Dann ist es ja gut, dass ein kompetenteres paar Augen drüber schaut:D
Ich habe alles durchgeführt und zumindest die Symptomatik ist verschwunden. Danke dafür!:)
Die Log Dateien sind die Folgenden:
MBAM: Code:
Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 21.07.21
Scan-Zeit: 23:52
Protokolldatei: ec4d02ba-ea6d-11eb-ab6e-98bb1e1d69f4.json
-Softwaredaten-
Version: 4.4.3.125
Komponentenversion: 1.0.1387
Version des Aktualisierungspakets: 1.0.43350
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19042.1110)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-Q3MNRB0\linus
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 380279
Erkannte Bedrohungen: 20
In die Quarantäne verschobene Bedrohungen: 20
Abgelaufene Zeit: 3 Min., 23 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 4
PUP.Optional.QwebDe.ShrtCln, HKU\S-1-5-21-997980146-2164132211-2955602233-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GIMP Updater, In Quarantäne, 4072, 728125, , , , , ,
PUP.Optional.Websuche, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Websuche.exe, In Quarantäne, 6912, 466478, 1.0.43350, , ame, , ,
PUP.Optional.StartPage.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Websuche, In Quarantäne, 4049, 462929, 1.0.43350, , ame, , ,
PUP.Optional.Websuche, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Websuche.exe, In Quarantäne, 6912, 466478, 1.0.43350, , ame, , ,
Registrierungswert: 1
PUP.Optional.QwebDe.ShrtCln, HKU\S-1-5-21-997980146-2164132211-2955602233-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GIMP Updater, In Quarantäne, 4072, 728125, , , , , ,
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 2
PUP.Optional.QwebDe.ShrtCln, C:\USERS\LINUS\APPDATA\ROAMING\GIMP UPDATER, In Quarantäne, 4072, 728125, 1.0.43350, , ame, , ,
PUP.Optional.Linkury, C:\USERS\LINUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, In Quarantäne, 263, 455233, , , , , ,
Datei: 13
PUP.Optional.QwebDe.ShrtCln, C:\USERS\LINUS\APPDATA\ROAMING\GIMP UPDATER\GIMP.ICO, In Quarantäne, 4072, 728125, 1.0.43350, , ame, , 3A502781380607A40C507EB316BB5D96, 9165E8721AC00B0E2235F018181B2383F42BA1451B8365A918BDFC82F6E0B63E
PUP.Optional.QwebDe.ShrtCln, C:\Users\linus\AppData\Roaming\GIMP Updater\uninst.exe, In Quarantäne, 4072, 728125, , , , , BA40B063B7C51AF1C254ED18B32DC86E, 18459F7E2F32D68075172F190E8B6F91D058A6DB225CE8E8C4392B5F6D0FDA85
PUP.Optional.QwebDe.ShrtCln, C:\Users\linus\AppData\Roaming\GIMP Updater\Updater.exe, In Quarantäne, 4072, 728125, , , , , 18774F18676445FA0B85BEC3037F9CF4, 9646873526A4F5C05267EDBA8D88D6651107B9E67DA6C45D0D3370C49A1E95BE
PUP.Optional.ChipDe, C:\$RECYCLE.BIN\S-1-5-21-997980146-2164132211-2955602233-1002\$RHFXFS7.EXE, In Quarantäne, 633, 557991, 1.0.43350, , ame, , 53EA1BA86FA87309A2F4CC82C1759892, FAC9606802AD2BFBD5B9C9D6CCC5577872650C16C49BFD23AFE4D460DA402426
PUP.Optional.Linkury, C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, In Quarantäne, 263, 455233, , , , , 40595E535E2944723F01490563D97F4C, 47A074837C090BD571A09520AD9E0D2978DE8811876977C8B6945453B77AA589
PUP.Optional.Linkury, C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001961.log, In Quarantäne, 263, 455233, , , , , FC1541C79C6883F95070C884F830AD0F, 5A33874F92B3B87F3B19CB5268CF27917A12FDAB9567678F54EF0E2B247C9FED
PUP.Optional.Linkury, C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001963.ldb, In Quarantäne, 263, 455233, , , , , 8D50BBD8B7B5440D3886B2B7525A3794, EEF87A3A86803B955679C5F69B180DA1E62D4883F29B4395DA22872636A47BAE
PUP.Optional.Linkury, C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, In Quarantäne, 263, 455233, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Linkury, C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, In Quarantäne, 263, 455233, , , , , ,
PUP.Optional.Linkury, C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, In Quarantäne, 263, 455233, , , , , 9A1FB81142ED54469DD9925D0A3B1902, EF524A2C1DDF3A4B70362C10FCF13AB875C81C3C7AB38F8C4B6625A2FB111C05
PUP.Optional.Linkury, C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, In Quarantäne, 263, 455233, , , , , 03194C86F74DBA74677B7531EBFB08E6, 2127FF2F0B87DD76A91CD2CDAEF07D7E4C83E2BD9AB14318584B012E9CCCB55A
PUP.Optional.Linkury, C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, In Quarantäne, 263, 455233, , , , , 1D4CF2392909BEB634BE09EE02A4A40F, 24503F21BFA5A4417F4C0856272BC9F8F3C6450A072715EF7EBDD59AA867BAD6
PUP.Optional.Linkury, C:\USERS\LINUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Ersetzt, 263, 455233, 1.0.43350, , ame, , 9CCA423474AD7180BDE102121A4D6AC7, E7EE5F146C6376A97B6BB65F5CB91A1CBFA21AFBCD5E27A3B64E17D2DF48E3F6
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end) AdwCleaner: Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-06-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-22-2021
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Browser Files
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\GIMP Updater
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|GIMP Updater
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted AVG Secure Search
Deleted AVG Secure Search
Deleted Websuche
Deleted hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb3cPXZ_Us_hWh_QUAuKDXpTxzMhF1bAbTzesskK_kIQ15KmaMaKF3ETIae0_HSpuSyT04-EQ30dB_5GC4w7LL0xckudX2bjirxGfBN7IR260LOfyKWXGwe05iZFy26l3olQEVzn6WxyNAFZUCY5DyH6I1ydc71eQ,,
Deleted hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb3cPXZ_Us_hWh_QUAuKDXpTxzMhF1bAbTzesskK_kIQ15KmaMaKF3ETIae0_HSpuSyT04-EQ30dB_5GC4w7LL0xckudX2bjirxGfBN7IR260LOfyKWXGwe05iZFy26l3olQEVzn6WxyNAFZUCY5DyH6I1ydc71eQ,,
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2266 octets] - [22/07/2021 00:11:13]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## FRST: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01
durchgeführt von linus (Administrator) auf DESKTOP-Q3MNRB0 (Razer Blade 15 Base Model (Early 2020) - RZ09-0328) (22-07-2021 00:17:01)
Gestartet von C:\Users\linus\Downloads
Geladene Profile: linus
Platform: Windows 10 Home Version 20H2 19042.1110 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.1.0.5629\AdskLicensingService\AdskLicensingService.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvrzi.inf_amd64_ae70493596f75577\Display.NvContainer\NVDisplay.Container.exe <2>
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SEDService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SSPService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1082144 2020-04-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2019-11-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1525528 2021-03-19] (Sophos Ltd -> Sophos Limited)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1706224 2021-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-997980146-2164132211-2955602233-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\linus\AppData\Local\Microsoft\Teams\Update.exe [2454200 2021-06-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-997980146-2164132211-2955602233-1002\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3519096 2021-07-10] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-997980146-2164132211-2955602233-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-03-23] (Valve -> Valve Corporation)
HKU\S-1-5-21-997980146-2164132211-2955602233-1002\...\Run: [sciebo] => C:\Program Files\sciebo\sciebo.exe [3086680 2021-02-10] (ownCloud GmbH -> Hochschulcloud NRW)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3519096 2021-07-10] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.107\Installer\chrmstp.exe [2021-07-21] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\XTimeWiseServer.lnk [2021-04-19]
ShortcutTarget: XTimeWiseServer.lnk -> C:\Program Files (x86)\DIE\TimeWise\XTimeWiseServer.exe (D.I.E. CAD und Statik Software GmbH) [Datei ist nicht signiert]
Startup: C:\Users\linus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2021-07-20]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\linus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2021-03-23]
ShortcutTarget: GenuineService.lnk -> C:\Users\linus\Autodesk\Genuine Service\GenuineService.exe (Keine Datei)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0200F487-21A4-4D56-A851-8E5EDC122792} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E188D43-35DB-4882-9920-257B2AB711FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {136DF2F7-462D-409B-9E4B-D3F7F9300DE3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {1559A3B3-FD97-4A78-A3B6-D4A3C1412146} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2D22E955-0A44-45E6-9FAB-D8D64B553230} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23182224 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F38B51E-F355-4273-B507-F496CF8F6E19} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5311392 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BD453F8-65A8-447B-B407-BE6BD9C85E45} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {506BD0D6-10E9-48D0-BE52-6F20226AEBE4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {544DF84A-0677-4700-BA40-35606FFDDCFE} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-997980146-2164132211-2955602233-1002 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {6C4F93A4-3071-4302-A52C-5EC85D4AD4DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-18] (Google LLC -> Google LLC)
Task: {7E1C72D4-C03E-42C3-9781-B9AA820C5088} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-18] (Google LLC -> Google LLC)
Task: {88084ADB-4DD5-44F5-9C81-5DD33B5AAC54} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23182224 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {92A28E38-F4DE-4FFC-A282-B3CB4E3A6C83} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A1ADDBD7-69C8-42CE-90BF-B37408665948} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A4FCC56D-A3EA-4C72-BD0A-1339BF751500} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BC789F9A-AA33-4BA7-9F89-A9D9BBBA256C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB49E8B6-A719-4766-B347-4C88E26A350E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F6A2A528-5875-4D70-9E14-0F9FD7D00CE7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB70050B-2331-4864-9F38-F9EBFB16A731} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC673E59-74A5-40FC-84EE-934002C60DEE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5311392 2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0bdb3f89-d787-42d1-9b96-38c6c5d57e97}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{77db572b-d9d3-4ee3-b0c5-40d05fa6f344}: [DhcpNameServer] 192.168.157.254
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\linus\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-03]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-07-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-07-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default [2021-07-22]
CHR Notifications: Default -> hxxps://calendar.google.com
CHR HomePage: Default -> hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb3cPXZ_Us_hWh_QUAuKDXpTxzMhF1bAbTzesskK_kIQ15KmaMaKF3ETIae0_HSpuSyT04-EQ30dB_5GC4w7LL0xckudX2bjirxGfBN7IR260LOfyKWXGwe05iZFy26l3olQEVzn6WxyNAFZUCY5DyH6I1ydc71eQ,,
CHR StartupUrls: Default -> "hxxps://calendar.google.com/calendar/r/week","hxxps://keep.google.com/u/0/#search/color%253Dorange"
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Präsentationen) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-18]
CHR Extension: (Docs) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-18]
CHR Extension: (Google Drive) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-18]
CHR Extension: (YouTube) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-18]
CHR Extension: (Chrome Remote Desktop) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2021-03-18]
CHR Extension: (Dark Reader) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2021-07-07]
CHR Extension: (Volume Booster) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkiikneibegknkgimmihdpcbcedgmpo [2021-03-18]
CHR Extension: (Dashlane - Passwort-Manager) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2021-07-15]
CHR Extension: (Tabellen) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-18]
CHR Extension: (Google Docs Offline) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-06-25]
CHR Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2021-07-20]
CHR Extension: (DF Tube (Distraction Free for YouTube™)) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepdfccjgcndkmemponafgioodelna [2021-03-19]
CHR Extension: (Video Speed Controller) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk [2021-03-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-18]
CHR Extension: (Citavi Picker) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2021-04-19]
CHR Extension: (Red Bull TV) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbalkogcfbpplioohgihkidalmomblfc [2021-03-19]
CHR Extension: (Google Mail) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-18]
CHR Extension: (Chrome Media Router) - C:\Users\linus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-21]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-11] (Autodesk, Inc. -> Autodesk Inc.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18099056 2021-05-07] (Autodesk, Inc. -> Autodesk)
S2 BaustatikUpdateService.exe; C:\WINDOWS\BaustatikUpdateService.exe [332288 2021-04-19] (D.I.E. Software GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9056672 2021-07-08] (Microsoft Corporation -> Microsoft Corporation)
S2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_ea4acce9a2fdda82\DAX3API.exe [1903776 2019-12-31] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-07-21] (Malwarebytes Inc -> Malwarebytes)
S2 mitsijm2020; C:\Program Files\Autodesk\Inventor 2020\Moldflow\bin\mitsijm.exe [844088 2019-01-31] (Autodesk, Inc. -> Autodesk, Inc.)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1134616 2021-04-28] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [321560 2021-04-13] (Razer USA Ltd. -> Razer Inc.)
S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-03-22] (Razer USA Ltd. -> Razer Inc)
S2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294520 2021-07-09] (Razer USA Ltd. -> Razer Inc.)
S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533808 2021-01-29] (Razer USA Ltd. -> Razer Inc.)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [308056 2021-04-28] (Sophos Ltd -> Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [216672 2021-04-28] (Sophos Ltd -> Sophos Limited)
R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe [4927592 2021-03-19] (Sophos Ltd -> Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [767288 2021-03-19] (Sophos Ltd -> Sophos Limited)
R2 Sophos Endpoint Defense Service; C:\Program Files\Sophos\Endpoint Defense\SEDService.exe [3560208 2021-03-19] (Sophos Ltd -> Sophos Limited)
R2 Sophos System Protection Service; C:\Program Files\Sophos\Endpoint Defense\SSPService.exe [11330656 2021-03-19] (Sophos Ltd -> Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [351336 2021-03-19] (Sophos Ltd -> Sophos Limited)
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [483680 2021-04-28] (Sophos Ltd -> Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3608056 2021-04-28] (Sophos Ltd -> Sophos Limited)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 cphs; %SystemRoot%\System32\IntelCpHeciSvc.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvrzi.inf_amd64_ae70493596f75577\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvrzi.inf_amd64_ae70493596f75577\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2020-02-19] (AnchorFree Inc -> The OpenVPN Project)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-07-21] (Malwarebytes Inc -> Malwarebytes)
R3 iaLPSS2_UART2_CNL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_cnl.inf_amd64_df1115697e57a59a\iaLPSS2_UART2_CNL.sys [305928 2020-05-15] (Intel Corporation -> Intel Corporation)
R3 iriuna0; C:\WINDOWS\system32\drivers\iriuna0.sys [46976 2021-04-06] (Iriun Oy -> Windows (R) Win 7 DDK provider)
R3 iriunvid; C:\WINDOWS\System32\DriverStore\FileRepository\iriunvid.inf_amd64_1abe69abaf98b7f7\iriunvid.sys [157568 2021-05-01] (Iriun Oy -> Windows (R) Win 7 DDK provider)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-21] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-07-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-07-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-07-21] (Malwarebytes Inc -> Malwarebytes)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0255; C:\WINDOWS\System32\drivers\RzDev_0255.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R1 SAVOnAccess; C:\WINDOWS\System32\DRIVERS\savonaccess.sys [216280 2021-03-19] (Sophos Ltd -> Sophos Limited)
S3 sdcfilter; C:\WINDOWS\system32\DRIVERS\sdcfilter.sys [38144 2021-03-19] (Sophos Limited -> Sophos Limited)
R1 sntp; C:\WINDOWS\system32\DRIVERS\sntp.sys [227152 2021-03-19] (Sophos Ltd -> Sophos Limited)
S0 Sophos ELAM; C:\WINDOWS\System32\DRIVERS\SophosEL.sys [22152 2021-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Sophos Limited)
R0 Sophos Endpoint Defense; C:\WINDOWS\System32\DRIVERS\SophosED.sys [1246792 2021-03-19] (Sophos Ltd -> Sophos Limited)
S4 SophosBootDriver; C:\WINDOWS\system32\DRIVERS\SophosBootDriver.sys [45840 2021-03-19] (Sophos Limited -> Sophos Limited)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 swi_callout; C:\WINDOWS\system32\DRIVERS\swi_callout.sys [47760 2021-03-19] (Sophos Limited -> Sophos Limited)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74048 2021-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420072 2021-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-07-22 00:10 - 2021-07-22 00:14 - 000000000 ____D C:\AdwCleaner
2021-07-21 23:59 - 2021-07-21 23:59 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-07-21 23:59 - 2021-07-21 23:59 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-07-21 23:59 - 2021-07-21 23:59 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-07-21 23:51 - 2021-07-21 23:53 - 000000000 ____D C:\Users\linus\AppData\LocalLow\IGDump
2021-07-21 23:50 - 2021-07-21 23:50 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-07-21 23:50 - 2021-07-21 23:50 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-07-21 23:50 - 2021-07-21 23:50 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-07-21 23:50 - 2021-07-21 23:50 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-07-21 23:50 - 2021-07-21 23:50 - 000000000 ____D C:\Users\linus\AppData\Local\mbam
2021-07-21 23:50 - 2021-07-21 23:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-07-21 23:50 - 2021-07-21 23:49 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-07-21 23:50 - 2021-07-21 23:49 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-07-21 23:49 - 2021-07-21 23:49 - 000000000 ____D C:\Program Files\Malwarebytes
2021-07-21 16:49 - 2021-07-21 16:49 - 000060732 _____ C:\Users\linus\Downloads\Shortcut.txt
2021-07-21 16:47 - 2021-07-21 16:49 - 000079841 _____ C:\Users\linus\Downloads\Addition.txt
2021-07-21 16:46 - 2021-07-22 00:17 - 000027811 _____ C:\Users\linus\Downloads\FRST.txt
2021-07-21 16:17 - 2021-07-21 16:17 - 000000000 ____D C:\Users\linus\Downloads\FRST-OlderVersion
2021-07-21 16:16 - 2021-07-22 00:17 - 000000000 ____D C:\FRST
2021-07-21 16:16 - 2021-07-21 16:17 - 002300416 _____ (Farbar) C:\Users\linus\Downloads\FRST64.exe
2021-07-19 18:55 - 2021-06-03 15:56 - 000043408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-07-15 20:04 - 2021-07-15 20:04 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-15 20:04 - 2021-07-15 20:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-15 20:04 - 2021-07-15 20:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-15 20:04 - 2021-07-15 20:04 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-15 20:04 - 2021-07-15 20:04 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-15 20:03 - 2021-07-15 20:03 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-12 18:14 - 2021-07-12 18:14 - 000164640 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-07-12 18:14 - 2021-07-12 18:14 - 000000000 ____D C:\Users\linus\AppData\Roaming\Sun
2021-07-12 18:14 - 2021-07-12 18:14 - 000000000 ____D C:\Users\linus\AppData\LocalLow\Sun
2021-07-12 18:14 - 2021-07-12 18:14 - 000000000 ____D C:\ProgramData\Oracle
2021-07-12 18:14 - 2021-07-12 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-07-12 18:14 - 2021-07-12 18:14 - 000000000 ____D C:\Program Files (x86)\Java
2021-07-09 09:55 - 2021-07-09 09:55 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-09 09:55 - 2021-07-09 09:55 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-09 09:54 - 2021-07-09 09:54 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-09 09:54 - 2021-07-09 09:54 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-09 09:54 - 2021-07-09 09:54 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-09 09:54 - 2021-07-09 09:54 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-09 09:54 - 2021-07-09 09:54 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-09 09:54 - 2021-07-09 09:54 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-09 09:54 - 2021-07-09 09:54 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-09 09:54 - 2021-07-09 09:54 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-07 11:36 - 2021-07-07 11:36 - 000085352 _____ C:\Users\linus\Downloads\Aufklärungsmerkblatt.pdf
2021-07-07 11:36 - 2021-07-07 11:36 - 000059517 _____ C:\Users\linus\Downloads\Anamnese_Einwilligung.pdf
2021-07-05 14:12 - 2021-07-05 14:12 - 000228168 _____ C:\Users\linus\Downloads\Testergebnis.pdf
2021-07-04 01:54 - 2021-07-04 01:54 - 000001365 _____ C:\Users\Public\Desktop\Autodesk Desktop-App.lnk
2021-07-02 15:27 - 2021-07-02 15:28 - 000000000 ____D C:\Users\linus\Downloads\mujoco200_win64
2021-07-01 00:36 - 2021-07-01 00:36 - 000000000 ____D C:\Users\linus\AppData\Local\Sophos
2021-06-30 18:23 - 2021-06-30 18:23 - 000000000 ____D C:\Users\linus\AppData\Roaming\DataRecommendations
2021-06-30 18:23 - 2021-06-30 18:23 - 000000000 ____D C:\Users\linus\AppData\Local\Microsoft_Corporation
2021-06-28 12:23 - 2021-06-28 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Siemens NX 11.0
2021-06-27 22:00 - 2021-06-27 22:02 - 000000000 ____D C:\Users\linus\AppData\Roaming\FileZilla
2021-06-27 22:00 - 2021-06-27 22:01 - 000000000 ____D C:\Users\linus\AppData\Local\FileZilla
2021-06-27 21:59 - 2021-06-27 21:59 - 000000000 ____D C:\Users\linus\Downloads\Filezilla354
2021-06-27 21:54 - 2021-07-21 23:19 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{36F47899-A2C0-4030-A10A-75312ACCB60F}
2021-06-27 21:45 - 2021-04-28 11:51 - 000313312 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2021-06-27 21:44 - 2021-06-27 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2021-06-25 14:55 - 2021-06-25 14:55 - 000006484 _____ C:\Users\linus\Downloads\Ergebnisbericht (3).pdf
2021-06-24 13:54 - 2021-06-24 13:54 - 010399762 _____ C:\Users\linus\Downloads\61206208-MIT.pdf
2021-06-23 14:13 - 2021-06-23 14:13 - 042455674 _____ C:\Users\linus\Downloads\paper.pdf
2021-06-23 13:03 - 2021-06-23 13:03 - 000000000 ____D C:\Users\linus\Downloads\koenigsegg-logo-and-keychain
2021-06-22 15:29 - 2021-06-22 15:30 - 024078131 _____ C:\Users\linus\Downloads\19930083500.pdf
2021-06-22 10:28 - 2021-06-22 10:28 - 000021539 _____ C:\Users\linus\Downloads\2014-0008 (1).pdf
2021-06-22 10:10 - 2021-06-22 10:10 - 000111146 _____ C:\Users\linus\Downloads\Testeinladung.pdf
2021-06-22 10:04 - 2021-06-22 10:04 - 000006480 _____ C:\Users\linus\Downloads\Ergebnisbericht (2).pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-07-22 00:14 - 2021-03-23 12:36 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-22 00:07 - 2021-04-09 11:22 - 001632024 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-22 00:07 - 2019-12-07 16:50 - 000708788 _____ C:\WINDOWS\system32\perfh007.dat
2021-07-22 00:07 - 2019-12-07 16:50 - 000143030 _____ C:\WINDOWS\system32\perfc007.dat
2021-07-22 00:07 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-22 00:03 - 2021-03-23 00:11 - 000000000 ____D C:\ProgramData\Autodesk
2021-07-22 00:03 - 2021-03-21 22:19 - 000000000 ____D C:\Users\linus\AppData\Roaming\sciebo
2021-07-22 00:03 - 2021-03-18 22:16 - 000000000 ___RD C:\Users\linus\OneDrive
2021-07-22 00:02 - 2021-03-18 22:21 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-22 00:02 - 2021-03-18 22:14 - 000000000 __SHD C:\Users\linus\IntelGraphicsProfiles
2021-07-21 23:59 - 2021-04-09 11:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-21 23:59 - 2021-04-09 11:12 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-21 23:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-07-21 23:59 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-21 23:58 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-07-21 23:57 - 2021-03-23 12:27 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-21 23:50 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-07-21 23:45 - 2021-04-09 11:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-21 22:17 - 2021-04-09 11:19 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-997980146-2164132211-2955602233-1002
2021-07-21 22:17 - 2021-04-09 11:13 - 000002395 _____ C:\Users\linus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-21 16:12 - 2021-06-08 16:39 - 000000000 ____D C:\Users\linus\OneDrive\Dokumente\Outlook-Dateien
2021-07-21 16:08 - 2021-03-18 22:22 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-21 10:35 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-21 10:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-20 22:24 - 2021-03-18 22:14 - 000000000 ____D C:\Users\linus\AppData\Local\Packages
2021-07-20 13:33 - 2021-04-12 15:43 - 000000000 ____D C:\Users\linus\AppData\Local\Deployment
2021-07-19 19:00 - 2021-03-19 02:15 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-19 18:56 - 2021-02-02 08:01 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-07-19 18:55 - 2021-04-09 11:19 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-19 18:55 - 2021-04-09 11:19 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-19 18:55 - 2021-04-09 11:19 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-19 18:55 - 2021-04-09 11:19 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-19 18:55 - 2021-04-09 11:19 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-19 18:55 - 2021-04-09 11:19 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-19 18:55 - 2021-04-09 11:19 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-19 18:55 - 2021-04-09 11:19 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-19 18:55 - 2021-04-09 11:19 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-19 18:55 - 2021-04-09 11:19 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-19 18:55 - 2021-03-23 12:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-07-19 18:55 - 2021-02-02 08:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-07-16 15:21 - 2021-03-23 13:03 - 000000000 ____D C:\Users\linus\AppData\Local\CrashDumps
2021-07-16 00:32 - 2021-04-09 11:19 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-16 00:32 - 2021-04-09 11:19 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-16 00:10 - 2021-04-09 11:12 - 000577096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-16 00:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-16 00:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-16 00:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-16 00:08 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-15 20:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-15 19:58 - 2021-02-02 08:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-15 19:55 - 2021-02-02 08:18 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-15 15:06 - 2021-06-14 11:04 - 000002254 ____H C:\Users\linus\OneDrive\Dokumente\Default.rdp
2021-07-15 15:06 - 2019-12-07 16:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-07-15 13:00 - 2021-03-19 14:17 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-15 09:26 - 2021-03-19 02:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-07-12 22:39 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-12 22:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-12 22:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-12 22:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-12 22:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-12 22:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-12 22:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-12 22:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-08 18:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-07-07 16:06 - 2021-04-19 18:02 - 000000000 ____D C:\Users\linus\OneDrive\Dokumente\Citavi 6
2021-07-06 21:29 - 2021-03-18 22:16 - 000000000 ____D C:\Users\linus\AppData\Local\PlaceholderTileLogoFolder
2021-07-04 01:54 - 2021-03-23 00:23 - 000000000 ____D C:\Users\linus\Autodesk
2021-07-02 15:30 - 2021-03-21 22:21 - 000000000 ____D C:\Users\linus\Eigene Datein
2021-06-29 23:44 - 2021-04-13 11:46 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d72d21272582a5
2021-06-29 23:44 - 2021-04-09 11:19 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-29 17:36 - 2021-03-31 11:06 - 000000000 ____D C:\Users\linus\AppData\Roaming\Code
2021-06-29 11:28 - 2021-03-19 01:56 - 000002364 _____ C:\Users\linus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-06-28 12:58 - 2021-03-19 16:20 - 000000000 ____D C:\Users\linus\AppData\Local\Siemens
2021-06-28 12:18 - 2021-03-19 16:14 - 000000000 ____D C:\Program Files\Siemens
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-05-05 09:19 - 2021-05-05 09:19 - 000007073 _____ () C:\Users\linus\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ======================== |