| |
| |||||||
Log-Analyse und Auswertung: Windows 10: Passwort-Trojaner wirklich weg?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
11.03.2023, 12:25
| #1 |
| |  Windows 10: Passwort-Trojaner wirklich weg? Hallo, der Windows Defender hat einen Wacatac in Quarantäne gestellt. Malwarebytes und eset habe ich danach drüber laufen lassen. Hier dazu die Logfiles von Malwarebytes: Code:
ATTFilter Protokolldatei: ec65ac40-bd46-11ed-9e62-107b44f0e531.json
-Softwaredaten-
Version: 4.5.23.241
Komponentenversion: 1.0.1927
Version des Aktualisierungspakets: 1.0.66441
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.2673)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-****\****
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 433023
Erkannte Bedrohungen: 3
In die Quarantäne verschobene Bedrohungen: 3
Abgelaufene Zeit: 3 Min., 20 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 1
PUP.Optional.VLCUpdaterDE, HKU\S-1-5-21-341515215-1173906820-3305953664-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\STARTUPAPPROVED\RUN|VLC UPDATER, In Quarantäne, 1638, 750355, 1.0.66441, , ame, , ,
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 2
PUP.Optional.QwebDe, C:\USERS\NIKLA\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\USER PINNED\TASKBAR\QWEB SYMBOL.LNK, In Quarantäne, 1476, 496142, 1.0.66441, , ame, , 3E9DADC7A69FF007E90069FF81161A96, E207F82B2A0477132651D1B9020035EF9BA2D2FC2ED5236A9CF4728FA3B38933
Spyware.PasswordStealer, C:\PROGRAM FILES (X86)\POST SERVICE & CONSULTING LIMITED\VIDEODOWNLOADER\DOWNLOADER.EXE, In Quarantäne, 511, 786368, 1.0.66441, , ame, , CB61DCCE14C847A9527D4F7A234458F4, A63BB1F4B3AE8717202704CD293F9357914A0DC35A7070A683AED7A756F2984E
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter 10.03.2023 21:26:43
Geprüfte Dateien: 2997712
Erkannte Dateien: 2
Gesäuberte Dateien: 2
Prüfdauer gesamt 05:19:22
Prüfstatus: Abgeschlossen
C:\$Recycle.Bin\S-1-5-21-341515215-1173906820-3305953664-1001\$RBJO73G\aswOfferTool.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung gelöscht
C:\$Recycle.Bin\S-1-5-21-341515215-1173906820-3305953664-1001\$RBJO73G\offertool_x64_ais-959.vpx Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung gelöscht
FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2023
durchgeführt von **** (Administrator) auf DESKTOP-**** (11-03-2023 11:22:26)
Gestartet von D:\Downloads
Geladene Profile: ******
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.2673 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Advanced Micro Devices Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\AMD\CNext\CCCSlim\MOM.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\AMD\CNext\CCCSlim\MOM.exe ->) (Advanced Micro Devices Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\AMD\CNext\CCCSlim\CCC.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe ->) (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
(C:\Program Files\Tablet\Wacom\WacomHost.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco Secure Client\UI\csc_ui.exe
(Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
(D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe ->) (Kristjan Skutta -> ) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe <4>
(DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atieclxx.exe
(explorer.exe ->) (Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(explorer.exe ->) (Kristjan Skutta -> ) D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET + Big-R + obelix30) [Datei ist nicht signiert] C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe
(G. SKILL International Enterprise Co., Ltd. -> G.SKILL Inc.) C:\Program Files (x86)\G.SKILL\Trident Z Lighting Control\hid.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(S:\Programme\MDESIGN\lmgrd.exe ->) (Tedata GmbH) [Datei ist nicht signiert] S:\Programme\MDESIGN\TEDATA64.exe
(S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe ->) (Mentor Graphics Corporation -> Mentor Graphics Corporation) S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe
(services.exe ->) (3Dconnexion SAM -> 3Dconnexion) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\Mgl3DCtlrRPCService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.05\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco Secure Client\vpnagent.exe
(services.exe ->) (Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe
(services.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
(services.exe ->) (Endor AG -> ) C:\Program Files\Fanatec\Fanatec Wheel\FWPnpService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Flexera Software LLC -> Flexera) S:\Programme\MDESIGN\lmgrd.exe <2>
(services.exe ->) (Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Leawo Software) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe
(services.exe ->) (Mentor Graphics Corporation -> Mentor Graphics Corporation) S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.23.1.21\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.23.1.21\nsWscSvc.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2203.1037.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.3DBuilder_20.0.3.0_x64__8wekyb3d8bbwe\Builder3D.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.43112.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21374.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21374.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(svchost.exe ->) (Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2307.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Flight Yoke System] => C:\Program Files\Logitech\Flight Yoke System\Yoke_Profiler.exe [19456 2018-02-14] (Logitech) [Datei ist nicht signiert]
HKLM\...\Run: [3DxWare Service] => C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\3DxService.exe [2518584 2020-09-07] (3Dconnexion SAM -> 3Dconnexion, INC)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Sonic Studio 3] => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1233920 2017-10-18] (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [20369616 2017-10-11] (Corsair Components, Inc. -> Corsair Components, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-06-15] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [433800 2018-09-17] (Geek Software GmbH -> Geek Software GmbH)
HKLM-x32\...\Run: [Spectrum] => C:\Program Files (x86)\G.SKILL\Trident Z Lighting Control\HID.exe [1747048 2022-05-10] (G. SKILL International Enterprise Co., Ltd. -> G.SKILL Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [138214768 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Cisco Secure Client] => C:\Program Files (x86)\Cisco\Cisco Secure Client\UI\csc_ui.exe [2999392 2022-10-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2628488 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [CorsairLink4] => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [27146448 2018-03-30] (Corsair Components, Inc. -> Corsair Components, Inc.)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [WallpaperEngine] => D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe [2918904 2020-09-16] (Kristjan Skutta -> )
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1746776 2021-02-15] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [Lync] => "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe" /fromrunkey (Keine Datei)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\nikla\AppData\Local\WebEx\WebexHost.exe [8040032 2023-02-22] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [280440 2021-06-06] (nordvpn s.a. -> TEFINCOM S.A.)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [CorsairEffectsEngine] => "C:\Users\nikla\AppData\Local\CorsairEffectsEngine\Update.exe" --processStart CorsairEffectsEngine.exe (Keine Datei)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [SignalRgb] => "C:\Users\nikla\AppData\Local\VortxEngine\SignalRgbLauncher.exe" --silent (Keine Datei)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [MicrosoftEdgeAutoLaunch_ALB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --launcher=on_logon_windows [4243408 2023-03-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [MicrosoftEdgeAutoLaunch_BD744D00B7947BA4CE821E1D00C3AA26] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-03-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\nikla\AppData\Local\Microsoft\Teams\Update.exe [2587456 2023-02-16] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [GoogleContactSync] => C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe [3342848 2022-08-06] (WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET + Big-R + obelix30) [Datei ist nicht signiert]
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [GoogleChromeAutoLaunch_333DA321688CFEFA9F9D34AB6803D568] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3221272 2023-03-04] (Google LLC -> Google LLC)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\MountPoints2: {2340272e-be10-11eb-974e-e8d11bfb5684} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\MountPoints2: {3e92ea2f-46ca-11ec-9762-e8d11bfb5684} - "J:\OnePlus_setup.exe" /s
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\MountPoints2: {8ee68233-cc50-11e7-9519-107b44f0e531} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\MountPoints2: {dbd5ed5b-d2ca-11ec-9784-e8d11bfb5684} - "E:\OnePlus_setup.exe" /s
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\WINDOWS\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series XPS: C:\WINDOWS\system32\CNMXLMBA.DLL [392192 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\WINDOWS\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [181248 2023-03-08] (pdfforge GmbH) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\111.0.5563.65\Installer\chrmstp.exe [2023-03-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CADClick® Click2CAD Toolbox.lnk [2019-05-16]
ShortcutTarget: CADClick® Click2CAD Toolbox.lnk -> C:\Program Files (x86)\KiM GmbH\CADClick Click2CAD Toolbox\CADClick_Click2CAD.exe (KiM GmbH) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Imaging Edge Desktop.lnk [2020-05-11]
ShortcutTarget: Imaging Edge Desktop.lnk -> C:\Program Files\Sony\Imaging Edge Desktop\ied.exe (Sony Imaging Products & Solutions Inc. -> Sony)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2021 Fast Start.lnk [2022-02-17]
ShortcutTarget: SOLIDWORKS 2021 Fast Start.lnk -> C:\Windows\Installer\{9C0A2571-4AAE-4FEE-B673-038B38B85EFC}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Hintergrund-Downloader.lnk [2022-02-16]
ShortcutTarget: SOLIDWORKS Hintergrund-Downloader.lnk -> C:\Program Files (x86)\Common Files\SOLIDWORKS Installations-Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
Startup: C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-06-30]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Keine Datei)
Startup: C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Corsair Effects Engine.appref-ms [2018-07-26] () [Datei ist nicht signiert]
InternetURL: C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Kalender.url -> URL: hxxps://calendar.google.com/calendar/
Startup: C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Luminar Neo.lnk [2023-02-06]
ShortcutTarget: Luminar Neo.lnk -> C:\Program Files\Skylum\Luminar Neo\Luminar Neo.exe (Skylum Software USA, Inc. -> Skylum)
Startup: C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook.lnk [2021-09-20]
ShortcutTarget: Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Keine Datei)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B6F4C12-5E96-481D-AE0D-EDCFB7B8E788} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-07-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1A955452-8B04-4B8F-9B50-2CE76A1D699C} - System32\Tasks\Norton AntiVirus Plus\Norton AntiVirus Error Analyzer => C:\Program Files\Norton Security\Engine\22.23.1.21\SymErr.exe [379024 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {260597EE-1EFE-4E62-888B-4E59D0F8DA3F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-23] (Google Inc -> Google Inc.)
Task: {26EBBFC4-6B4F-422F-A559-2F8D1F1CD458} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\nikla\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-10] (ESET, spol. s r.o. -> ESET)
Task: {29E993DC-13A6-42DB-B09F-95541369A879} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-07-09] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
Task: {2A244E2A-03C3-49DA-91C4-0DC1BA7ED144} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2353000 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {359EB1CC-3032-4ABD-8F07-010EBD31ED9D} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3825768 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EE56148-692A-4A39-91D0-6D395FF694EA} - System32\Tasks\SS3svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1233920 2017-10-18] (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert]
Task: {4A0C5A39-B5CF-4EFF-8083-2A2726851F33} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-341515215-1173906820-3305953664-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206000 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B289FC6-80A8-4F64-B77D-B30F8E51792F} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1627648 2020-07-09] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
Task: {4C443E01-1E76-4567-BA7B-489C2F60C35D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {4F6AFD6C-C87D-48BF-9DBC-8B8C273F07BA} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {506870FF-3B3C-4567-A207-2258BE7CE6CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8519680 2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {683599C2-E99D-4675-9B56-B47441944B6D} - System32\Tasks\Norton AntiVirus Plus\Norton AntiVirus Autofix => C:\Program Files\Norton Security\Engine\22.23.1.21\SymErr.exe [379024 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {71F7958C-0126-46C4-ADAC-73789EF1CA48} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64408 2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {74433CBB-1D30-465D-83EB-22C491A97D72} - System32\Tasks\Norton AntiVirus Plus\Norton AntiVirus Error Processor => C:\Program Files\Norton Security\Engine\22.23.1.21\SymErr.exe [379024 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {7A711CB0-82DC-4393-BFC2-B22145958FD5} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-07-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7B3410FE-A596-4782-963C-FBB9F876ED93} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-07-09] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
Task: {89E0A7DB-FA1D-4170-96DC-F7AE74A0B560} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {89EF1B3B-71B0-431F-AA2E-B627F4A2EBCB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9263973F-C98E-4E95-A086-817F0C1C2751} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-23] (Google Inc -> Google Inc.)
Task: {974A70E0-A94A-48B7-80EA-1DF4109BB04B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F209321-9225-4158-A4BB-5BB54AA08B35} - System32\Tasks\SS3svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe [811520 2017-10-18] (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert]
Task: {A2186A0F-BC52-4AF9-99C2-39848ABA3D3E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206000 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB8691ED-C0C1-4B5F-A562-1F25C2FE6E3A} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe [247256 2016-12-16] (ASUSTeK Computer Inc. -> )
Task: {B6E6057C-4802-4A57-8875-434945C57CBE} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-10-31] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {BF053508-657C-438D-A3EB-75A46F177903} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8519680 2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF0FCB18-B0F1-4441-8FF5-30C4484F9369} - System32\Tasks\Driver Booster SkipUAC (***) => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe /skipuac (Keine Datei)
Task: {C0EB3C26-4126-49D2-9F28-8EAB094117D9} - System32\Tasks\MATLAB R2021b Startup Accelerator => C:\Program Files\MATLAB\R2021b\bin\win64\MATLABStartupAccelerator.exe (Keine Datei)
Task: {C959DDE1-4A51-46DB-90E0-997E20F3677D} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.23.1.21\WSCStub.exe [646520 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {D463F2FA-A2DF-49B7-A6EC-64272BBB4CDD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {D7CE29BA-5920-4045-9E4E-6A832C3F3E8D} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-15] (Overwolf Ltd -> Overwolf LTD)
Task: {E35B0485-9AFC-403B-93A7-EE830ADBAFE7} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\nikla\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-10] (ESET, spol. s r.o. -> ESET)
Task: {E7A48BD2-AD71-4D6F-93CB-C836C20108CE} - System32\Tasks\MATLAB R2022b Startup Accelerator => S:\Programme\MATLAB\R2022b\bin\win64\MATLABStartupAccelerator.exe [98816 2022-06-29] () [Datei ist nicht signiert]
Task: {EB0CCE20-D7A7-4D04-81B0-6FADAB93F22D} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43797544 2022-09-01] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {EF243A99-6D8D-47B7-AF56-F5615BF3397A} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-10-31] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\MATLAB R2021b Startup Accelerator.job => C:\Program Files\MATLAB\R2021b\bin\win64\MATLABStartupAccelerator.exe C:\Program Files\MATLAB\R2021b#DESKTOP-***GFFN\***.Sta
Task: C:\WINDOWS\Tasks\MATLAB R2022b Startup Accelerator.job => S:\Programme\MATLAB\R2022b\bin\win64\MATLABStartupAccelerator.exeS:\Programme\MATLAB\R2022b#DESKTOP-***GFFN\***.Sta
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9bca827c-244f-4b38-98cd-b5ddd81e8ff6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a5c95a1a-f2a2-4aca-89e9-0b441b481868}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{dec42306-addf-4283-be25-2fd81a0d81da}: [DhcpNameServer] 192.168.0.1
Edge:
=======
DownloadDir: D:\Downloads
Edge Notifications: HKU\S-1-5-21-341515215-1173906820-3305953664-1001 -> hxxps://calendar.google.com
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-09]
Edge Extension: (Cisco Webex Extension) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmihkeafcknlomclapaddfljaeegfbdl [2021-02-26]
Edge Extension: (Checker Plus for Google Calendar™) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fbongfbliechkeaegkjfehhimpenoani [2023-03-05]
Edge Extension: (McAfee® WebAdvisor) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2023-03-05]
Edge Extension: (PAYBACK Internet Assistent) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fmgfmfcpbgahfllkogflflfebdbfogga [2022-07-13]
Edge Extension: (Return YouTube Dislike) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-02-20]
Edge Extension: (In Google Drive speichern) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2023-03-05]
Edge Extension: (Tampermonkey) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iikmkjmpaadaobahmlepeloendndfphd [2023-02-03]
Edge Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2023-03-08]
Edge Extension: (Citavi Picker) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mielbhbkcliienpdicphhecpodcaeefg [2022-06-24]
Edge Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2023-03-05]
Edge Extension: (I don't care about cookies) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oholpbloipjbbhlhohaebmieiiieioal [2023-02-20]
Edge HKLM-x32\...\Edge\Extension: [cmihkeafcknlomclapaddfljaeegfbdl]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => nicht gefunden
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Composer\Bin\npcomposerplayerwebplugin.dll [2021-10-29] (DASSAULT SYSTEMES SE -> Dassault Systemes)
FF Plugin: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Composer\Bin\x86\npcomposerplayerwebplugin.dll [2021-10-29] (DASSAULT SYSTEMES SE -> Dassault Systemes)
FF Plugin-x32: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @ptc.com/IsoView -> C:\Program Files (x86)\Common Files\PTC\npisoview.dll [2016-11-29] (PTC Inc. -> PTC Inc.)
FF Plugin-x32: @ptc.com/ProductViewLite -> C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll [2016-11-29] (PTC Inc. -> PTC)
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2021-01-29] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default [2023-03-11]
CHR Extension: (Just Black) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2023-03-06]
CHR Extension: (Tampermonkey) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2023-03-06]
CHR Extension: (I don't care about cookies) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-03-06]
CHR Extension: (Norton Safe Web) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2023-03-08]
CHR Extension: (Return YouTube Dislike) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-03-06]
CHR Extension: (Google Docs Offline) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-06]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-03-06]
CHR Extension: (In Google Drive speichern) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2023-03-06]
CHR Extension: (Checker Plus for Google Calendar™) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhggnncdpfibdhinjiegagmopldibha [2023-03-06]
CHR Extension: (Cisco Webex Extension) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2023-03-06]
CHR Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2023-03-09]
CHR Extension: (Shazam: Finde Songtitel in deinem Browser) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-03-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-06]
CHR Extension: (Citavi Picker) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2023-03-06]
CHR Extension: (PAYBACK Internet Assistent) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbfjbhoglggakhkngkbfehgghkaadeba [2023-03-06]
CHR Profile: C:\Users\nikla\AppData\Local\Google\Chrome\User Data\System Profile [2023-03-09]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [jlhmfgmfgeifomenelglieieghnjghma]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [394864 2022-09-27] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.05\atkexComSvc.exe [456008 2022-10-31] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 AsRogAuraService; C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe [753624 2016-12-16] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-10-31] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-05-19] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-10-31] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [678256 2022-10-31] (ASUSTeK COMPUTER INC. -> ASUS)
R2 CdRomAccessAgentService; C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe [90112 2023-03-06] (Leawo Software) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12554240 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
R3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [34512 2018-03-30] (Corsair Components, Inc. -> Corsair Components, Inc.)
S3 CoordinatorServiceHost; S:\Programme\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [79576 2021-10-30] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
R2 csc_vpnagent; C:\Program Files (x86)\Cisco\Cisco Secure Client\vpnagent.exe [1215584 2022-12-13] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-09-23] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2022-05-19] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncHelper.exe [3486600 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (FUTUREMARK INC -> Futuremark)
R2 FWPnpService; C:\Program Files\Fanatec\Fanatec Wheel\FWPnpService.exe [250864 2019-01-10] (Endor AG -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [389696 2017-07-10] (Canon Inc. -> )
S3 impi_hydra; S:\Programme\SOLIDWORKS Corp\SOLIDWORKS\hydra_service.exe [924472 2021-10-29] (Intel(R) Software Development Products -> Intel Corporation)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3835360 2022-03-10] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
S2 MDESIGN License Manager; C:\Program Files (x86)\FLEXlm\MDESIGN\lmgrd.exe [1396200 2018-06-29] (Flexera Software LLC -> Flexera Software LLC)
R2 MDESIGN License Manager 64; S:\Programme\MDESIGN\lmgrd.exe [1203536 2022-10-20] (Flexera Software LLC -> Flexera)
R2 Mgl3DCtlrRPCService; C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\Mgl3DCtlrRPCService.exe [166968 2020-09-07] (3Dconnexion SAM -> 3Dconnexion)
R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [280440 2021-06-06] (nordvpn s.a. -> TEFINCOM S.A.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.23.1.21\NortonSecurity.exe [344888 2023-02-02] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.23.1.21\nsWscSvc.exe [1059176 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-10-16] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.038.0219.0001\OneDriveUpdaterService.exe [3865992 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-15] (Overwolf Ltd -> Overwolf LTD)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [433800 2018-09-17] (Geek Software GmbH -> Geek Software GmbH)
R2 RemoteSolverDispatcher; S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [252936 2021-10-29] (Mentor Graphics Corporation -> Mentor Graphics Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1574512 2023-02-13] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [226976 2023-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2017-11-17] (SolidWorks) [Datei ist nicht signiert]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 SWVisualize2021.Queue.Server; S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [30424 2021-10-30] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15212856 2023-01-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [145096 2021-01-29] (Cisco WebEx LLC -> Cisco WebEx LLC)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\nikla\AppData\Roaming\Zoom"
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 3dxhid; C:\WINDOWS\System32\drivers\3dxhid.sys [49952 2020-09-02] (3Dconnexion SAM -> 3Dconnexion SAM)
R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [304056 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54720 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\amdkmdag.sys [94459216 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-11-18] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [49256 2022-08-15] (ASUSTeK COMPUTER INC. -> )
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.23.1.21\Definitions\BASHDefs\20230309.011\BHDrvx64.sys [1696736 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\ccSetx64.sys [198280 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2017-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2017-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz146; C:\WINDOWS\temp\cpuz146\cpuz146_x64.sys [52824 2023-03-11] (CPUID -> CPUID)
R1 CTIAIO; C:\WINDOWS\system32\drivers\CtiAIo64.sys [32304 2022-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [32296 2022-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 e2esoft_ivcamaudio_simple; C:\WINDOWS\system32\drivers\iVCamAud.sys [255464 2020-11-04] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 FanatecWheelFilterUsb; C:\WINDOWS\System32\drivers\FWFilterUsb.sys [91872 2019-01-10] (Endor AG -> Endor AG)
R3 FWVirtualInputDevice; C:\WINDOWS\System32\drivers\FWVirtualInputDevice.sys [35552 2019-01-10] (Endor AG -> Endor AG)
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2022-10-31] (ASUSTeK Computer Inc. -> )
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-09-15] (Martin Malik - REALiX -> REALiX(tm))
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.23.1.21\Definitions\IPSDefs\20230310.061\IDSvia64.sys [1527816 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [35344 2022-09-21] (ASUSTEK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1090536 2020-11-02] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
R3 KMJHidMini; C:\WINDOWS\System32\drivers\3dxkmj.sys [18944 2020-09-02] (Microsoft Windows Hardware Compatibility Publisher -> 3Dconnextion Inc.)
R3 KMJShim; C:\WINDOWS\System32\drivers\3dxshim.sys [7168 2020-09-02] (Microsoft Windows Hardware Compatibility Publisher -> 3Dconnextion Inc.)
R3 LSaiMini; C:\WINDOWS\System32\drivers\LSaiMini.sys [20720 2018-02-14] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
R3 LSaiNtBus; C:\WINDOWS\system32\drivers\LSaiBus.sys [60336 2018-02-14] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
R1 LUMDriver; C:\WINDOWS\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM Polska Sp. z o.o. -> IBM)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-06-08] (TEFINCOM S.A. -> )
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2019-07-19] (SoftEther Corporation -> SoftEther Corporation)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [42576 2021-06-13] (nordvpn s.a. -> TEFINCOM S.A.)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\nsvst.sys [57120 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 SaiK0bac; C:\WINDOWS\system32\DRIVERS\SaiK0bac.sys [217408 2018-02-14] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
S3 SaiU0bac; C:\WINDOWS\system32\DRIVERS\SaiU0bac.sys [24816 2018-02-14] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R2 SignalRgbDriver; C:\WINDOWS\System32\Drivers\SignalRgbDriver.sys [25832 2022-03-22] (WHIRLWIND VIRTUAL REALITIES INC. -> )
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\SRTSP64.SYS [956048 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\SRTSPX64.SYS [52872 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\SYMEFASI64.SYS [2180248 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\SymELAM.sys [36016 2023-02-02] (Microsoft Windows Early Launch Anti-Malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100344 2023-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.23.1.21\SymPlatform\SymEvnt.sys [722400 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\Ironx64.SYS [306824 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\symnets.sys [492728 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 USBTINSP; C:\WINDOWS\System32\drivers\tinspusb.sys [142848 2010-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [54176 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R2 WinRing0x64; C:\WINDOWS\System32\Drivers\WinRing0x64.sys [14544 2022-03-22] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\wpCtrlDrv.sys [1016792 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 CM_VENDER_CMD; \??\C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-03-11 11:19 - 2023-03-11 11:22 - 000000000 ____D C:\FRST
2023-03-10 22:18 - 2023-03-10 22:18 - 000007628 _____ C:\Users\nikla\AppData\Local\Resmon.ResmonCfg
2023-03-10 22:01 - 2023-03-10 22:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2023-03-10 21:28 - 2023-03-10 21:28 - 000003884 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-03-10 21:28 - 2023-03-10 21:28 - 000003442 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-03-10 16:04 - 2023-03-10 16:04 - 000001378 _____ C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-03-10 16:04 - 2023-03-10 16:04 - 000000000 ____D C:\Users\nikla\AppData\Local\ESET
2023-03-10 13:33 - 2023-03-10 13:33 - 000000746 _____ C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SALOME-9.10.0.lnk
2023-03-10 13:33 - 2023-03-10 13:33 - 000000178 _____ C:\Users\nikla\AppData\Roaming\.omniORB_DESKTOP-***GFFN_12332.cfg
2023-03-10 13:01 - 2023-03-10 13:01 - 000000000 ____D C:\Users\nikla\AppData\Local\MathWorks
2023-03-09 12:29 - 2023-03-09 12:29 - 000000000 ____D C:\Users\nikla\AppData\Local\Norton
2023-03-08 16:31 - 2023-03-08 16:31 - 000000000 ____D C:\Users\nikla\AppData\Local\NPE
2023-03-08 15:41 - 2023-03-08 15:41 - 000001083 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2023-03-08 15:41 - 2023-03-08 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2023-03-08 15:40 - 2023-03-08 15:40 - 000000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.34.lnk
2023-03-08 15:36 - 2023-03-08 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom
2023-03-08 15:36 - 2023-03-08 15:36 - 000000000 ____D C:\Program Files (x86)\Zoom
2023-03-08 15:35 - 2023-03-08 15:35 - 000001076 _____ C:\Users\Public\Desktop\Audacity.lnk
2023-03-08 15:35 - 2023-03-08 15:35 - 000000680 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2023-03-08 15:35 - 2023-03-08 15:35 - 000000000 ____D C:\Users\nikla\AppData\Local\pdfforge
2023-03-08 15:35 - 2023-03-08 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2023-03-08 15:35 - 2023-03-08 15:35 - 000000000 ____D C:\Program Files\PDFCreator
2023-03-08 13:18 - 2023-03-08 13:18 - 000000000 ____D C:\Program Files\Common Files\AV
2023-03-08 12:30 - 2023-03-10 19:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton AntiVirus Plus
2023-03-08 12:28 - 2023-03-08 12:28 - 000003376 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2023-03-08 12:28 - 2023-03-08 12:28 - 000002297 _____ C:\Users\Public\Desktop\Norton Security.lnk
2023-03-08 12:28 - 2023-03-08 12:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2023-03-08 12:28 - 2023-03-08 12:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2023-03-08 12:28 - 2023-03-08 12:28 - 000000000 ____D C:\Program Files\Norton Security
2023-03-08 12:28 - 2023-03-08 12:28 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2023-03-08 12:26 - 2023-03-08 12:26 - 000000000 ____D C:\ProgramData\NortonInstaller
2023-03-08 12:26 - 2023-03-08 12:26 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2023-03-08 12:23 - 2023-03-09 12:29 - 000000000 ____D C:\ProgramData\Norton
2023-03-08 12:23 - 2023-03-08 12:23 - 000000000 ____D C:\Users\Public\Downloads\Norton
2023-03-08 01:19 - 2023-03-08 01:23 - 000000000 ____D C:\Users\nikla\AppData\LocalLow\IGDump
2023-03-08 01:18 - 2023-03-08 01:18 - 000000000 ____D C:\Users\nikla\AppData\Local\mbam
2023-03-07 22:49 - 2023-03-07 22:49 - 000002399 _____ C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Signal.lnk
2023-03-07 22:49 - 2023-03-07 22:49 - 000000000 ____D C:\Users\nikla\AppData\Local\signal-desktop-updater
2023-03-07 11:24 - 2023-03-07 11:24 - 000000000 ____D C:\Users\nikla\AppData\Local\Siemens
2023-03-07 10:54 - 2023-03-07 10:54 - 000000000 ____D C:\Users\nikla\.thumbnails
2023-03-06 22:56 - 2023-03-06 22:56 - 000000000 ___HD C:\$WinREAgent
2023-03-06 22:44 - 2023-03-07 21:01 - 000000000 ____D C:\Users\nikla\AppData\Local\Adobe
2023-03-06 22:27 - 2023-03-07 10:57 - 000000000 ____D C:\Users\nikla\AppData\Local\cache
2023-03-06 22:22 - 2023-03-06 22:22 - 000000000 ____D C:\Users\nikla\AppData\Local\VirtualStore
2023-03-06 22:22 - 2023-03-06 22:22 - 000000000 ____D C:\Users\nikla\AppData\Local\Sentry
2023-03-06 22:22 - 2023-03-06 22:22 - 000000000 ____D C:\Users\nikla\AppData\Local\PeerDistRepub
2023-03-06 22:22 - 2023-03-06 22:22 - 000000000 ____D C:\Users\nikla\AppData\Local\ATI
2023-03-06 21:29 - 2023-03-06 21:29 - 000684984 _____ (Mozilla Foundation) C:\Users\nikla\AppData\LocalLow\freebl3.dll
2023-03-06 21:29 - 2023-03-06 21:29 - 000627128 _____ (Mozilla Foundation) C:\Users\nikla\AppData\LocalLow\mozglue.dll
2023-03-06 21:29 - 2023-03-06 21:29 - 000254392 _____ (Mozilla Foundation) C:\Users\nikla\AppData\LocalLow\softokn3.dll
2023-03-06 21:19 - 2023-03-06 21:19 - 000000000 ____D C:\Users\nikla\AppData\Local\Leawo Blu-ray Ripper
2023-03-06 21:06 - 2023-03-06 21:11 - 000000000 ____D C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VidCoder
2023-03-06 21:06 - 2023-03-06 21:11 - 000000000 ____D C:\Users\nikla\AppData\Local\VidCoder.Stable
2023-03-06 21:06 - 2023-03-06 21:10 - 000000000 ____D C:\Users\nikla\AppData\Roaming\VidCoder
2023-03-06 21:06 - 2023-03-06 21:06 - 000000000 ____D C:\Users\nikla\AppData\Local\ToastNotificationManagerCompat
2023-03-06 21:06 - 2023-03-06 21:06 - 000000000 ____D C:\Users\nikla\AppData\Local\IsolatedStorage
2023-03-06 21:06 - 2023-03-06 21:06 - 000000000 ____D C:\Program Files\dotnet
2023-03-06 21:05 - 2023-03-06 21:06 - 000000000 ____D C:\Users\nikla\AppData\Local\SquirrelClowdTemp
2023-03-06 21:03 - 2023-03-06 21:03 - 000000000 ___HD C:\ProgramData\vid
2023-03-06 21:03 - 2023-03-06 21:03 - 000000000 ___HD C:\ProgramData\tks
2023-03-06 21:01 - 2023-03-06 21:01 - 000000000 ____D C:\Users\nikla\AppData\Local\Blu-ray Master
2023-03-06 20:52 - 2023-03-06 20:52 - 000000000 ____D C:\Users\nikla\AppData\Local\Swiss Academic Software
2023-03-06 18:36 - 2023-03-06 18:36 - 000000000 ____D C:\Users\nikla\AppData\Local\Edraw
2023-03-06 18:36 - 2023-03-06 18:36 - 000000000 ____D C:\Users\nikla\AppData\Local\CEF
2023-03-06 18:32 - 2023-03-06 18:32 - 000000000 ____D C:\Users\nikla\AppData\Local\MicrosoftEdge
2023-03-05 14:23 - 2023-03-09 15:44 - 000000000 ____D C:\Users\nikla\AppData\Roaming\gtk-2.0
2023-03-05 14:18 - 2023-03-05 14:18 - 000001659 _____ C:\Users\Public\Desktop\Z88Aurora V5.lnk
2023-03-05 14:18 - 2023-03-05 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z88Aurora V5
2023-03-05 14:16 - 2023-03-05 14:16 - 000001651 _____ C:\Users\Public\Desktop\Z88ArionV3.lnk
2023-03-05 14:16 - 2023-03-05 14:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z88ArionV3
2023-03-05 13:53 - 2023-03-05 13:53 - 000000000 ____D C:\Users\nikla\flasheur
2023-03-05 13:34 - 2023-03-05 13:34 - 000000233 _____ C:\Users\nikla\AppData\Roaming\.omniORB_***_DESKTOP-***GFFN_2813.cfg
2023-03-05 13:28 - 2023-03-05 13:28 - 000000233 _____ C:\Users\nikla\AppData\Roaming\.omniORB_***_DESKTOP-***GFFN_2812.cfg
2023-03-04 19:48 - 2023-03-04 19:48 - 000000000 ____D C:\Users\nikla\.config
2023-03-04 19:45 - 2023-03-04 19:45 - 000000000 ____D C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Code_Aster v2021
2023-03-04 19:39 - 2023-03-10 19:27 - 000000233 _____ C:\Users\nikla\AppData\Roaming\.omniORB_***_last.cfg
2023-03-04 19:39 - 2023-03-05 14:09 - 000000104 _____ C:\Users\nikla\AppData\Roaming\.salome_PortManager.cfg
2023-03-04 19:39 - 2023-03-04 19:39 - 000000233 _____ C:\Users\nikla\AppData\Roaming\.omniORB_***_DESKTOP-***GFFN_2810.cfg
2023-02-28 12:11 - 2023-03-11 00:35 - 000000000 ____D C:\Users\nikla\AppData\Roaming\GoContactSyncMOD
2023-02-28 12:11 - 2023-02-28 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GO Contact Sync Mod
2023-02-28 12:11 - 2023-02-28 12:11 - 000000000 ____D C:\Program Files (x86)\GO Contact Sync Mod
2023-02-25 13:26 - 2023-02-25 13:26 - 000050715 _____ C:\Users\nikla\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2023-02-22 12:29 - 2023-02-22 12:29 - 000000000 ____D C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2023-02-22 12:29 - 2023-02-22 12:29 - 000000000 ____D C:\Program Files (x86)\LinuxLive USB Creator
2023-02-21 15:14 - 2023-02-21 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2023-02-21 15:14 - 2023-02-21 15:14 - 000000000 ____D C:\Program Files (x86)\Cisco
2023-02-16 19:08 - 2023-02-16 19:24 - 000002364 _____ C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2023-02-16 17:24 - 2023-03-09 17:04 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-02-16 17:22 - 2023-03-09 10:44 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-02-16 17:22 - 2023-03-09 10:44 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-16 17:22 - 2023-02-16 17:22 - 000000000 ___RD C:\Users\Default\OneDrive
2023-02-16 17:22 - 2023-02-16 17:22 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2023-02-16 17:21 - 2023-02-16 17:21 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-02-16 17:19 - 2023-02-16 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-02-16 17:19 - 2023-02-16 17:19 - 000002541 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-02-16 17:12 - 2023-02-16 17:12 - 000000000 ____D C:\Program Files\Microsoft Office 15
2023-02-15 20:57 - 2023-02-15 20:57 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk
2023-02-15 20:57 - 2023-02-15 20:57 - 000001092 _____ C:\Users\Public\Desktop\AusweisApp2.lnk
2023-02-15 20:57 - 2023-02-15 20:57 - 000000000 ____D C:\Users\nikla\AppData\Local\Governikus GmbH & Co. KG
2023-02-15 20:57 - 2023-02-15 20:57 - 000000000 ____D C:\Program Files\AusweisApp2
2023-02-12 16:50 - 2023-02-12 16:50 - 000000000 ____D C:\ProgramData\mwboost_interprocess
2023-02-12 16:44 - 2023-02-12 16:44 - 000003856 _____ C:\WINDOWS\system32\Tasks\MATLAB R2022b Startup Accelerator
2023-02-12 16:44 - 2023-02-12 16:44 - 000001029 _____ C:\Users\Public\Desktop\MATLAB R2022b.lnk
2023-02-12 16:44 - 2023-02-12 16:44 - 000000586 _____ C:\WINDOWS\Tasks\MATLAB R2022b Startup Accelerator.job
2023-02-12 16:44 - 2023-02-12 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2022b
2023-02-10 19:07 - 2023-02-10 19:07 - 000000787 _____ C:\Users\Public\Desktop\Inkscape.lnk
2023-02-10 19:07 - 2023-02-10 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-11 11:09 - 2020-09-15 11:36 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{9F977908-B9F0-4B85-955B-C6FD9A658823}
2023-03-11 11:08 - 2017-11-17 16:06 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-11 11:06 - 2017-11-17 15:43 - 000000000 ___RD C:\Users\nikla\OneDrive
2023-03-11 11:05 - 2023-01-25 06:54 - 000003152 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2023-03-11 11:05 - 2023-01-25 06:54 - 000003138 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2023-03-11 11:05 - 2017-11-17 19:29 - 000000000 ____D C:\Users\nikla\AppData\Roaming\WTablet
2023-03-10 20:15 - 2020-09-15 11:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-10 19:17 - 2018-07-19 15:58 - 000000000 ____D C:\Program Files (x86)\CorsairLink4
2023-03-10 17:35 - 2022-10-31 11:46 - 000000000 ____D C:\Program Files\ASUS
2023-03-10 13:01 - 2021-10-22 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2021b
2023-03-09 17:11 - 2020-09-15 11:32 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-09 17:11 - 2019-12-07 15:51 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat
2023-03-09 17:11 - 2019-12-07 15:51 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat
2023-03-09 17:11 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-03-09 17:04 - 2020-09-15 11:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-09 17:04 - 2020-09-15 11:30 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-09 17:04 - 2017-12-09 15:14 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-03-09 17:03 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2023-03-09 17:03 - 2017-11-17 15:37 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2023-03-09 16:57 - 2017-11-17 16:02 - 000000000 ____D C:\Program Files (x86)\ASUS
2023-03-09 15:10 - 2018-06-02 20:59 - 000000000 ____D C:\Users\nikla\AppData\Local\D3DSCache
2023-03-09 13:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-08 22:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-08 16:07 - 2020-05-07 20:07 - 000000000 ____D C:\Users\nikla\AppData\Roaming\Zoom
2023-03-08 15:53 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-03-08 15:43 - 2022-10-13 15:40 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-03-08 15:43 - 2022-10-13 15:40 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2023-03-08 15:43 - 2020-09-15 11:36 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-03-08 15:42 - 2019-02-23 12:45 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-08 15:41 - 2020-07-31 14:12 - 000000000 ____D C:\Program Files\Git
2023-03-08 15:41 - 2018-06-26 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2023-03-08 15:41 - 2018-06-26 17:55 - 000000000 ____D C:\Program Files (x86)\Calibre2
2023-03-08 15:37 - 2018-09-09 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2023-03-08 15:37 - 2018-09-09 09:30 - 000000000 ____D C:\Program Files\7-Zip
2023-03-08 15:37 - 2018-07-19 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2023-03-08 15:37 - 2018-07-19 17:06 - 000000000 ____D C:\Program Files\Java
2023-03-08 15:37 - 2017-11-21 23:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-03-08 15:36 - 2017-11-21 23:22 - 000000000 ____D C:\Program Files (x86)\Java
2023-03-08 15:35 - 2018-09-15 16:41 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2023-03-08 15:35 - 2018-09-15 16:41 - 000000000 ____D C:\Program Files (x86)\Audacity
2023-03-08 15:35 - 2018-01-26 15:16 - 000181248 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2023-03-08 12:37 - 2020-05-10 18:14 - 000000000 ____D C:\Users\nikla\AppData\Local\WebEx
2023-03-08 12:28 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-03-08 12:17 - 2017-11-17 16:06 - 000000000 ____D C:\Users\nikla\AppData\Local\Google
2023-03-08 01:45 - 2021-09-30 09:58 - 000000000 ____D C:\Users\nikla\AppData\Roaming\Signal
2023-03-07 10:54 - 2020-09-15 00:00 - 000000000 ____D C:\Users\nikla
2023-03-07 00:39 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-07 00:39 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-03-07 00:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-07 00:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-07 00:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-03-07 00:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-03-06 23:05 - 2018-02-27 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
2023-03-06 23:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-06 22:21 - 2017-11-17 15:42 - 000000000 ____D C:\Users\nikla\AppData\Local\ConnectedDevicesPlatform
2023-03-06 21:50 - 2017-11-18 12:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-06 21:19 - 2018-02-13 14:43 - 000000000 ____D C:\Users\nikla\AppData\Roaming\Leawo
2023-03-06 21:19 - 2018-02-13 14:43 - 000000000 ____D C:\ProgramData\Leawo
2023-03-06 21:06 - 2017-11-17 16:39 - 000000000 ____D C:\ProgramData\Package Cache
2023-03-06 21:03 - 2018-02-13 15:10 - 000000000 ____D C:\Users\nikla\AppData\Roaming\vlc
2023-03-06 18:24 - 2020-03-20 21:47 - 000000000 ____D C:\Users\nikla\AppData\Local\Overwolf
2023-03-06 18:06 - 2017-11-17 15:42 - 000000000 ____D C:\Users\nikla\AppData\Local\Packages
2023-03-06 18:00 - 2017-11-17 18:40 - 000000000 ____D C:\Users\nikla\AppData\Local\3Dconnexion
2023-03-06 16:53 - 2019-01-27 13:33 - 000000000 ____D C:\Users\nikla\AppData\Roaming\obs-studio
2023-03-06 16:49 - 2019-12-07 15:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-03-05 22:23 - 2022-06-19 19:04 - 000000000 ____D C:\Users\nikla\.mediathek3
2023-03-05 22:00 - 2022-01-28 13:32 - 000000000 ____D C:\Users\nikla\AppData\Local\JM01
2023-03-04 19:59 - 2023-01-17 15:58 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-04 19:59 - 2020-09-07 09:44 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-04 19:48 - 2017-11-26 10:36 - 000000000 ____D C:\Users\nikla\AppData\Local\CrashDumps
2023-03-04 11:11 - 2022-01-18 21:34 - 000000000 ____D C:\ProgramData\Swiss Academic Software
2023-03-04 11:11 - 2022-01-18 21:32 - 000002108 _____ C:\Users\Public\Desktop\Citavi 6.lnk
2023-03-04 11:11 - 2022-01-18 21:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 6
2023-03-04 11:10 - 2022-01-18 21:32 - 000000000 ____D C:\Users\nikla\AppData\Local\Downloaded Installations
2023-03-02 16:47 - 2022-10-31 11:41 - 000000000 ____D C:\ProgramData\ASUS
2023-03-02 10:33 - 2021-12-11 11:41 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-341515215-1173906820-3305953664-1001
2023-03-01 07:48 - 2021-12-10 19:36 - 000000675 _____ C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Studienarbeit Lenker.lnk
2023-02-28 23:09 - 2017-11-17 16:39 - 000000000 ____D C:\ProgramData\CLink4
2023-02-28 22:52 - 2020-09-15 11:36 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-28 22:52 - 2020-09-15 11:36 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-28 12:10 - 2022-06-21 09:11 - 000000000 ____D C:\Program Files (x86)\GContactSync
2023-02-28 12:07 - 2017-11-17 15:43 - 000000000 ____D C:\Users\nikla\AppData\Local\Comms
2023-02-24 19:31 - 2022-04-05 11:52 - 000000000 ____D C:\Users\nikla\AppData\Roaming\inkscape
2023-02-24 19:30 - 2022-04-05 11:52 - 000000000 ____D C:\Users\nikla\.dbus-keyrings
2023-02-22 13:32 - 2017-11-18 13:17 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-02-21 15:14 - 2017-11-17 17:58 - 000000000 ____D C:\Users\nikla\AppData\Local\Cisco
2023-02-18 10:30 - 2017-11-17 22:16 - 000000000 ____D C:\Program Files\Microsoft Office
2023-02-16 19:08 - 2018-09-06 18:28 - 000000000 ____D C:\Users\nikla\AppData\Local\SquirrelTemp
2023-02-16 19:08 - 2017-11-17 15:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-02-16 19:06 - 2020-09-15 11:30 - 001898568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-16 19:04 - 2020-09-15 11:32 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-16 18:58 - 2017-11-18 12:16 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-16 17:19 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-02-16 17:10 - 2018-01-13 12:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-02-15 14:20 - 2018-03-02 21:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-15 11:59 - 2017-12-09 15:15 - 000000000 ____D C:\Users\nikla\AppData\Local\TeamViewer
2023-02-13 19:09 - 2017-11-17 16:16 - 000000000 ____D C:\Users\nikla\AppData\Local\PlaceholderTileLogoFolder
2023-02-12 16:54 - 2018-11-19 19:15 - 000000000 ____D C:\ProgramData\MDESIGN
2023-02-12 16:44 - 2021-10-22 18:34 - 000000000 ____D C:\ProgramData\MathWorks
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-03-10 13:33 - 2023-03-10 13:33 - 000000178 _____ () C:\Users\nikla\AppData\Roaming\.omniORB_DESKTOP-***GFFN_12332.cfg
2023-03-04 19:39 - 2023-03-04 19:39 - 000000233 _____ () C:\Users\nikla\AppData\Roaming\.omniORB_***_DESKTOP-***GFFN_2810.cfg
2023-03-05 13:28 - 2023-03-05 13:28 - 000000233 _____ () C:\Users\nikla\AppData\Roaming\.omniORB_***_DESKTOP-***GFFN_2812.cfg
2023-03-05 13:34 - 2023-03-05 13:34 - 000000233 _____ () C:\Users\nikla\AppData\Roaming\.omniORB_***_DESKTOP-***GFFN_2813.cfg
2023-03-04 19:39 - 2023-03-10 19:27 - 000000233 _____ () C:\Users\nikla\AppData\Roaming\.omniORB_***_last.cfg
2023-03-04 19:39 - 2023-03-05 14:09 - 000000104 _____ () C:\Users\nikla\AppData\Roaming\.salome_PortManager.cfg
2023-02-25 13:26 - 2023-02-25 13:26 - 000050715 _____ () C:\Users\nikla\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2022-03-27 16:59 - 2022-03-27 16:59 - 000012227 _____ () C:\Users\nikla\AppData\Roaming\Durch Trennzeichen getrennte Werte.CAL
2021-12-02 19:53 - 2022-12-16 18:36 - 000000016 _____ () C:\Users\nikla\AppData\Roaming\obs-virtualcam.txt
2023-03-10 22:18 - 2023-03-10 22:18 - 000007628 _____ () C:\Users\nikla\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu Windows 10: Passwort-Trojaner wirklich weg? |
| appdata, bedrohungen, build, bösartige, code, defender, eset, explorer, gen, gestartet, interne, internet, internet explorer, laufen, limited, loader, logfiles, malwarebytes, microsoft, openvpn, quarantäne, quick, roaming, service, webadvisor, windows, wirklich |
Baum-Darstellung