Windows 10 Home, Internetseite lässt sich nicht öffnen, Warnung Vodafone über Schadsoftware Hallo, ich habe seit Gestern ein Problem, es lässt sich eine bestimmte Internetseite nicht mehr öffnen, Magix.com (Videobearbeitung). Als ich mich später mit dem Handy über WLAN einloggte, kam die Fehlermeldung von Vodafone, dass 1 Gerät im WLAN mit Schadsoftware infiziert sei. Außerdem wollte ich über Whatsapp web einen Link zu meinem Server (Synology) teilen, den Link hat es in der Zwischenablage wohl irgendwie abgeändert. Leider kann ich nicht mehr sagen zu was, ich habe den abgeänderten dann sofort gelöscht, bevor jemand darauf klickt. Hier die Logs:
Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
durchgeführt von Stefan (Administrator) auf DESKTOP-VFO2AEV (Dell Inc. Inspiron 7566) (22-04-2021 12:30:05)
Gestartet von C:\Users\Stefan\Downloads
Geladene Profile: defaultuser0 & Stefan
Platform: Windows 10 Home Version 2004 19041.928 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CyberGhost S.R.L. -> CyberGhost S.A.) C:\Program Files\CyberGhost 7\CyberGhost.exe
(CyberGhost S.R.L. -> CyberGhost S.A.) C:\Program Files\CyberGhost 7\CyberGhost.Service.exe
(CyberGhost SRL -> CyberGhost S.A.) C:\Program Files\CyberGhost Pro\CyberGhost.Service.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\120.4.4598\QtWebEngineProcess.exe <3>
(EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(geek software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe <2>
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.925_none_e76d4f6f260a683e\TiWorker.exe
(Movavi Software Limited -> ) C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\RouterApplication.exe
(Movavi Software Limited -> Movavi) C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\AgentInformer.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <7>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_ed2d6589d1176ab4\Display.NvContainer\NVDisplay.Container.exe <2>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(Synology Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8852512 2016-09-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1852352 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117472 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [927152 2016-08-07] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3191728 2017-06-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-12] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 7\CyberGhost.exe [1049680 2020-08-11] (CyberGhost S.R.L. -> CyberGhost S.A.)
HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\Run: [movavi_suite_agent] => C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21\AgentInformer.exe [942720 2021-04-20] (Movavi Software Limited -> Movavi)
HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\MountPoints2: {37ac156b-a111-11eb-9f95-18dbf2028a86} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\MountPoints2: {e5c4a365-5c0b-11eb-9f8f-18dbf2028a86} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2452734210-2858773296-2644968050-1001\...\MountPoints2: {e5c4a413-5c0b-11eb-9f8f-18dbf2028a86} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\Windows\system32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2019-05-23]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2016-11-29]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2018-06-28]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {073D291B-05A6-4048-ACBF-32E446113548} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1468952 2016-09-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {0A246A0D-A23E-4262-B251-F7852F884A26} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114056 2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {10C618B1-0A79-40B2-86FB-658942C5E421} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {1CE94ECB-0658-4646-9317-34724E475569} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {28CC8A35-97F3-4974-B28E-7A95170BE4B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-15] (Google Inc -> Google Inc.)
Task: {2B53BBFE-D4DC-4D0B-8A11-EB627A7CD576} - System32\Tasks\DropboxUpdateTaskMachineUA1d5582862b8dec2 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3E10725C-ABF0-4E49-A551-B0F2741A6190} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [781248 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B81CC16-F99B-4A3E-A5EF-AFB6F2CE0D31} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.)
Task: {557A0892-EB64-4B13-9ECD-C8903C88C195} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-21] (Mozilla Corporation -> Mozilla Foundation)
Task: {557E9060-9000-4C9E-93AA-2455C60F403F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114056 2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E53F36E-3A61-4112-B751-296808ED7E14} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F47CE85-659B-42A1-BE36-1E9AFCCC3C8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002744 2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {628859AB-D77C-4761-BD15-6FF4FD423ADD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-15] (Google Inc -> Google Inc.)
Task: {68DA2C8F-1B2C-43FB-9485-70244B921BD1} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Stefan\Downloads\esetonlinescanner_deu.exe
Task: {6A49499E-1AEF-4167-8372-2A52104CA948} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4686560 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
Task: {7691B482-49A2-401C-8520-303E0BB30716} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [628672 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7D02BAF0-761A-4297-9F32-DCFB1B15BFA9} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {86D78224-79AA-45FB-BDE5-1F04AC9543EE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8C1CA715-2B90-429F-A337-D7DF6F018F05} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {91BE7826-B27A-42D3-99BE-D6D26A01FE52} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AD6CCEEA-CE2A-42E5-A222-6CF76DFBF5C6} - System32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0xc) => C:\Users\Stefan\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.21.8519\pcvisit_client.exe [7261128 2017-11-29] (pcvisit software ag -> pcvisit Software ag)
Task: {B34C07BE-5358-4D24-BA6C-D5E1399E9A4C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002744 2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {C16C7135-EED6-4CA7-A79C-C362713323E1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [628672 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D05D070E-068C-439B-925C-E95B198F5817} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {DC5F3C88-0DF6-43E6-AE90-D608896B291F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Stefan\Downloads\esetonlinescanner_deu.exe
Task: {EB49F337-D9A4-46F7-A462-2C0A7EBC6E18} - System32\Tasks\DropboxUpdateTaskMachineCore1d5582862b00140 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EC1D870E-7CE4-4894-BE88-A12DB5D5BBD6} - System32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0x8) => C:\Users\Stefan\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.21.8519\pcvisit_client.exe [7261128 2017-11-29] (pcvisit software ag -> pcvisit Software ag)
Task: {F4942EA3-1891-4F29-ABE6-17941FACA44C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [704960 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F74F1F01-DB88-47AC-AD5E-6ADED034DC8E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [704960 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F9BCE553-D5ED-4C0F-87FD-5F8A5F5EC7D5} - System32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0x1f) => C:\Users\Stefan\AppData\Local\pcvisit Software AG\caloa\pcvisit.Support.guest.15\release\15.0.21.8519\pcvisit_client.exe [7261128 2017-11-29] (pcvisit software ag -> pcvisit Software ag)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d5582862b00140.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d5582862b8dec2.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{16c5c495-ad99-11e6-9eee-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{3e86762d-5a21-4ad4-8cd0-963753a460b1}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{3e86762d-5a21-4ad4-8cd0-963753a460b1}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{a07588bc-0728-46c3-879f-4fb4b13b8ec5}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{a07588bc-0728-46c3-879f-4fb4b13b8ec5}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e13994ee-cc85-42e7-b291-64a215e97c8a}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{e95313d7-942e-405d-85e2-31cc32f5afc0}: [DhcpNameServer] 10.101.0.243
Tcpip\..\Interfaces\{f1822e7e-d17d-4e3e-bd78-eff19c60e77f}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f1822e7e-d17d-4e3e-bd78-eff19c60e77f}: [DhcpNameServer] 192.168.2.1
Edge:
=======
DownloadDir: C:\Users\Stefan\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\Stefan\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-22]
FireFox:
========
FF DefaultProfile: xz8conbd.default
FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default [2021-04-22]
FF Homepage: Mozilla\Firefox\Profiles\xz8conbd.default -> hxxps://www.wieistmeineip.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\xz8conbd.default -> backup.ftp", "190.248.158.194"
FF Notifications: Mozilla\Firefox\Profiles\xz8conbd.default -> hxxps://web.whatsapp.com; hxxp://192.168.2.15:8083; hxxps://www.shoop.de; hxxp://192.168.2.15:8899; hxxp://192.168.2.15:9090; hxxp://192.168.2.15:8096; hxxps://emby.media
FF Extension: (Kee - Password Manager) - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default\Extensions\keefox@chris.tomlinson.xpi [2021-04-10]
FF Extension: (Shoop Cashback & Gutscheine) - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default\Extensions\lisa@qipu.de.xpi [2021-04-16]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29]
FF Extension: (NZBLinker) - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\xz8conbd.default\Extensions\{def38e25-28fb-4662-ad6d-bfa415dfd06b}.xpi [2021-01-01]
FF Extension: (Picture-In-Picture) - C:\Program Files (x86)\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi [2021-04-21] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-11-13] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\dtplugin\npDeployJava1.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\plugin2\npjp2.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2016-09-20] (Adobe Systems, Inc.) [Datei ist nicht signiert]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.) [Datei ist nicht signiert]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-14] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default [2021-04-20]
CHR StartupUrls: Default -> "chrome://apps/","hxxps://www.ledgerwallet.com/apps"
CHR Extension: (Präsentationen) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-15]
CHR Extension: (Docs) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-15]
CHR Extension: (Google Drive) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-15]
CHR Extension: (Ledger Manager) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2020-09-15]
CHR Extension: (YouTube) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-15]
CHR Extension: (Tabellen) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-15]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-04-09]
CHR Extension: (Google Docs Offline) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-20]
CHR Extension: (Avast Online Security) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-03-15]
CHR Extension: (Ledger Wallet Ethereum) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcgeadkkm [2019-04-18]
CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2020-09-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-16]
CHR Extension: (Google Mail) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-15]
CHR Extension: (Chrome Media Router) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-15]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7888408 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [623216 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [353504 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56920 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 CG6Service; C:\Program Files\CyberGhost Pro\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost SRL -> CyberGhost S.A.)
R2 CG7Service; C:\Program Files\CyberGhost 7\CyberGhost.Service.exe [89168 2020-08-11] (CyberGhost S.R.L. -> CyberGhost S.A.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788392 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-04-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-01-14] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> )
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> )
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [Datei ist nicht signiert]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [Datei ist nicht signiert]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2020-09-15] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [956760 2020-11-13] (McAfee, LLC -> McAfee, LLC)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-11] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2018-05-11] (Synology Inc. -> ) [Datei ist nicht signiert]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem"
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService"
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_ed2d6589d1176ab4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_ed2d6589d1176ab4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35680 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-01] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524416 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [27896 2021-04-22] (WDKTestCert Amit_K_Tiwari,132158070448517957 -> )
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
S0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-15] (Malwarebytes Inc -> Malwarebytes)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-18] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-18] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-04-22 12:31 - 2021-04-22 12:31 - 000217608 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-22 12:30 - 2021-04-22 12:30 - 000037450 _____ C:\Users\Stefan\Downloads\FRST.txt
2021-04-22 12:29 - 2021-04-22 12:30 - 000000000 ____D C:\FRST
2021-04-22 12:29 - 2021-04-22 12:29 - 002298368 _____ (Farbar) C:\Users\Stefan\Downloads\FRST64.exe
2021-04-22 12:26 - 2021-04-22 12:26 - 000027896 _____ C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2021-04-21 21:55 - 2021-04-21 21:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-21 21:18 - 2021-04-21 21:18 - 000000000 ____D C:\ProgramData\Movavi Video Suite 21
2021-04-21 21:14 - 2021-04-21 21:14 - 000000150 _____ C:\Users\Stefan\Downloads\Movavi Video Suite Serial.txt
2021-04-21 21:13 - 2021-04-21 21:14 - 121236608 _____ (Movavi) C:\Users\Stefan\Downloads\MovaviVideoSuiteSetup.exe
2021-04-20 22:29 - 2021-04-20 22:29 - 000000000 ____D C:\Users\Stefan\AppData\Local\PhotoManager
2021-04-20 22:28 - 2021-04-20 22:35 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Movavi Photo Manager 2
2021-04-20 22:28 - 2021-04-20 22:28 - 000012687 _____ C:\ProgramData\fxatyavk.yrt
2021-04-20 22:23 - 2021-04-20 22:23 - 000000000 ____D C:\Users\Stefan\AppData\Local\MovaviPicverse
2021-04-20 20:56 - 2021-04-20 20:56 - 000000000 ____D C:\Users\Stefan\AppData\Local\VideoEditorPlus
2021-04-20 20:53 - 2021-04-20 22:36 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Movavi Picverse
2021-04-20 20:53 - 2021-04-20 20:53 - 000012747 _____ C:\ProgramData\itjalhsf.rge
2021-04-20 20:52 - 2021-04-20 20:52 - 000000961 _____ C:\Users\Stefan\Desktop\Movavi Video Suite 21.lnk
2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\Downloads\Movavi Sync
2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Movavi Video Suite 21
2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Suite 21
2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\Suite
2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\CrashRpt
2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\cache
2021-04-20 20:52 - 2021-04-20 20:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\AgentInformer
2021-04-20 20:51 - 2021-04-20 20:51 - 133905024 _____ (Movavi) C:\Users\Stefan\Downloads\MovaviVideoSuiteSetupF.exe
2021-04-20 20:51 - 2021-04-20 20:51 - 000012545 _____ C:\ProgramData\mijprvzl.ern
2021-04-20 20:25 - 2021-04-20 20:25 - 006348176 _____ (MAGIX Software GmbH) C:\Users\Stefan\Downloads\trial_videodeluxeplus2021_dlm_op4wd1--phfGTKlVsPlX9KSLLu.exe
2021-04-20 19:52 - 2021-04-20 19:52 - 000000000 ____D C:\Program Files\Common Files\MAGIX Shared
2021-04-20 19:51 - 2021-04-20 19:51 - 000000000 ____D C:\Program Files\MAGIX
2021-04-19 15:05 - 2021-04-19 15:05 - 000000000 ____D C:\Users\Stefan\AppData\Local\MAGIX
2021-04-18 20:04 - 2021-04-20 22:17 - 000000000 ____D C:\Users\Stefan\Desktop\HOCHZEIT
2021-04-18 19:43 - 2021-04-18 19:43 - 021265524 _____ C:\Users\Stefan\Downloads\VID-20210305-WA0020.mp4
2021-04-18 15:13 - 2021-04-18 15:13 - 000000000 ____D C:\Users\Stefan\AppData\Local\MAGIX_Software_GmbH
2021-04-18 14:56 - 2021-04-20 20:10 - 000000000 ____D C:\Users\Stefan\Documents\MAGIX downloads
2021-04-18 14:47 - 2021-04-20 19:56 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\MAGIX
2021-04-18 14:47 - 2021-04-20 19:52 - 000000000 ____D C:\Users\Stefan\AppData\Local\Xara
2021-04-18 14:47 - 2021-04-18 14:47 - 000000000 ____D C:\Users\Stefan\Documents\MAGIX_MusicEditor
2021-04-18 14:45 - 2021-04-20 22:33 - 000000000 ___RD C:\Users\Stefan\Documents\MAGIX
2021-04-18 14:45 - 2021-04-20 20:21 - 000000000 ____D C:\ProgramData\MAGIX
2021-04-18 14:45 - 2021-04-18 14:45 - 000000000 ____D C:\Program Files (x86)\MSXML 4.0
2021-04-18 13:48 - 2021-04-18 13:48 - 000002096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-18 09:55 - 2021-04-18 17:13 - 000000000 ____D C:\Users\Stefan\Desktop\Magix Photostory 2015 Deluxe v14 0 2 51_
2021-04-16 21:20 - 2021-04-16 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-04-16 21:06 - 2021-04-16 21:06 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-16 21:05 - 2021-04-16 21:05 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 21:05 - 2021-04-16 21:05 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-14 17:19 - 2021-04-20 20:27 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2452734210-2858773296-2644968050-1001
2021-04-14 17:19 - 2021-04-14 17:19 - 000002386 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-04-12 12:51 - 2021-04-12 12:51 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-04-10 23:10 - 2021-04-10 23:10 - 000384759 _____ C:\Users\Stefan\Downloads\Jahreskontoauszug_2020_15879783.pdf
2021-04-10 23:07 - 2021-04-10 23:07 - 001035063 _____ C:\Users\Stefan\Downloads\Steuerbescheinigungen_2020_Stefan_Müseler.pdf
2021-04-10 23:07 - 2021-04-10 23:07 - 000932990 _____ C:\Users\Stefan\Downloads\Erträgnisaufstellung_2020_Stefan_Müseler.pdf
2021-04-10 20:19 - 2021-04-19 20:09 - 000000000 ____D C:\Users\Stefan\Desktop\2020.08.29 Schuleingang Liel
2021-04-07 08:50 - 2021-04-07 08:50 - 117944320 _____ C:\Users\Stefan\Downloads\PlexMediaServer-1.22.2.4282-a97b03fad-x86_64_DSM6.spk
2021-04-06 08:57 - 2021-04-18 14:52 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-06 08:57 - 2021-04-06 08:57 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-04-06 08:57 - 2021-04-06 08:57 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-04-06 08:57 - 2021-04-06 08:57 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-04-06 08:57 - 2021-04-06 08:57 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-04-06 08:57 - 2021-04-06 08:57 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-04-06 08:57 - 2021-04-06 08:57 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-04-06 08:57 - 2021-04-06 08:57 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-04-06 08:57 - 2021-04-06 08:57 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-04-06 08:57 - 2021-04-06 08:57 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-04-06 08:57 - 2021-04-06 08:57 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-04-06 08:57 - 2021-04-06 08:57 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-04-06 08:57 - 2021-04-06 08:57 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-04-06 08:57 - 2021-04-06 08:57 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-04-06 08:57 - 2021-04-06 08:57 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-04-06 08:57 - 2021-04-06 08:57 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-04-03 12:38 - 2021-04-03 12:38 - 000008153 _____ C:\Users\Stefan\Downloads\ledgerlive-operations-2021.04.03.csv
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-04-22 12:29 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-22 12:27 - 2016-11-18 17:10 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\KeePass
2021-04-22 12:26 - 2019-01-29 23:06 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-22 12:26 - 2017-11-25 21:42 - 000000000 ____D C:\Users\Stefan\AppData\Local\CyberGhost
2021-04-22 12:26 - 2016-11-18 17:07 - 000000000 ____D C:\Users\Stefan\AppData\LocalLow\Mozilla
2021-04-22 12:26 - 2016-11-18 16:44 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-22 12:26 - 2016-11-18 16:19 - 000000000 __SHD C:\Users\Stefan\IntelGraphicsProfiles
2021-04-21 22:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-21 22:06 - 2016-11-21 13:39 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\vlc
2021-04-21 21:58 - 2020-11-16 17:19 - 001731564 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-21 21:58 - 2019-12-07 16:50 - 000750116 _____ C:\WINDOWS\system32\perfh007.dat
2021-04-21 21:58 - 2019-12-07 16:50 - 000151930 _____ C:\WINDOWS\system32\perfc007.dat
2021-04-21 21:58 - 2019-11-18 17:00 - 000000000 ____D C:\Users\Stefan\AppData\Local\AVAST Software
2021-04-21 21:56 - 2019-11-18 16:56 - 000000000 ____D C:\ProgramData\AVAST Software
2021-04-21 21:55 - 2016-11-18 17:06 - 000001192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-21 21:55 - 2016-11-18 17:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-21 21:55 - 2016-11-18 17:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-04-21 21:54 - 2020-11-16 17:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-21 21:54 - 2020-11-16 17:16 - 000000000 ____D C:\Users\defaultuser0
2021-04-21 21:54 - 2020-11-16 17:13 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-21 21:54 - 2020-11-16 17:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-21 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-21 21:26 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-21 21:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-21 21:26 - 2018-08-01 17:18 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Ledger Live
2021-04-21 21:26 - 2017-10-19 16:13 - 000000000 ____D C:\Users\Stefan\AppData\Local\Packages
2021-04-21 20:11 - 2020-11-16 17:25 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-21 20:11 - 2020-11-16 17:25 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-21 20:09 - 2020-06-24 13:50 - 000002396 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-20 22:29 - 2017-02-02 12:54 - 000000000 ____D C:\Users\Stefan\AppData\Local\Movavi
2021-04-20 22:24 - 2017-02-02 12:55 - 000000000 ____D C:\Users\Stefan\.fontconfig
2021-04-20 22:15 - 2016-11-18 17:37 - 000000000 ____D C:\Users\Stefan\AppData\Local\CrashDumps
2021-04-20 20:35 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-04-20 20:35 - 2019-08-21 15:57 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d5582862b8dec2.job
2021-04-20 20:35 - 2019-08-21 15:57 - 000001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d5582862b00140.job
2021-04-20 20:27 - 2021-02-27 10:37 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-04-20 20:27 - 2021-01-14 08:16 - 000003270 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2021-04-20 20:27 - 2020-11-30 11:00 - 000003434 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6bc2c20930d65
2021-04-20 20:27 - 2020-11-16 17:25 - 000003798 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA1d5582862b8dec2
2021-04-20 20:27 - 2020-11-16 17:25 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-20 20:27 - 2020-11-16 17:25 - 000003574 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore1d5582862b00140
2021-04-20 20:27 - 2020-11-16 17:25 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-20 20:27 - 2020-11-16 17:25 - 000003142 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 20:27 - 2020-11-16 17:25 - 000003114 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 20:27 - 2020-11-16 17:25 - 000002962 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 20:27 - 2020-11-16 17:25 - 000002942 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 20:27 - 2020-11-16 17:25 - 000002852 _____ C:\WINDOWS\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 20:27 - 2020-11-16 17:25 - 000002810 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 20:27 - 2020-11-16 17:25 - 000002686 _____ C:\WINDOWS\system32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0x1f)
2021-04-20 20:27 - 2020-11-16 17:25 - 000002604 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-04-20 20:27 - 2020-11-16 17:25 - 000002598 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-04-20 20:27 - 2020-11-16 17:25 - 000002528 _____ C:\WINDOWS\system32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0xc)
2021-04-20 20:27 - 2020-11-16 17:25 - 000002526 _____ C:\WINDOWS\system32\Tasks\AsLiftRightsForClient_Sessionunknown LOGON_SESSION_ID id (0x8)
2021-04-20 20:27 - 2020-11-16 17:25 - 000002304 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_PushButton
2021-04-20 20:27 - 2020-11-16 17:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-04-20 20:17 - 2020-11-16 17:25 - 000003760 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-04-20 20:17 - 2020-11-16 17:25 - 000003536 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-04-20 19:53 - 2020-12-30 20:14 - 000735848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-20 19:50 - 2016-11-18 16:24 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-18 14:57 - 2018-08-14 15:58 - 000000000 ____D C:\Users\Stefan\AppData\Local\D3DSCache
2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-18 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-18 14:24 - 2019-11-22 14:22 - 000001103 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-04-18 14:24 - 2019-11-22 14:22 - 000001103 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-04-18 13:50 - 2017-06-20 09:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-18 13:49 - 2016-11-18 17:08 - 000000000 ___RD C:\Users\Stefan\Dropbox
2021-04-17 10:00 - 2017-11-03 00:18 - 000000128 _____ C:\Users\Stefan\AppData\Local\PUTTY.RND
2021-04-16 21:20 - 2016-11-18 17:05 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-04-16 21:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 21:04 - 2020-11-16 17:14 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-16 20:50 - 2016-11-19 13:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-16 20:20 - 2016-11-19 13:13 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-16 20:17 - 2018-02-15 15:01 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-14 17:19 - 2016-11-18 16:16 - 000000000 ___RD C:\Users\Stefan\OneDrive
2021-04-10 20:18 - 2018-05-13 20:34 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Mp3tag
2021-04-06 08:57 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-04 13:09 - 2018-08-01 17:17 - 000000000 ____D C:\Program Files\Ledger Live
2021-04-03 19:52 - 2019-03-01 11:32 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Telegram Desktop
2021-04-03 12:44 - 2019-04-16 19:41 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Trinity
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2017-09-10 12:17 - 2018-06-26 12:56 - 000003017 _____ () C:\Users\Stefan\AppData\Roaming\.jocalaadblink.log
2017-11-03 00:18 - 2021-04-17 10:00 - 000000128 _____ () C:\Users\Stefan\AppData\Local\PUTTY.RND
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
22.04.2021, 11:46
Baum-Darstellung