| |
| |||||||
Log-Analyse und Auswertung: Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.11.2022, 17:46
| #1 |
 |  Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam Hallo und zunächst vielen Dank, dass Ihr immer noch Eure Hilfe anbietet! Ich habe das Problem, dass auf meinem Notebook RAM und CPU sehr oft mit 98-100% ausgelastet sind, so dass flüssiges Arbeiten nicht mehr möglich ist. Eine zeitliche Regelmäßigkeit konnte ich nicht feststellen. YouTube Videos, egal in welcher Auflösung, lassen sich bspw. nicht mehr ruckelfrei anschauen, allgemein laden Seiten manchmal extrem langsam, egal ob in Firefox oder Chrome, dann wieder in annehmbarer Geschwindigkeit. Selbst wenn nur 1-2 Programme geöffnet sind, hängt die Performance. Kann es ein Trojaner bzw. Cryptominer sein? Malwarebytes hat beim letzten Scan 6 PUPs gefunden (siehe Codeblocks, PUPs sind danach in die Quarantäne verschoben worden). Heute habe ich dann den FRST-Scan gemacht und hoffe, dass Ihr vielleicht den Grund für die zeitweise extrem schwache Performance findet. FRST.txt und Addition.txt habe ich jeweils ebenfalls als Codeblocks hier eingefügt (Klarnamen und PDF-Dateinamen sind mit ***** anonymisiert). Die aufgelisteten Seiten unter FireFox: / FF NetworkProxy sagen mir nichts. Ich bin mir auch nicht sicher, ob ich mal weitere FF-Profile angelegt hatte. Installierte Antivirus-Programme: Avast Free Antivirus 22.10.6038 (Build 22.10.7633.757) (seit Februar 2022) Malwarebytes 4.5.17 (seit letzter Woche) Malwarebytes-Scanberichte Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 16.11.22
Scan-Zeit: 17:44
Protokolldatei: 0195c2c4-65ce-11ed-a2e0-c454443cafa4.json
-Softwaredaten-
Version: 4.5.17.221
Komponentenversion: 1.0.1806
Version des Aktualisierungspakets: 1.0.62372
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10 (Build 19044.2251)
CPU: x64
Dateisystem: NTFS
Benutzer: *****\*****
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 381146
Erkannte Bedrohungen: 6
In die Quarantäne verschobene Bedrohungen: 6
Abgelaufene Zeit: 1 Std., 6 Min., 21 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 3
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, 157, 236865, , , , , ,
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, 157, 236865, , , , , ,
PUP.Optional.Conduit, HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, In Quarantäne, 157, 236865, 1.0.62372, , ame, , ,
Registrierungswert: 2
PUP.Optional.Conduit, HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, In Quarantäne, 157, 236865, 1.0.62372, , ame, , ,
PUP.Optional.Conduit, HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, In Quarantäne, 157, 236865, 1.0.62372, , ame, , ,
Registrierungsdaten: 1
PUP.Optional.Conduit, HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Ersetzt, 157, 293058, 1.0.62372, , ame, , ,
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 21.11.22
Scan-Zeit: 11:39
Protokolldatei: ba6762a4-6988-11ed-9a09-c454443cafa4.json
-Softwaredaten-
Version: 4.5.17.221
Komponentenversion: 1.0.1806
Version des Aktualisierungspakets: 1.0.62583
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10 (Build 19044.2251)
CPU: x64
Dateisystem: NTFS
Benutzer: *****\*****
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 381280
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 1 Std., 34 Min., 43 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter ==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\*****\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\66.0.3.0\crashpad_handler.exe <2>
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <15>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360565.inf_amd64_7d719e3a1bab56a3\B360372\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [297256 2017-08-29] (Lenovo -> Lenovo Group Limited)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-30] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572528 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-11-24] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212184 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3315280 2019-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11209952 2022-11-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\*****\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\MountPoints2: {a023fa8a-46d9-11ec-bc07-c454443cafa4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2839958251-2324060183-95412134-1000\...\MountPoints2: {a023fb79-46d9-11ec-bc07-c454443cafa4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2839958251-2324060183-95412134-501\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe --startup_mode (Keine Datei)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MP540 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9E.DLL [27648 2008-05-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP540 series: C:\Windows\system32\CNMLM9E.DLL [279040 2008-05-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP 5D12 Status Monitor: C:\Windows\system32\hpinksts5D12LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2363136 2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-12] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{07AA0886-CC8D-4e19-A410-1C75AF686E62}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{33c86cd6-705f-4ba1-9adb-67070b837775}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] ->
HKLM\Software\...\Authentication\Credential Provider Filters: [{edd749de-2ef1-4a80-98d1-81f20e6df58e}] -> C:\Windows\System32\l2nacp.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-11-12]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02275B37-B633-4A81-9D2B-86801443D0DC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe /launch (Keine Datei)
Task: {106CB9C9-0E3B-44EF-B247-FE038498D7C7} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {1717C752-FA7D-4CC3-AA68-367AF2DC551F} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [1783776 2016-08-01] (DivX, LLC -> DivX, LLC)
Task: {1DFBCB49-FA78-4D6B-ACA3-D16EFA1235B5} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3834520 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {1FF19F56-ABF4-477A-AB4B-8F02E63C8955} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-12] (Adobe Inc. -> Adobe)
Task: {221D9A1F-649A-4F47-A350-6AFFA649F200} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {239B2C9E-FCCF-4A7B-9910-EBB5E05EA31A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {23CEDD6D-2E83-4334-A467-41FF7C474AFE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {29B8E714-429C-4528-9746-806A765FD940} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2A690E5B-E535-422A-B745-893F18327978} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2B3DE80D-5BCF-40D0-904A-E065A85A7D19} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {2FCD98DE-114F-46B5-A9C3-647623365BCD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3133BB99-5C58-4F26-9F70-B18AC323E486} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-12] (Adobe Inc. -> Adobe)
Task: {374DA1F9-CC7F-4B4F-A6A9-E2833030CDA8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (Keine Datei)
Task: {37DD28B1-D5FD-48CE-91BC-9B6AB7BF53E4} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.5.0\AutoUpdate.exe /auto (Keine Datei)
Task: {3B15D0EA-8A83-49E3-A635-21559E356DB0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {3B9D2B52-BF32-4509-85C6-D00204EF1294} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000Core => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3CC5F28A-ACB0-4C2D-B09D-729C45CA43DD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000UA => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {42AA26B5-8D6B-4B55-843E-336A6E8E490C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {498C49AF-3C7A-4486-A072-3CF445D0DE8E} - \Microsoft\Windows\Setup\EOSNotify -> Keine Datei <==== ACHTUNG
Task: {4FE98CE6-D123-4ABF-9225-CBCF6F514C4F} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5241D901-6842-4AC0-8AF9-37E7867CDEA4} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {5811C7BF-1BB0-429F-9449-32CDE93C84CC} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Keine Datei)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6169C8D7-AD8B-4C17-8F08-20975A6D971C} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-08-18] () [Datei ist nicht signiert]
Task: {62B2191D-A59B-4A74-AE95-7B42AE0565E2} - System32\Tasks\CCleanerSkipUAC - ***** => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {64737F4F-CEAF-4114-BD56-93C1C17C132E} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {680EEDF1-6297-44CC-B8F0-ACE6DCF2268E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [712200 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {6F715D41-04B0-4EB9-AD54-3103E4C15C2D} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\9.5.0\Scheduler.exe /scheduler (Keine Datei)
Task: {73A6956F-B7B0-4D8E-A075-8FB604EC9F28} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {73FB205A-34A6-4130-B9B9-48F7CEBF7FE1} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2839958251-2324060183-95412134-1000 => C:\Users\*****\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2022-10-19] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {74084314-034B-492B-9A18-0ED6CC6186BC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {76750A57-8E52-4E12-A933-39094277C1E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6637512 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E6E0992-71C0-4A09-81FB-E30D59D6076F} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {8237BB6A-402D-490A-B9F7-E570DF1C2A94} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (Keine Datei)
Task: {8666B73F-A987-49EA-92E8-65D97A119F2C} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {8A82137C-310A-427A-97BD-56775E3A77D3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {8CEB21FC-C066-4553-AFB3-55C63495DAF1} - System32\Tasks\Abelssoft\UpdateYeti scan => C:\Program Files (x86)\UpdateYeti\UpdateYeti.exe [2433048 2016-05-10] (Ascora GmbH -> Abelssoft)
Task: {8FB478B9-F1C1-4599-B47D-AB25318700B2} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-29] (Lenovo -> )
Task: {95D1B83C-758C-48CF-B397-15C74E92917C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {97F7E27E-D2AE-4D10-957A-82183FF2B83D} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {98BC2526-D25E-4636-8197-0C3CC6337B9F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6637512 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {995BBDFD-47E9-4046-9E89-8AD6D632CA1A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A12B9E55-F4D1-4ECA-93B5-313AD6A5DACC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {ACE086D9-7B73-4045-8B1A-763594416A08} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Keine Datei)
Task: {AEF7E3D7-9051-4EBE-8A4E-384492C0B2D9} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B1E60C6E-7D22-40B2-8560-7C697D6755AD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {B417DCCA-A7DC-4A6D-AD9D-FF1CEE1B1223} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B6229762-13B5-4426-A81B-89918056B0A6} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "0c0f9568-21cf-4e81-b053-f57683445683" --version "6.04.10044" --silent
Task: {C16F6120-917D-46EE-A82C-4F368D3C5110} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software)
Task: {CA17074C-2319-44C4-AA3F-48491E913CD3} - \Microsoft\Windows\Setup\EOSNotify2 -> Keine Datei <==== ACHTUNG
Task: {CDBF1BE9-DEDD-4768-9347-958CED3DD10D} - \PMTask -> Keine Datei <==== ACHTUNG
Task: {E943316E-6FF8-43D8-9793-87907B2FA359} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Keine Datei)
Task: {EB394CBD-70BF-4B2C-A093-5ED695DE58A9} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-29] (Lenovo -> )
Task: {EC89023A-666B-463F-BC27-DB540EBF4056} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (Keine Datei)
Task: {EEAEABCC-8459-4E3C-B358-B11171A35C69} - System32\Tasks\Driver Booster SkipUAC (*****) => C:\Program Files (x86)\IObit\Driver Booster\9.5.0\DriverBooster.exe /skipuac (Keine Datei)
Task: {EF7EAE0E-BBFB-4E18-BB70-423255A24557} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4936920 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
Task: {F15D1E57-3214-4725-A6CA-E88119C3A8C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {FB18ED1A-9044-4130-8486-88F7738E172E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000Core.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2839958251-2324060183-95412134-1000UA.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{94dc40e5-70ac-4be6-9da0-e739c8bd3c01}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9720db88-4ae4-4430-87b8-d7afefab3ed8}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A4AD3F4E-BC1C-4142-90F9-23E1863E0E1A}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e8473653-8d33-4d6b-b775-f43d8278c2a2}: [DhcpNameServer] 213.209.104.220 213.209.104.250
Edge:
=======
DownloadDir: C:\Users\*****\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
FireFox:
========
FF DefaultProfile: ppggg20o.default
FF DefaultProfile: cbjkvl8z.default-1470220961571
FF ProfilePath: C:\Users\*****\AppData\Roaming\Zotero\Zotero\Profiles\ppggg20o.default [2020-02-26]
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 [2022-11-21]
FF Homepage: Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 -> hxxps://www.theguardian.com/
FF NewTab: Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 -> hxxps://searchdefault.co/homepage?hp=1&bitmask=9996&pId=AC191101&iDate=2020-11-13 12:16:29&bName=
FF NetworkProxy: Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571 -> autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {else if ((shExpMatch(url, 'hxxps://www.netflix.com*')) || (shExpMatch(url, 'hxxp://www.netflix.com*')) || (host == 'netflix.com') || (host == 'www.netflix.com') || (host == 'cbp-us.nccp.netflix.com') || (url.indexOf('theplatform.com') != -1) || (shExpMatch(url, 'hxxp://www.crunchyroll.com*')) || (shExpMatch(url, 'hxxps://www.crunchyroll.com*')) || (host == 'api-manga.crunchyroll.com') || (host == 's.hulu.com') || (shExpMatch(url, 'hxxp://media.mtvnservices.com*')) || (host == 'media.mtvnservices.com')) { return 'PROXY us10.sq.proxmate.me:8000; PROXY us08.sq.proxmate.me:8000; PROXY us05.sq.proxmate.me:8000; PROXY us12.sq.proxmate.me:8000; PROXY us09.sq.proxmate.me:8000; PROXY us04.sq.proxmate.me:8000; PROXY us13.sq.proxmate.me:8000; PROXY us06.sq.proxmate.me:8000; PROXY us01.sq.proxmate.me:8000; PROXY us14.sq.proxmate.me:8000; PROXY us07.sq.proxmate.me:8000; PROXY us03.sq.proxmate.me:8000; PROXY us02.sq.proxmate.me:8000; PROXY us11.sq.proxmate.me:8000' } else { return 'DIRECT'; }}"
FF Extension: (Facebook Container) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\@contain-facebook.xpi [2022-11-04]
FF Extension: (FastForward) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\addon@fastforward.team.xpi [2022-07-20]
FF Extension: (Copyfish 🐟 Free OCR Software) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\copyfish@a9t9.com.xpi [2021-08-20]
FF Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\firefox@ghostery.com.xpi [2022-11-21]
FF Extension: (Tampermonkey) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\firefox@tampermonkey.net.xpi [2022-11-16]
FF Extension: (Forecastfox (fix version)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\forecastfox@s3_fix_version.xpi [2020-11-23]
FF Extension: (Simple mass downloader) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\gelprec.smd@gmail.com.xpi [2019-06-08]
FF Extension: (HTTPS Everywhere) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\https-everywhere@eff.org.xpi [2021-07-16]
FF Extension: (Reverse Image Search) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid0-iiiWfb12bgHj8iKloOou74fb6jh@jetpack.xpi [2021-08-20]
FF Extension: (Word Count Tool) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid0-YHLk2psjhEWXNJqMKTU7dDcMJcN@jetpack.xpi [2018-05-01]
FF Extension: (Print Friendly & PDF) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid0-YQz0l1jthOIz179ehuitYAOdBEs@jetpack.xpi [2022-05-28]
FF Extension: (To Google Translate) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-22]
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-06-26] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (pinterest-guest) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-SWdspnBEetWxoA@jetpack.xpi [2021-08-20]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-11-04]
FF Extension: (Search image) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\searchimage@searchimage.fr.xpi [2017-02-21]
FF Extension: (SimpleBrowsingSchedule) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\simplebrowsingschedule@example.org.xpi [2022-10-06]
FF Extension: (tb-color-picker.label) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\tb-color-picker-single@codefisher.org.xpi [2018-04-22]
FF Extension: (TitleCase) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\TitleCase@htdsoftware.com.xpi [2018-12-03]
FF Extension: (uBlock Origin) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\uBlock0@raymondhill.net.xpi [2022-11-16]
FF Extension: (Vergrößern) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\zoom@stefanvd.net.xpi [2021-08-20]
FF Extension: (Zotero Connector) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\zotero@chnm.gmu.edu.xpi [2022-11-08] [UpdateUrl:hxxps://www.zotero.org/download/connector/firefox/release/updates.json]
FF Extension: (Imgur-Uploader) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{11cf55c0-15ef-49d1-a0ff-02ed401413f8}.xpi [2019-04-02]
FF Extension: (Link Extractor) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{32234610-80fa-4bc1-9cef-183abea3f3b2}.xpi [2018-08-11]
FF Extension: (DuckDuckGo Search) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{37220c34-b538-4f3e-af3d-47aa40026683}.xpi [2020-09-22]
FF Extension: (Lightshot (Screenshot Tool)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}.xpi [2020-11-12]
FF Extension: (EPUBReader) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2020-06-22]
FF Extension: (G App Launcher (Google™ Shortcuts)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi [2022-11-02]
FF Extension: (NoScript) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-11-16]
FF Extension: (User-Agent Switcher) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2022-07-12]
FF Extension: (Citavi Picker) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2021-04-13]
FF Extension: (Auto Tab Discard) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{c2c003ee-bd69-42a2-b0e9-6f34222cb046}.xpi [2022-11-16]
FF Extension: (Web Developer) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2020-01-13]
FF Extension: (Bypass Paywalls Clean) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{d133e097-46d9-4ecc-9903-fa6a722a6e0e}.xpi [2022-11-21]
FF Extension: (Greasemonkey) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\cbjkvl8z.default-1470220961571\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-01-28]
FF Extension: (Citavi Picker) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}.xpi [2017-12-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2019-12-24] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-12] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google Inc -> Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @hola.org/vlc,version=1.6.120 -> C:\Users\*****\AppData\Local\Hola\firefox\app\vlc [Keine Datei]
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2839958251-2324060183-95412134-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2022-11-12]
CHR Extension: (uBlock Origin) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-09-01]
CHR Extension: (Avira Browser Safety) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-09-05]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-08-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-14]
CHR HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\*****\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden>
CHR HKU\S-1-5-21-2839958251-2324060183-95412134-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
Opera:
=======
OPR Profile: C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable [2022-11-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-04-24] (Advanced Micro Devices, Inc. -> )
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-29] (Adobe Systems) [Datei ist nicht signiert]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-12] (Adobe Inc. -> Adobe)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8539152 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592600 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2018008 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592600 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-04-22] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12515768 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-11-09] (Dropbox, Inc -> Dropbox, Inc.)
S4 FreeStyleLibre MAS Server; C:\Program Files (x86)\FreeStyle Libre\MAS.FreeStyleLibre.exe [285184 2016-01-19] () [Datei ist nicht signiert]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S4 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [169768 2017-08-29] (Lenovo -> Lenovo Group Limited)
S4 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [120400 2017-04-03] (Lenovo -> Lenovo Group Limited)
S4 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [20984 2013-10-18] (LENOVO(JAPAN)LTD. -> Lenovo)
S4 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8879024 2022-11-16] (Malwarebytes Inc. -> Malwarebytes)
S4 PDF24; C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
S4 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59440 2013-12-16] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
S4 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [319024 2013-12-16] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2021-09-08] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-12-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42304 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238152 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382504 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [306128 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105936 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48512 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276520 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [564304 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114464 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90008 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862936 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [672272 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221944 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327896 2022-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-14] (Martin Malik - REALiX -> REALiX(tm))
S3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [272168 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-21] (AnchorFree Inc -> The OpenVPN Project)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-11-16] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd -> )
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [347224 2020-05-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 StillCam; C:\WINDOWS\system32\DRIVERS\serscan.sys [13312 2020-11-10] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VBoxNetAdp; C:\WINDOWS\System32\DRIVERS\VBoxNetAdp6.sys [237376 2019-09-03] (Oracle Corporation -> Oracle Corporation)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-04-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [443664 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2018-01-05] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-01-05] (Zemana Ltd. -> Zemana Ltd.)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-11-21 15:57 - 2022-11-21 16:00 - 000054026 _____ C:\Users\*****\Desktop\FRST.txt
2022-11-21 13:18 - 2022-11-21 13:18 - 000001422 _____ C:\Users\*****\Desktop\mwb_bericht_21.11.2022.txt
2022-11-21 13:17 - 2022-11-21 13:17 - 000002465 _____ C:\Users\*****\Desktop\mwb_bericht_16.11.2022_02.txt
2022-11-21 13:16 - 2022-11-21 13:16 - 000002465 _____ C:\Users\*****\Desktop\mwb_bericht_16.11.2022.txt
2022-11-21 12:32 - 2022-11-21 12:34 - 005659583 _____ (Swearware) C:\Users\*****\Desktop\ComboFix.exe
2022-11-21 12:21 - 2022-11-21 12:22 - 002375680 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2022-11-20 17:09 - 2022-11-20 17:09 - 010352849 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-20 16:15 - 2022-11-20 16:15 - 075389568 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-18 18:41 - 2022-11-18 18:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-16 19:29 - 2022-11-16 19:29 - 000002550 _____ C:\Users\*****\Desktop\malwarebytes log.txt
2022-11-16 17:45 - 2022-11-21 13:13 - 000000000 ____D C:\Users\*****\AppData\LocalLow\IGDump
2022-11-16 17:36 - 2022-11-16 17:36 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-11-16 17:36 - 2022-11-16 17:36 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-11-16 17:36 - 2022-11-16 17:36 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-16 17:36 - 2022-11-16 17:36 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-11-16 17:35 - 2022-11-16 17:35 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-11-16 17:35 - 2022-11-16 17:34 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-11-16 17:33 - 2022-11-16 17:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-11-16 17:32 - 2022-11-16 17:32 - 002632256 _____ (Malwarebytes) C:\Users\*****\Downloads\MBSetup.exe
2022-11-14 16:10 - 2022-11-14 16:21 - 505290059 _____ C:\Users\*****\Downloads\*****.zip
2022-11-13 11:37 - 2022-11-13 11:37 - 000000000 ___HD C:\$WinREAgent
2022-11-12 17:00 - 2022-11-12 17:00 - 000001153 _____ C:\Users\Public\Desktop\LibreOffice 7.4.lnk
2022-11-12 17:00 - 2022-11-12 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.4
2022-11-12 15:18 - 2022-11-21 09:07 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-12 15:10 - 2022-11-12 15:10 - 000000000 ____D C:\WINDOWS\Panther
2022-11-12 10:10 - 2022-11-12 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-11-11 13:08 - 2022-11-21 09:07 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-09 21:23 - 2022-11-09 21:23 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 21:23 - 2022-11-09 21:23 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-09 21:22 - 2022-11-09 21:22 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-09 21:20 - 2022-11-09 21:20 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-09 12:36 - 2022-11-09 12:39 - 000000000 ____D C:\Program Files\LibreOffice
2022-11-09 11:32 - 2022-11-09 11:32 - 000000000 ____D C:\Users\*****\AppData\Roaming\Sun
2022-11-09 11:31 - 2022-11-09 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-11-09 11:31 - 2022-11-09 11:30 - 000195232 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2022-11-09 01:44 - 2022-11-09 01:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-11-09 01:44 - 2022-11-09 01:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-11-09 01:44 - 2022-11-09 01:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-11-09 01:44 - 2022-11-09 01:44 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-11-04 15:16 - 2022-11-04 15:17 - 001684395 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 15:11 - 2022-11-04 15:11 - 001271682 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 15:07 - 2022-11-04 15:07 - 001620388 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 11:20 - 2022-11-04 11:21 - 011943095 _____ C:\Users\*****\Downloads\*****.pdf
2022-11-04 09:45 - 2022-11-04 09:45 - 000270552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-11-04 09:45 - 2022-11-04 09:45 - 000221944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-10-26 21:49 - 2022-10-26 21:49 - 000000401 _____ C:\Users\*****\Desktop\*****.txt
2022-10-24 22:40 - 2022-10-24 22:40 - 003994922 _____ C:\Users\*****\Downloads\*****.epub
2022-10-24 19:33 - 2022-10-24 21:49 - 000000000 ____D C:\Users\*****\AppData\Local\transmission
2022-10-24 19:32 - 2022-10-24 19:32 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission Qt Client.lnk
2022-10-24 19:32 - 2022-10-24 19:32 - 000002459 _____ C:\Users\Public\Desktop\Transmission Qt Client.lnk
2022-10-24 19:32 - 2022-10-24 19:32 - 000000000 ____D C:\Program Files\Transmission
2022-10-24 16:16 - 2022-10-24 16:16 - 000000000 ____D C:\Users\*****\Downloads\FixMissingMSI_V2.2ForNET45
2022-10-24 16:08 - 2022-10-24 16:08 - 000002270 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk
2022-10-24 10:45 - 2022-10-24 13:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-10-24 10:43 - 2022-10-24 14:01 - 000157546 _____ C:\WINDOWS\ntbtlog.txt
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-11-21 16:04 - 2018-02-14 18:54 - 001479103 _____ C:\WINDOWS\ZAM.krnl.trace
2022-11-21 16:04 - 2018-02-14 18:54 - 001478320 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2022-11-21 15:59 - 2017-11-06 21:07 - 000000000 ____D C:\FRST
2022-11-21 15:56 - 2014-02-19 19:28 - 000000000 ____D C:\Program Files\JDownloader
2022-11-21 15:34 - 2014-02-01 21:11 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-21 15:06 - 2020-11-11 00:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-21 14:44 - 2014-03-25 11:26 - 000000000 ____D C:\Users\*****\Documents\*****
2022-11-21 14:33 - 2014-02-28 16:53 - 000007621 _____ C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2022-11-21 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-21 10:10 - 2018-11-26 21:32 - 000000000 ____D C:\Users\*****\AppData\Local\Microsoft_Corporation
2022-11-21 10:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-11-21 09:58 - 2015-06-19 16:10 - 000000000 ____D C:\Users\*****\AppData\Local\Dropbox
2022-11-21 09:53 - 2022-03-17 20:50 - 000000000 ____D C:\Users\*****\AppData\Roaming\DropboxElectron
2022-11-21 09:33 - 2016-11-18 09:15 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2022-11-21 09:32 - 2022-04-22 10:16 - 000000000 ____D C:\Users\*****\AppData\Local\Avast Software
2022-11-21 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-21 09:10 - 2022-09-15 17:38 - 000000000 ____D C:\Users\*****\AppData\Roaming\com.adobe.dunamis
2022-11-21 09:07 - 2014-03-06 19:31 - 000000000 ____D C:\Program Files\CCleaner
2022-11-21 09:06 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-21 08:58 - 2022-04-22 10:07 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-11-20 21:15 - 2020-07-10 11:50 - 000000000 ____D C:\Users\*****\AppData\Roaming\vlc
2022-11-20 19:29 - 2022-04-22 10:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-11-20 19:29 - 2021-08-30 12:08 - 000002248 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - user
2022-11-20 19:29 - 2021-07-25 09:07 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-11-20 19:29 - 2021-07-25 09:07 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-11-20 19:29 - 2020-11-11 01:01 - 000003724 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-11-20 19:29 - 2020-11-11 01:01 - 000003684 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-20 19:29 - 2020-11-11 01:01 - 000003500 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-11-20 19:29 - 2020-11-11 01:01 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-11-20 19:29 - 2020-11-11 01:01 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-20 19:29 - 2020-11-11 01:01 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-11-20 19:29 - 2020-11-11 01:01 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-11-20 19:29 - 2020-11-11 01:01 - 000002422 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2022-11-20 19:29 - 2020-11-11 01:01 - 000002396 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2022-11-20 19:29 - 2020-11-11 01:01 - 000002394 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2022-11-20 19:29 - 2020-11-11 01:01 - 000002306 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_Dolby
2022-11-20 19:29 - 2020-11-11 01:01 - 000002302 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2022-11-20 19:29 - 2019-09-28 12:06 - 000001210 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-11-20 19:29 - 2019-09-28 12:06 - 000001206 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-11-20 18:11 - 2020-04-18 09:30 - 000000000 ____D C:\Users\*****\AppData\Roaming\Signal
2022-11-20 18:10 - 2014-06-25 09:35 - 000000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2022-11-20 16:49 - 2014-06-25 09:36 - 000000000 ____D C:\Users\*****\AppData\Local\Spotify
2022-11-20 14:50 - 2022-01-16 19:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-11-20 14:09 - 2018-07-06 12:14 - 000000000 ____D C:\Users\*****\Documents\Citavi 6
2022-11-20 13:39 - 2022-10-12 20:22 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2022-11-18 18:41 - 2022-01-23 13:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-18 18:41 - 2014-02-25 00:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-18 14:16 - 2020-01-20 23:43 - 000000000 ____D C:\Users\*****\AppData\Local\D3DSCache
2022-11-18 13:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-16 17:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-16 17:33 - 2017-05-29 01:17 - 000000000 ____D C:\Program Files\Malwarebytes
2022-11-16 11:41 - 2016-10-02 19:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-11-14 19:54 - 2022-04-22 10:06 - 000382504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-11-12 16:19 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-12 15:11 - 2022-04-05 18:22 - 000000000 ____D C:\ProgramData\Avast Software
2022-11-12 15:09 - 2020-11-11 01:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-12 15:09 - 2020-11-11 00:19 - 000669088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-12 15:09 - 2020-11-11 00:19 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-12 15:08 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-12 15:08 - 2014-02-01 12:57 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-11-12 15:06 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-12 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-12 12:22 - 2014-08-23 08:16 - 000000000 ____D C:\Users\*****\Documents\HK
2022-11-12 12:11 - 2014-04-14 17:10 - 000000000 ____D C:\Users\*****\Desktop\Diverses
2022-11-12 10:24 - 2022-08-14 11:20 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-12 10:11 - 2019-09-28 12:06 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-11-11 13:37 - 2017-01-01 20:46 - 000000000 ____D C:\Users\*****\.mediathek3
2022-11-11 13:24 - 2018-06-02 01:03 - 000000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2022-11-09 21:20 - 2020-11-11 00:22 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-09 20:27 - 2014-02-01 14:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 20:09 - 2013-01-17 08:28 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-09 11:29 - 2018-05-20 09:09 - 000000000 ____D C:\Program Files\Java
2022-11-07 17:05 - 2022-03-31 18:15 - 000002017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-11-04 09:45 - 2022-04-22 10:06 - 000672272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000564304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000327896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000306128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000276520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000114464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000105936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000090008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-11-04 09:45 - 2022-04-22 10:06 - 000048512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-11-04 09:44 - 2022-04-22 10:06 - 000862936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-11-04 09:44 - 2022-04-22 10:06 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys.166842994448401
2022-11-04 09:44 - 2022-04-22 10:06 - 000238152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-11-04 09:44 - 2022-04-22 10:06 - 000042304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-11-02 20:20 - 2020-11-11 00:41 - 001964048 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-02 20:20 - 2019-12-07 15:51 - 000839802 _____ C:\WINDOWS\system32\perfh007.dat
2022-11-02 20:20 - 2019-12-07 15:51 - 000185158 _____ C:\WINDOWS\system32\perfc007.dat
2022-10-31 17:35 - 2021-06-03 17:51 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-31 12:02 - 2019-01-23 21:47 - 000000000 ____D C:\Users\*****\AppData\Roaming\Telegram Desktop
2022-10-26 11:04 - 2018-01-27 23:09 - 000000000 ____D C:\Users\*****\AppData\Local\LenovoServiceBridge
2022-10-24 20:45 - 2014-04-28 08:05 - 000000000 ___RD C:\Users\*****\Downloads\*****
2022-10-24 20:13 - 2020-12-22 18:50 - 000000000 ____D C:\Program Files\MediathekView
2022-10-24 20:12 - 2020-12-22 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediathekView
2022-10-24 16:18 - 2022-10-12 20:22 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2022-10-24 16:08 - 2022-02-11 13:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-10-24 16:05 - 2014-02-01 21:02 - 000000000 ____D C:\ProgramData\Lenovo
2022-10-24 10:43 - 2020-03-01 00:57 - 000000000 ____D C:\WINDOWS\TempInst
2022-10-24 10:32 - 2014-03-30 15:13 - 000000000 ____D C:\WINDOWS\pss
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-01-13 22:55 - 2020-01-13 22:55 - 000000008 __RSH () C:\ProgramData\sysqcl1131236454.dat
2017-06-04 19:58 - 2017-03-23 05:23 - 000966656 _____ () C:\Program Files (x86)\1026.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 001048576 _____ () C:\Program Files (x86)\1028.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000487424 _____ () C:\Program Files (x86)\1029.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000495616 _____ () C:\Program Files (x86)\1030.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000507904 _____ () C:\Program Files (x86)\1031.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000864256 _____ () C:\Program Files (x86)\1032.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000032768 _____ () C:\Program Files (x86)\1033.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000528384 _____ () C:\Program Files (x86)\1034.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000524288 _____ () C:\Program Files (x86)\1036.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000512000 _____ () C:\Program Files (x86)\1038.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000479232 _____ () C:\Program Files (x86)\1040.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 001351680 _____ () C:\Program Files (x86)\1041.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 003022848 _____ () C:\Program Files (x86)\1042.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000454656 _____ () C:\Program Files (x86)\1043.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000475136 _____ () C:\Program Files (x86)\1045.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000466944 _____ () C:\Program Files (x86)\1046.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000962560 _____ () C:\Program Files (x86)\1049.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000540672 _____ () C:\Program Files (x86)\1051.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000454656 _____ () C:\Program Files (x86)\1053.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000475136 _____ () C:\Program Files (x86)\1055.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000917504 _____ () C:\Program Files (x86)\1058.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000487424 _____ () C:\Program Files (x86)\1061.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 001339392 _____ () C:\Program Files (x86)\1066.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 000356352 _____ () C:\Program Files (x86)\2052.mst
2017-06-04 19:58 - 2017-03-23 05:23 - 009675776 _____ () C:\Program Files (x86)\ABBYY FineReader 14 x64.msi
2017-06-04 19:58 - 2017-03-23 05:23 - 009568768 _____ () C:\Program Files (x86)\ABBYY FineReader 14.msi
2017-06-04 19:57 - 2017-03-23 05:14 - 001133208 _____ (ABBYY Production LLC.) C:\Program Files (x86)\AutoRun.exe
2017-06-04 19:57 - 2016-11-18 17:49 - 000001981 _____ () C:\Program Files (x86)\AutoRun.inf
2022-07-17 14:31 - 2022-07-17 14:31 - 009738240 _____ () C:\Program Files (x86)\GUTDD0D.tmp
2017-06-04 19:57 - 2017-03-23 05:14 - 000987800 _____ (ABBYY Production LLC.) C:\Program Files (x86)\Setup.exe
2017-06-04 19:57 - 2016-07-13 17:52 - 000000862 _____ () C:\Program Files (x86)\setup.ini
2018-07-09 09:33 - 2018-08-22 17:00 - 000000033 _____ () C:\Users\*****\AppData\Roaming\AdobeWLCMCache.dat
2015-07-19 18:46 - 2021-09-10 11:54 - 000002298 _____ () C:\Users\*****\AppData\Roaming\ASSDraw3.cfg
2018-08-14 00:04 - 2018-08-14 00:04 - 000000028 _____ () C:\Users\*****\AppData\Roaming\kulerdata.json
2020-11-13 00:58 - 2012-04-30 11:53 - 001249792 _____ (hxxp://www.ruby-lang.org/) C:\Users\*****\AppData\Roaming\msvcr90-ruby191.dll
2014-02-23 11:28 - 2014-02-23 11:28 - 000016660 _____ () C:\Users\*****\AppData\Roaming\UserTile.png
2018-04-05 11:57 - 2021-12-12 20:46 - 000000128 _____ () C:\Users\*****\AppData\Roaming\winscp.rnd
2014-11-23 14:13 - 2014-11-23 14:13 - 000000275 _____ () C:\Users\*****\AppData\Local\HamsterAudioConverterSettings.cfg
2020-03-24 13:36 - 2020-03-24 13:36 - 000000000 _____ () C:\Users\*****\AppData\Local\oobelibMkey.log
2020-06-15 23:16 - 2020-06-15 23:16 - 000001882 _____ () C:\Users\*****\AppData\Local\psppirerc
2022-05-23 12:26 - 2022-05-23 12:26 - 000000767 _____ () C:\Users\*****\AppData\Local\recently-used.xbel
2014-02-28 16:53 - 2022-11-21 14:33 - 000007621 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter ==================== Speicherinformationen ===========================
BIOS: LENOVO HSET64WW (2.09 ) 10/19/2015
Hauptplatine: LENOVO 20BC0006GE
Prozessor: AMD E1-2500 APU with Radeon(TM) HD Graphics
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 7449.73 MB
Verfügbarer physikalischer RAM: 3012.61 MB
Summe virtueller Speicher: 17449.73 MB
Verfügbarer virtueller Speicher: 9824.83 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:5.5 GB) (Model: Samsung SSD 840 Series SATA Disk Device) NTFS
Drive d: (*****) (Fixed) (Total:465.76 GB) (Free:240.19 GB) (Model: HGST HTS 545050A7E380 USB Device) NTFS
\\?\Volume{85bc2e43-8b25-11e3-983b-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 000A62BB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt =======================
|
| Themen zu Windows 10: Cryptominer? Trojaner? Sehr oft hohe RAM-/CPU-Auslastung, alle Anwendungen extrem langsam |
| ausgelastet, avira, avp, cpu, desktop, firefox, flash player, google, homepage, hängt, internet, internet explorer, kaspersky, langsam, mozilla, port, problem, prozesse, realtek, registry, scan, trojaner, trojaner?, usb, windows |
Baum-Darstellung