-resource:gameName -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.3899848563C1F_1.0.81.0_x64__kx24dqmazqk8j [2023-02-12] (Random Salad Games LLC)

ms-resource:GameTitle -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.12.89.0_x64__kx24dqmazqk8j [2023-02-12] (Random Salad Games LLC)

ms-resource:OEMAppName -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.2.0_x64__xbfy0k16fey96 [2023-02-12] (Dropbox Inc.)

ms-resource:PACKAGE_DISPLAY_NAME -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2023-02-12] (INTEL CORP)

ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt [2023-02-12] (INTEL CORP) [Startup Task]

Norton Security -> C:\Program Files\Norton Security\Engine\22.23.4.6 [2023-07-15] (NortonLifeLock Inc.)

QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3044.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)

Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2023-02-12] (Realtek Semiconductor Corp)

Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0 [2023-02-12] (Spotify AB) [Startup Task]

User Experience Improvement Program V5 -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgramV_5.0.3016.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

ShellIconOverlayIdentifiers: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.4.6\NavShExt.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.4.6\NavShExt.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-09] (Malwarebytes Inc. -> Malwarebytes)

ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-09] (Malwarebytes Inc. -> Malwarebytes)

ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.4.6\NavShExt.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
 

==================== Codecs (Nicht auf der Ausnahmeliste) ====================
 

==================== Verknüpfungen & WMI ========================
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
 

2023-02-21 21:41 - 2005-03-12 01:07 - 000087040 _____ () [Datei ist nicht signiert] C:\Windows\System32\pdfcmnnt.dll

2022-10-18 02:33 - 2022-10-18 02:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll

2022-10-18 02:33 - 2022-10-18 02:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 

AlternateDataStreams: C:\Users\Heinz\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [141]
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
 

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
 

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
 

==================== Hosts Inhalt: =========================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 ____N C:\Windows\system32\drivers\etc\hosts
 

==================== Andere Bereiche ===========================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg

DNS Servers: 192.168.2.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

 ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

HKLM\...\StartupApproved\Run32: => "LexwareInfoService"

HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D2E8542DDDEBFF636897817371F35F7C"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [{23A321A7-6086-4800-A4FE-C8C1AA9DFD4D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{29E56D7E-0E93-416D-B555-B9B90223E456}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{CD877A6B-8840-4A4C-A1BF-151F755CB747}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{E8266791-E65D-44C8-A0D9-98BD180E60BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{19B385ED-EA80-4F4C-A036-750EB663F7AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{13E9812A-2461-4162-B101-F8A03A1EC1FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{2CD333F6-8E4A-4868-8657-1702955FA5F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{722815D3-AC46-4D95-8F4D-444B508247A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{E81B3C14-8FD1-41EB-BBE7-C3792ADA0A2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{A3F2EB9E-CFC8-41AE-BACE-E42BD499EDB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

FirewallRules: [{B6D38968-06AE-4763-A7D0-5F9D07202C99}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{29587350-3534-45AB-8835-E93D3945DEE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{D58D08D9-934D-448B-B525-FAD35196EFB0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{408AEDCC-4E5F-4AE5-BC67-F47EAA741487}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{6AA5E224-2660-476F-AA55-96A52165ABEE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{A1886E52-EE37-4D10-97FC-5C5B1F503AE5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.79\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{A1929428-C8CE-4F1B-834A-C84A257342C8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23167.1300.2174.9186_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{EBFC7126-919A-4246-937B-7D6F501D9C3A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23167.1300.2174.9186_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
 

==================== Wiederherstellungspunkte =========================
 

ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:475.67 GB) (Free:118.69 GB) (25%)
 

==================== Fehlerhafte Geräte im Gerätemanager ============
 
 

==================== Fehlereinträge in der Ereignisanzeige: ========================
 

Applikationsfehler:

==================

Error: (07/15/2023 05:23:45 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )

Description: Event-ID 2
 

Error: (07/14/2023 07:25:06 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)

Description: Das Programm Microsoft.Photos.exe Version 21.21030.25003.0 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.
 

Error: (07/14/2023 05:09:22 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )

Description: Event-ID 2
 

Error: (07/14/2023 05:03:53 PM) (Source: Application Error) (EventID: 1000) (User: HTR)

Description: Name der fehlerhaften Anwendung: GameBar.exe, Version: 0.0.0.0, Zeitstempel: 0x623b79fe

Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.22621.1928, Zeitstempel: 0x0fee6cd5

Ausnahmecode: 0xc000027b

Fehleroffset: 0x00000000000c07f3

ID des fehlerhaften Prozesses: 0x0x21b0

Startzeit der fehlerhaften Anwendung: 0x0x1d9b66466bb763d

Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.622.3232.0_x64__8wekyb3d8bbwe\GameBar.exe

Pfad des fehlerhaften Moduls: C:\Windows\System32\twinapi.appcore.dll

Berichtskennung: 3a58373d-069d-4d64-9557-8565af5f5e29

Vollständiger Name des fehlerhaften Pakets: Microsoft.XboxGamingOverlay_2.622.3232.0_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
 

Error: (07/14/2023 05:03:21 PM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)

Description: Event-ID 17
 

Error: (07/13/2023 07:52:41 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )

Description: Event-ID 2
 

Error: (07/13/2023 07:46:40 PM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)

Description: Event-ID 17
 

Error: (07/13/2023 09:20:20 AM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)

Description: Event-ID 17
 
 

Systemfehler:

=============

Error: (07/15/2023 02:20:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Microsoft Office Click-to-Run Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (07/15/2023 02:20:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Lexware Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (07/15/2023 02:20:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "FileSyncHelper" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (07/15/2023 02:20:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "PDF24" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (07/15/2023 02:20:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Realtek Audio Universal Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (07/15/2023 02:20:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "Intel(R) Audio Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (07/15/2023 02:20:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "Intel(R) Content Protection HDCP Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (07/15/2023 02:20:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "Intel(R) Graphics Command Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
 

CodeIntegrity:

===============

Date: 2023-07-15 17:25:17

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.23.4.6\symamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements. 
 

Date: 2023-07-15 17:21:56

Description: 

Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.23.4.6\symamsi.dll that did not meet the Windows signing level requirements. 
 
 

==================== Speicherinformationen =========================== 
 

BIOS: Insyde Corp. V1.13 07/29/2022

Hauptplatine: TGL Sangria_TL

Prozessor: 11th Gen Intel(R) Core(TM) i7-11370H @ 3.30GHz

Prozentuale Nutzung des RAM: 39%

Installierter physikalischer RAM: 16179.3 MB

Verfügbarer physikalischer RAM: 9741.84 MB

Summe virtueller Speicher: 17203.3 MB

Verfügbarer virtueller Speicher: 10670.61 MB
 

==================== Laufwerke ================================
 

Drive c: (Acer) (Fixed) (Total:475.67 GB) (Free:118.69 GB) (Model: NVMe WDC PC SN530 SDBPNPZ-512G-1114) NTFS
 

\\?\Volume{e5535db4-9f3e-4daf-b9fc-c030b385aa2a}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.42 GB) NTFS

\\?\Volume{4ec376b2-6c66-463a-9c97-2fd0a3877093}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
 

==================== MBR & Partitionstabelle ====================
 

==========================================================

Disk: 0 (Size: 476.9 GB) (Disk ID: E75A8308)
 

Partition: GPT.
 

==================== Ende von Addition.txt =======================