| |
| |||||||
Überwachung, Datenschutz und Spam: Hilfe wurde gehackt LiteSkinUtlis.dll, bentonite.cfgWindows 7 Fragen zu Verschlüsselung, Spam, Datenschutz & co. sind hier erwünscht. Hier geht es um Abwehr von Keyloggern oder aderen Spionagesoftware wie Spyware und Adware. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen. |
27.11.2023, 12:08
| #1 |
 |  Hilfe wurde gehackt LiteSkinUtlis.dll, bentonite.cfg Hallo, bei mir wurde aktuell alles gehackt. -Facebook, wurde ein Shop erstellt - E-Mail Adresse hatten die Täter zugriff - Disney Plus Account wurde geklaut - PayPal wurde versucht ein neues Konto zu eröffnen - Twitch.tv Account den ich seit Jahren habe wurde wegen "Boting" permanent gebannt. (Trotz 2 Faktor Anmeldung) Ich habe ESET durchlaufen lassen, leider keinen LOG erstellt, gefunden wurde: C:\Users\mickh\AppData\Roaming\msctfp\LiteSkinUtlis.dll C:\Users\mickh\AppData\Roaming\msctfp\bentonite.cfg C:\Users\mickh\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\Cache_Data\f_003e04 Ich muss sagen aus panik, habe ich einfach den Ordner "msctfp" gelöscht. Dort waren noch 3 andere .dll Dateien, die aber Eset nicht als Bedrohung erkannt hat. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
durchgeführt von mickh (Administrator) auf DESKTOP-DJCBAOB (Micro-Star International Co., Ltd MS-7C02) (27-11-2023 11:44:36)
Gestartet von C:\Users\mickh\Desktop\FRST64.exe
Geladene Profile: mickh
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3693 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.24.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe
(C:\Users\mickh\AppData\Local\Discord\app-1.0.9024\Discord.exe ->) (Discord Inc. -> Discord Inc.) C:\Users\mickh\AppData\Local\Discord\app-1.0.9024\Discord.exe <6>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (OP.GG -> OP.GG) C:\Users\mickh\AppData\Local\Programs\OP.GG\OP.GG.exe <11>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) F:\Spiele2\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) F:\Spiele\steam.exe
(F:\Spiele\steam.exe ->) (Valve Corp. -> Valve Corporation) F:\Spiele\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(F:\Spiele2\Riot Games\Riot Client\RiotClientServices.exe ->) () [Datei ist nicht signiert] F:\Spiele2\Riot Games\Riot Client\RiotClientCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVM GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\MobileBrServ\mbbService.exe
(services.exe ->) (Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (Micro-Star International Co., Ltd.) [Datei ist nicht signiert] C:\Windows\SysWOW64\MSIService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1fea8972dc2f0a69\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Tonalio GmbH -> Sandboxie-Plus.com) F:\Sandboxie-Plus\SbieSvc.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2005.23.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3684_none_7dfc270e7c9a3a0b\TiWorker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI\MSI Companion\Gamebar_Connect.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI\MSI Companion\MSI_GamebarTool.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Copyright © 2020 Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Companion\TraceFPS.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControlEngine.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(svchost.exe ->) (Tweaking LLC -> Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [13887312 2023-11-14] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [956920 2019-12-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel(R) Driver & Support Assistant -> Intel)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Xtreme Tuner] => C:\Program Files (x86)\XtremeTuner\XtremeTuner\Xtreme Tuner.exe [11388416 2020-10-15] (Galaxy Microsystems Ltd) [Datei ist nicht signiert]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-2303880426-2750029563-876241259-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2303880426-2750029563-876241259-1001\...\Run: [Steam] => F:\Spiele\steam.exe [4386664 2023-11-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2303880426-2750029563-876241259-1001\...\Run: [Discord] => C:\Users\mickh\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2303880426-2750029563-876241259-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3572488 2023-11-09] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2303880426-2750029563-876241259-1001\...\Run: [electron.app.OP.GG] => C:\Users\mickh\AppData\Local\Programs\OP.GG\OP.GG.exe [159118176 2023-11-23] (OP.GG -> OP.GG)
HKU\S-1-5-21-2303880426-2750029563-876241259-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2646120 2023-11-25] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2303880426-2750029563-876241259-1001\...\Run: [RiotClient] => F:\Spiele2\Riot Games\Riot Client\RiotClientServices.exe [70912472 2023-11-16] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-2303880426-2750029563-876241259-1001\...\Run: [MicrosoftEdgeAutoLaunch_D4CDDED664E62ECE3459927D8117DD01] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3572488 2023-11-09] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2020-01-08] (pdfforge GmbH) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe [2023-11-17] (Google LLC -> Google LLC)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {6E6A157A-9E28-4BD5-829D-BB371DAFCB1D} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {4B4C86D6-8223-4EBE-9AF6-5B080A375EC9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {6C472A98-80D8-4590-8930-0D4C7D42D8CE} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [672064 2022-12-02] (Advanced Micro Devices Inc. -> )
Task: {EFBA58ED-00C1-4AB4-AE2C-BC4B68194A9A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {185AD357-3E6C-481F-A13C-C215E2023291} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "62cb4d61-38cc-4229-8d38-4111b606bcba" --version "6.17.10746" --silent
Task: {9D75567D-6F72-4718-B757-F2E2CBAEB02A} - System32\Tasks\CCleanerSkipUAC - mickh => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F926C82C-A00E-4F6B-AF0B-38E0FD526EFB} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5340232 2023-11-26] (Microsoft Windows -> Microsoft Corporation)
Task: {FD2A448C-1F58-43D6-8CCB-1C8B97BA1942} - System32\Tasks\EXPERTool => G:\Tools\EXPERTool\TBPanel.exe /A (Keine Datei)
Task: {E9EAA1C8-D225-406A-8B5E-F18023FD612B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-12] (Google Inc -> Google Inc.)
Task: {32F941EE-5387-4C4E-ADD1-3F6F83BE78C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-12] (Google Inc -> Google Inc.)
Task: {0B2201A0-84D2-405E-8D6D-BBFCC200B3A8} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {41937148-119C-48C5-8315-B80CC18ABFE3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D434FF7E-6088-445F-89DB-7B30E21372D7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B01DCAC-7B92-449E-81CA-52C33571589B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218160 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {705D7608-5A8F-4D61-91BE-158449DAE229} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218160 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEA963DB-B28F-49C9-9B91-A0ED33003A93} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\WINDOWS\System32\unifiedconsent.dll [278016 2023-11-26] (Microsoft Windows -> Microsoft Corporation)
Task: {5CF803DD-2AA0-41CE-8463-FCD611B51AC8} - System32\Tasks\Microsoft\Windows\rempl\shell => %ProgramFiles%\rempl\sedlauncher.exe (Keine Datei)
Task: {2E38CDC6-A30C-4536-A066-88F7C999C023} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => %windir%\System32\RemoteFXvGPUDisablement.exe Disable (Keine Datei)
Task: {D697BE70-0771-4A10-901E-A6EF42A3C42E} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => %windir%\System32\RemoteFXvGPUDisablement.exe Warning (Keine Datei)
Task: {49F84A5F-BAD3-4E97-92DC-13E5DAD3F442} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D8E27D15-D6CF-48D1-B67E-8932162FCC99} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3AEACCDA-FD6B-4AFE-8791-C85F276C1301} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55FF91CA-484B-43EC-8D0A-C20F1BBF1655} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2BF23F7C-D731-4BE4-8F3D-4CBF2690A8EE} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-26] (Microsoft Windows -> Microsoft Corporation)
Task: {53339433-75AB-4DB8-834A-AE13EFF4CBE6} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {35A6D422-DBFF-4FAB-93DD-814CFBDC88A2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 854A948800049EEF => G:\Tools\Firefox\default-browser-agent.exe do-task (Keine Datei) <==== ACHTUNG
Task: {FBD41C3A-D988-4B6B-95B1-A558EEB7252E} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe Detect_Monitor (Keine Datei)
Task: {6A28B8A4-BE5E-4E83-A198-961F0972D502} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe Detect_DisplayID (Keine Datei)
Task: {633FD918-CF4D-451E-9574-2F2A186AC046} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2396792 2022-12-30] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {47251D5E-4F24-4C2C-BB19-0B05C37C6847} - System32\Tasks\MSI Task Host - MSI.True Color => "C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe" (Keine Datei)
Task: {160094AA-F8ED-4C8D-88A6-74D4DA770E90} - System32\Tasks\MSI_GamebarConnect => C:\Program Files (x86)\MSI\MSI Companion\Gamebar_Connect.exe [107128 2023-02-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {DC2979DB-2D52-4FF9-803D-305463E6489F} - System32\Tasks\MSI_GamebarTool => C:\Program Files (x86)\MSI\MSI Companion\MSI_GamebarTool.exe [111224 2023-02-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {F8B755FB-3F99-482A-826A-557CFD3496F7} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe (Keine Datei)
Task: {CAA7FBEC-BF9B-48F8-B5A9-7B02264B9D35} - System32\Tasks\MSI_TraceFPS => C:\Program Files (x86)\MSI\MSI Companion\TraceFPS.exe [2780144 2023-02-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Copyright © 2020 Micro-Star INT'L CO., LTD.)
Task: {226F7024-44E8-4348-BBF4-522099D2BA75} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {04E646BA-4FBB-4099-9812-A3B39AA6C595} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {ABD186B2-72C3-408F-8A54-319E96D3A4E1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DC0AE69B-98EE-4755-BBC6-89D9E300D6FE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7B54E61C-F964-4082-8EEF-AA0D0CF7B5AB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CE4E40D-1D90-42A8-95DA-78B489651768} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8AD0113B-7BD8-4FC8-85CC-713B366C35C7} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1CD66154-5B33-4291-93C3-33686BE2560E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F1E64C6D-6F28-4263-9E33-1080D79BB75F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B7CF763-A492-4465-8A4D-041867DA331D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3A7812AB-ED43-480A-8BED-69721DF6E247} - System32\Tasks\Overwolf Updater Task => F:\Tools\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (Keine Datei)
Task: {E0CC9D06-FCAF-44C8-9E6F-EF7092E64A42} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [220816 2019-09-30] (Tweaking LLC -> Tweaking.com)
Task: {8D2FC2DA-3166-4B50-AF02-2A47076DA19E} - System32\Tasks\WiseCleaner\WRCSkipUAC => D:\Tools\Wise Registry Cleaner\WiseRegCleaner.exe [5541464 2020-04-23] (Lespeed Technology Ltd. -> WiseCleaner.com)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{0d2168df-1dcb-467d-9d19-ba79d5953943}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{4a91f6b8-9515-4198-8c16-61ed8c01bffe}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5539dfa5-908d-46f0-9ee5-e61561c81d7c}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{76c0aa0c-12e0-439e-9636-fa7dc979df4d}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{76c0aa0c-12e0-439e-9636-fa7dc979df4d}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{f9d487e2-abff-4b93-ad8a-01c126dab682}: [DhcpNameServer] 192.168.178.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\mickh\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-27]
Edge Extension: (Google Docs Offline) - C:\Users\mickh\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-12]
Edge Extension: (Edge relevant text changes) - C:\Users\mickh\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-27]
FireFox:
========
FF DefaultProfile: iabfoo6m.default
FF ProfilePath: C:\Users\mickh\AppData\Roaming\Mozilla\Firefox\Profiles\ut1lgchu.default-release [2023-10-25]
FF ProfilePath: C:\Users\mickh\AppData\Roaming\Mozilla\Firefox\Profiles\iabfoo6m.default [2023-10-25]
FF Homepage: Mozilla\Firefox\Profiles\iabfoo6m.default -> www.google.de/
FF Notifications: Mozilla\Firefox\Profiles\iabfoo6m.default -> hxxps://openload.co; hxxps://forum.dirty-gaming.com; hxxps://www.faceit.com
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\mickh\AppData\Roaming\Mozilla\Firefox\Profiles\iabfoo6m.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2019-10-19] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (uBlock Origin) - C:\Users\mickh\AppData\Roaming\Mozilla\Firefox\Profiles\iabfoo6m.default\Extensions\uBlock0@raymondhill.net.xpi [2019-03-25]
FF Extension: (Stylish- Benutzerdef. Motive f. jede Webseite) - C:\Users\mickh\AppData\Roaming\Mozilla\Firefox\Profiles\iabfoo6m.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2018-08-19]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\mickh\AppData\Roaming\Mozilla\Firefox\Profiles\iabfoo6m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-04]
FF Extension: (Just black) - C:\Users\mickh\AppData\Roaming\Mozilla\Firefox\Profiles\iabfoo6m.default\Extensions\{e483ebf4-33ab-4007-ab70-2fc4923aed09}.xpi [2019-05-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-19] (Adobe Systems Incorporated -> )
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-19] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-04-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-04-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\mickh\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-11-27]
CHR Notifications: Profile 1 -> hxxps://pornistan.net; hxxps://www.faceit.com; hxxps://www.gevestor.de; hxxps://www.netflix.com
CHR Extension: (Slinky Vornehm) - C:\Users\mickh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2020-04-19]
CHR Extension: (uBlock Origin) - C:\Users\mickh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-11-09]
CHR Extension: (Steam Inventory Helper) - C:\Users\mickh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2023-11-23]
CHR Extension: (Google Docs Offline) - C:\Users\mickh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-18]
CHR Extension: (CSGO Trader - Steam Trading Enhancer) - C:\Users\mickh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kaibcgikagnkfgjnibflebpldakfhfih [2023-07-02]
CHR Extension: (Streamreiniger) - C:\Users\mickh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lehcglgkjkamolcflammloedahjocbbg [2023-08-14]
CHR Extension: (Twiblocker - Video adblocker) - C:\Users\mickh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mdohdkncgoaamplcaokhmlppgafhlima [2023-05-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\mickh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\mickh\AppData\Local\Google\Chrome\User Data\System Profile [2023-09-20]
Opera:
=======
OPR Profile: C:\Users\mickh\AppData\Roaming\Opera Software\Opera Stable [2023-09-20]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.de/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [254464 2017-12-15] (AVM GmbH) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9884424 2023-10-20] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233744 2023-11-08] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel(R) Driver & Support Assistant -> Intel)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11187816 2023-11-25] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-04-02] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2023-08-09] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [68720008 2023-08-16] (FACE IT LIMITED -> )
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-26] (Malwarebytes Inc. -> Malwarebytes)
R2 Micro Star SCM; C:\WINDOWS\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
R2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [245688 2019-09-29] (Huawei Technologies Co., Ltd. -> )
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [69240 2022-11-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150176 2022-08-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [34032 2022-05-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1fea8972dc2f0a69\Display.NvContainer\NVDisplay.Container.exe [1274888 2023-11-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2322352 2023-10-13] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [535984 2023-10-13] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [297736 2023-11-09] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; F:\Spiele2\Launcher\RockstarService.exe [1271280 2023-11-10] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2023-08-08] (Razer USA Ltd. -> Razer Inc.)
R2 SbieSvc; F:\Sandboxie-Plus\SbieSvc.exe [371152 2023-04-06] (Tonalio GmbH -> Sandboxie-Plus.com)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534584 2023-11-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-11-25] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-11-25] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-11-25] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1500608 2023-09-18] (SteelSeries ApS -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 EspoDriver; C:\WINDOWS\system32\drivers\EspoDriver.sys [5920568 2019-12-29] (Esportal AB -> )
R1 FACEIT; C:\Program Files\FACEIT AC\FACEIT_AC.sys [67389488 2023-08-08] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [38544 2018-12-13] (Feature Integration Technology Inc -> FINTEK Corp.)
S2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2023-10-01] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49312 2016-08-25] (ManyCam -> Visicom Media Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222784 2023-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-12-19] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2023-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [28480 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_007a; C:\WINDOWS\System32\drivers\RzDev_007a.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_007e; C:\WINDOWS\System32\drivers\RzDev_007e.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 SbieDrv; F:\Sandboxie-Plus\SbieDrv.sys [236032 2023-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Sandboxie-Plus.com)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2020-09-25] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2016-09-21] (TunnelBear, Inc. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-11-27 11:44 - 2023-11-27 11:45 - 000042235 _____ C:\Users\mickh\Desktop\FRST.txt
2023-11-27 11:44 - 2023-11-27 11:44 - 000000000 ____D C:\Users\mickh\Desktop\FRST-OlderVersion
2023-11-27 09:35 - 2023-11-27 09:35 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY.rhk
2023-11-27 09:29 - 2023-11-27 09:35 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2023-11-26 22:10 - 2023-11-26 22:10 - 107592560 _____ (AO Kaspersky Lab) C:\Users\mickh\Desktop\kvrt.exe
2023-11-26 22:07 - 2023-11-26 22:07 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-11-26 22:06 - 2023-11-26 22:06 - 000000000 ___HD C:\$WinREAgent
2023-11-25 20:26 - 2023-11-10 12:38 - 001487368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-11-25 20:26 - 2023-11-10 12:38 - 001424064 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-11-25 20:26 - 2023-11-10 12:38 - 001424064 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-11-25 20:26 - 2023-11-10 12:38 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-11-25 20:26 - 2023-11-10 12:38 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-11-25 20:26 - 2023-11-10 12:38 - 001226872 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-11-25 20:26 - 2023-11-10 12:38 - 000850512 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-11-25 20:26 - 2023-11-10 12:38 - 000850512 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-11-25 20:26 - 2023-11-10 12:38 - 000731216 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-11-25 20:26 - 2023-11-10 12:38 - 000731216 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-11-25 20:26 - 2023-11-10 12:34 - 001541256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-11-25 20:26 - 2023-11-10 12:34 - 001198200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-11-25 20:26 - 2023-11-10 12:34 - 000957960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-11-25 20:26 - 2023-11-10 12:34 - 000669712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2023-11-25 20:26 - 2023-11-10 12:34 - 000504840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2023-11-25 20:26 - 2023-11-10 12:33 - 002171000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-11-25 20:26 - 2023-11-10 12:33 - 001624712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-11-25 20:26 - 2023-11-10 12:33 - 000997512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-11-25 20:26 - 2023-11-10 12:33 - 000810104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-11-25 20:26 - 2023-11-10 12:33 - 000774280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-11-25 20:26 - 2023-11-10 12:32 - 015095416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-11-25 20:26 - 2023-11-10 12:32 - 012375160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-11-25 20:26 - 2023-11-10 12:32 - 006462600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-11-25 20:26 - 2023-11-10 12:32 - 005862520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-11-25 20:26 - 2023-11-10 12:32 - 005861000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-11-25 20:26 - 2023-11-10 12:32 - 003619960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-11-25 20:26 - 2023-11-10 12:32 - 000853112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-11-25 20:26 - 2023-11-10 12:32 - 000459384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-11-25 20:26 - 2023-11-10 03:07 - 000113883 _____ C:\WINDOWS\system32\nvinfo.pb
2023-11-23 17:59 - 2023-11-23 17:59 - 000000000 ____D C:\Users\mickh\AppData\LocalLow\Pugstorm
2023-11-23 16:31 - 2023-11-23 16:31 - 000000204 _____ C:\Users\mickh\Desktop\Core Keeper.url
2023-11-13 09:01 - 2023-11-17 09:50 - 000000000 ____D C:\Users\mickh\Desktop\Auto2
2023-11-03 20:49 - 2023-11-23 17:59 - 000000000 ____D C:\Users\mickh\AppData\Local\mod.io
2023-11-03 20:49 - 2023-11-03 20:49 - 000000000 ____D C:\Users\Public\mod.io
2023-10-29 17:52 - 2023-10-29 17:52 - 000000000 ____D C:\Users\mickh\AppData\Local\Backup
2023-10-28 12:34 - 2023-11-27 11:34 - 000000000 ____D C:\KVRT2020_Data
2023-10-28 09:26 - 2023-10-28 09:26 - 000016059 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-10-28 09:15 - 2023-10-28 09:15 - 000000000 ____D C:\ProgramData\PLUG
2023-10-28 09:05 - 2023-10-28 09:05 - 008791352 _____ (Malwarebytes) C:\Users\mickh\Desktop\adwcleaner.exe
2023-10-28 08:07 - 2023-10-28 08:07 - 000000000 ____D C:\tenorshare
2023-10-28 08:06 - 2023-10-28 08:06 - 000000000 ____D C:\Program Files (x86)\Tenorshare
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-11-27 11:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-27 11:44 - 2023-10-15 21:25 - 002383872 _____ (Farbar) C:\Users\mickh\Desktop\FRST64.exe
2023-11-27 11:44 - 2020-05-17 16:43 - 000000000 ____D C:\FRST
2023-11-27 11:43 - 2022-02-16 01:29 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-27 11:43 - 2016-11-12 14:27 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-27 11:42 - 2021-08-21 15:38 - 001722788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-27 11:42 - 2019-12-07 15:51 - 000743670 _____ C:\WINDOWS\system32\perfh007.dat
2023-11-27 11:42 - 2019-12-07 15:51 - 000150092 _____ C:\WINDOWS\system32\perfc007.dat
2023-11-27 11:42 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-27 11:36 - 2021-11-20 20:18 - 000000000 ____D C:\Users\mickh\AppData\Roaming\opgg-electron-app
2023-11-27 11:36 - 2020-10-31 17:29 - 000000000 ____D C:\Users\mickh\AppData\Roaming\discord
2023-11-27 11:36 - 2020-10-31 17:29 - 000000000 ____D C:\Users\mickh\AppData\Local\Discord
2023-11-27 11:35 - 2021-08-21 15:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-27 11:35 - 2021-08-21 15:28 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-27 11:35 - 2020-05-17 01:26 - 000000000 ____D C:\MSI
2023-11-27 11:35 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-11-27 11:35 - 2017-04-28 14:17 - 000000000 ____D C:\ProgramData\NVIDIA
2023-11-27 11:34 - 2021-08-21 15:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-27 10:13 - 2023-10-15 20:51 - 000001378 _____ C:\Users\mickh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-11-27 10:13 - 2023-10-15 20:51 - 000001272 _____ C:\Users\mickh\Desktop\ESET Online Scanner.lnk
2023-11-27 09:37 - 2023-10-15 20:52 - 000000000 ____D C:\Users\mickh\AppData\Local\Malwarebytes
2023-11-27 09:37 - 2020-08-09 22:29 - 000239576 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2023-11-27 09:35 - 2021-08-21 12:18 - 014155776 ____H C:\Users\mickh\NTUSER.bak
2023-11-27 09:35 - 2021-08-21 12:18 - 000000000 ____D C:\Users\mickh
2023-11-27 09:35 - 2019-12-07 10:03 - 117964800 _____ C:\WINDOWS\system32\config\SOFTWARE.bak
2023-11-27 09:35 - 2019-12-07 10:03 - 001572864 _____ C:\WINDOWS\system32\config\DEFAULT.bak
2023-11-27 09:35 - 2019-12-07 10:03 - 000065536 _____ C:\WINDOWS\system32\config\SAM.bak
2023-11-27 09:33 - 2023-10-16 00:02 - 000000000 ____D C:\SecurityCheck
2023-11-26 22:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-26 22:25 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-26 22:23 - 2021-08-21 15:28 - 000436336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-26 22:22 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-11-26 22:22 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-26 22:22 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-11-26 22:22 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-26 22:22 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2023-11-26 22:22 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\de
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-26 22:22 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-26 22:22 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-11-26 22:20 - 2019-12-07 15:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-11-26 22:20 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-11-26 22:20 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-11-26 22:20 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-26 22:14 - 2021-08-21 15:30 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-26 22:07 - 2020-05-17 03:00 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-11-26 22:06 - 2020-12-23 23:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-26 22:06 - 2020-05-17 02:59 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-11-26 22:06 - 2017-12-03 20:01 - 000000000 ____D C:\Program Files\Malwarebytes
2023-11-26 22:05 - 2016-09-18 11:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-26 22:03 - 2016-09-18 12:36 - 000000000 ____D C:\Users\mickh\AppData\Local\CrashDumps
2023-11-26 22:03 - 2016-09-18 11:45 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-11-25 20:29 - 2016-09-18 11:39 - 000000000 ____D C:\Users\mickh\AppData\Local\NVIDIA
2023-11-25 20:28 - 2022-11-07 18:50 - 000000000 ____D C:\Users\mickh\AppData\LocalLow\NVIDIA
2023-11-25 20:23 - 2021-08-21 15:34 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-25 20:23 - 2021-08-21 15:34 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-25 20:23 - 2021-08-21 15:34 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-25 20:23 - 2021-08-21 15:34 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-25 20:23 - 2021-08-21 15:34 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-25 20:23 - 2021-08-21 15:34 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-25 20:23 - 2021-08-21 15:34 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-25 20:23 - 2021-08-21 15:34 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-25 20:23 - 2021-08-21 15:34 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-25 20:23 - 2017-04-28 14:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-11-25 20:23 - 2017-04-28 14:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-11-25 20:23 - 2017-04-28 14:17 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-11-23 16:54 - 2018-05-27 17:21 - 000000000 ____D C:\Users\mickh\AppData\Local\D3DSCache
2023-11-23 16:40 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-23 16:35 - 2023-05-26 17:29 - 000002395 _____ C:\Users\mickh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-23 16:35 - 2021-12-12 20:30 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2303880426-2750029563-876241259-1001
2023-11-23 16:35 - 2021-08-21 15:34 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2303880426-2750029563-876241259-1001
2023-11-19 21:32 - 2017-11-05 17:47 - 000000000 ____D C:\ProgramData\Riot Games
2023-11-19 17:04 - 2017-03-08 18:11 - 000000000 ____D C:\Temp
2023-11-19 16:58 - 2020-12-24 22:01 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-17 22:18 - 2016-11-13 16:58 - 000000000 ____D C:\Users\mickh\AppData\Local\Battle.net
2023-11-17 20:50 - 2016-09-18 12:46 - 000000000 ____D C:\Users\mickh\AppData\Local\Steam
2023-11-17 09:59 - 2023-09-16 18:25 - 000263784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll
2023-11-17 09:59 - 2022-10-26 18:09 - 000095848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-11-17 09:59 - 2022-10-26 18:09 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-11-17 09:59 - 2020-04-19 02:40 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-11-17 09:59 - 2019-10-26 16:33 - 002758248 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-11-17 09:58 - 2021-11-19 20:37 - 000190056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-11-17 09:58 - 2019-12-14 22:02 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-11-17 09:58 - 2019-10-26 16:33 - 000210536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-11-17 09:47 - 2021-08-10 18:51 - 000000000 ____D C:\Users\mickh\AppData\Roaming\steelseries-gg-client
2023-11-17 09:47 - 2016-11-12 14:27 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-16 08:51 - 2016-10-06 19:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-11-16 08:48 - 2021-08-21 15:34 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-11-16 08:47 - 2023-02-17 19:21 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-11-16 08:47 - 2022-10-12 17:09 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-11-16 08:41 - 2021-08-21 15:34 - 000003938 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-11-16 08:41 - 2021-08-21 15:34 - 000003814 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-11-16 08:35 - 2020-10-31 17:29 - 000002227 _____ C:\Users\mickh\Desktop\Discord.lnk
2023-11-11 14:24 - 2023-09-05 20:23 - 000000118 _____ C:\Users\mickh\Desktop\Neues Textdokument (5).txt
2023-11-10 21:47 - 2017-03-19 00:08 - 000000000 ____D C:\Program Files\Rockstar Games
2023-11-10 21:47 - 2017-03-19 00:08 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2023-11-10 20:16 - 2016-09-18 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2023-11-10 12:31 - 2022-12-11 23:10 - 007866472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-11-10 12:30 - 2022-12-11 23:10 - 006745880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-11-08 22:48 - 2023-10-15 16:42 - 000000034 _____ C:\Users\mickh\Desktop\Neues Textdokument (7).txt
2023-11-08 15:54 - 2023-05-10 16:34 - 000000000 ____D C:\Users\mickh\Desktop\Auto
2023-11-07 20:51 - 2018-03-03 16:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-05 18:57 - 2023-02-07 19:54 - 000000000 ____D C:\Users\mickh\Desktop\Neuer Ordner (3)
2023-11-05 18:15 - 2016-10-06 19:54 - 000000000 ____D C:\Users\mickh\AppData\Roaming\Microsoft\Word
2023-11-05 00:13 - 2017-12-03 17:13 - 000000000 ____D C:\Users\mickh\AppData\Local\Packages
2023-11-04 23:44 - 2017-07-08 18:34 - 000000000 ____D C:\Users\mickh\AppData\Roaming\Microsoft\Excel
2023-11-03 20:49 - 2017-01-20 14:35 - 000000000 ____D C:\Users\mickh\AppData\Local\Ubisoft Game Launcher
2023-11-02 05:00 - 2018-08-05 17:35 - 002905128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2023-11-02 05:00 - 2018-08-05 17:35 - 002235944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2023-11-02 05:00 - 2018-08-05 17:35 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2023-11-02 04:33 - 2020-12-10 21:37 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2023-11-02 04:33 - 2020-12-10 21:37 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2023-10-29 22:17 - 2022-04-12 19:52 - 000000000 ____D C:\Users\mickh\Documents\Anno 1800
2023-10-28 11:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-28 09:13 - 2021-08-21 11:47 - 000000000 ____D C:\Program Files\ruxim
2023-10-28 09:10 - 2022-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\SteelSeries
2023-10-28 09:10 - 2018-05-09 20:36 - 000000000 ____D C:\ProgramData\Epic
2023-10-28 09:08 - 2021-12-23 01:10 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2023-10-28 08:07 - 2017-03-28 17:19 - 000000000 ____D C:\Program Files\DIFX
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-01-30 05:25 - 2021-01-30 05:25 - 000000048 ____H () C:\Program Files (x86)\ib6u2xlgf1.dat
2023-08-09 17:40 - 2023-10-27 22:59 - 000000170 _____ () C:\Users\mickh\AppData\Roaming\BattleBitConfig.ini
2019-12-30 01:34 - 2019-12-30 02:00 - 000003606 _____ () C:\Users\mickh\AppData\Roaming\vibranceGUI.log
2020-01-08 09:39 - 2020-01-08 09:39 - 000001252 _____ () C:\Users\mickh\AppData\Local\recently-used.xbel
2019-09-27 19:18 - 2022-12-19 19:37 - 000007600 _____ () C:\Users\mickh\AppData\Local\Resmon.ResmonCfg
2017-03-31 23:33 - 2017-03-31 23:35 - 000000178 _____ () C:\Users\mickh\AppData\Local\uts.ini
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu Hilfe wurde gehackt LiteSkinUtlis.dll, bentonite.cfg |
| administrator, adobe, defender, e-mail, firefox, geforce, google, hacked, homepage, internet, kaspersky, log, microsoft, mozilla, nvidia, ordner, prozesse, realtek, registry, rundll, scan, software, svchost.exe, system, trojaner, usb, windows |
Baum-Darstellung