passt es so? FRST Logfile: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2021
durchgeführt von kaibe (Administrator) auf DESKTOP-FAM83KL (Microsoft Corporation Surface Book 2) (02-10-2021 21:01:02)
Gestartet von C:\Users\kaibe\Desktop
Geladene Profile: kaibe
Platform: Windows 10 Pro Version 20H2 19042.1237 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.8.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(Firebit OU -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\64jp8682.inf_amd64_ea97e317d6be70ec\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\64jp8682.inf_amd64_ea97e317d6be70ec\IntelCpHeciSvc.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> ColorPickerUI) C:\Program Files\PowerToys\modules\ColorPicker\ColorPickerUI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.14430.20234\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerLauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\kaibe\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> PowerToys.Awake) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmsoi.inf_amd64_c28930fcde990595\Display.NvContainer\NVDisplay.Container.exe <2>
(Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm.inf_amd64_7d200f2580ecd8a5\RtkAudUService64.exe <2>
(voidtools -> voidtools) C:\Program Files\Everything\Everything.exe
(Wox) [Datei ist nicht signiert] C:\Users\kaibe\AppData\Local\Wox\app-1.4.1196\Wox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SurfaceDTX.exe] => C:\WINDOWS\System32\SurfaceDTX.exe [808976 2019-08-07] (Microsoft Corporation -> )
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [openvpn-gui] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [684160 2018-04-26] () [Datei ist nicht signiert]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-09-09] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\hdxsstm.inf_amd64_7d200f2580ecd8a5\RtkAudUService64.exe [835680 2020-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2237256 2020-03-13] (voidtools -> voidtools)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [483976 2020-08-13] (Geek Software GmbH -> Geek Software GmbH)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-10] (Adobe Inc. -> )
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3091136 2020-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2020-05-13] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-22] (Kilonova LLC -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2021-07-05] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5267168 2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\kaibe\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-09-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [Spotify] => C:\Users\kaibe\AppData\Roaming\Spotify\Spotify.exe [23360232 2020-10-01] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [Discord] => C:\Users\kaibe\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\kaibe\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-09-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5397216 2021-09-25] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\kaibe\AppData\Local\WebEx\CiscoWebExStart.exe [4693832 2021-09-18] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [2683200 2021-06-24] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\Run: [Wox] => C:\Users\kaibe\AppData\Local\Wox\app-1.4.1196\Wox.exe [218112 2021-07-19] (Wox) [Datei ist nicht signiert]
HKU\S-1-5-21-3593820219-2832368027-3012111108-1001\...\MountPoints2: {69dd3440-08ad-11ec-970f-70bc1080f115} - "F:\OnePlus_setup.exe" /s
HKLM\...\Providers\Internet Print Provider: inetpp.dll
HKLM\...\Providers\LanMan Print Services: win32spl.dll
HKLM\...\Windows x64\Print Processors\Canon MX470 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDC2.DLL [30208 2013-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: AdobePDF.dll
HKLM\...\Print\Monitors\Appmon: AppMon.dll
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX470 series: CNCALC2.DLL
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX470 series: CNMLMC2.DLL
HKLM\...\Print\Monitors\HP C511 Status Monitor: hpinkstsC511LM.dll
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4500 series): HPDiscoPMC511.dll
HKLM\...\Print\Monitors\KM Language Monitor: KMPJL64.DLL
HKLM\...\Print\Monitors\KX Language Monitor: KXPLM64.DLL
HKLM\...\Print\Monitors\Local Port: localspl.dll
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: FXSMON.DLL
HKLM\...\Print\Monitors\Standard TCP/IP Port: tcpmon.dll
HKLM\...\Print\Monitors\USB Monitor: usbmon.dll
HKLM\...\Print\Monitors\WSD Port: APMon.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.61\Installer\chrmstp.exe [2021-09-24] (Google LLC -> Google LLC)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\SysWOW64\wlgpclnt.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{169EBF44-942F-4C43-87CE-13C93996EBBE}] -> C:\Windows\SysWOW64\AppManagementConfiguration.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\SysWOW64\fdeploy.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{2BFCC077-22D2-48DE-BDE1-2F618D9B476D}] -> C:\Windows\SysWOW64\AppManagementConfiguration.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> WorkFoldersGPExt.dll
HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> C:\Windows\SysWOW64\dmenrollengine.dll [2021-09-17] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\SysWOW64\scecli.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{9650FDBC-053A-4715-AD14-FC2DC65E8330}] -> hvsigpext.dll
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\SysWOW64\dot3gpclnt.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> C:\Windows\SysWOW64\appmgmts.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{F312195E-3D9D-447A-A3F5-08DFFA24735E}] -> dggpext.dll
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FC491EF1-C4AA-4CE1-B329-414B101DB823}] -> dggpext.dll
InternetURL: C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\https---calendar.google.com-.url -> URL: hxxps://calendar.google.com/
Startup: C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2021-07-18]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
Startup: C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super Productivity.lnk [2021-01-07]
ShortcutTarget: Super Productivity.lnk -> (Keine Datei)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05756A54-F141-4A9F-8E5F-723C7F042040} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0AB99643-DD42-4E3D-A53E-08B806B588DC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {0D88153B-1E2A-4FE5-BC2A-FD1357BD74E2} - System32\Tasks\PowerToys\Autorun for kaibe => C:\Program Files\PowerToys\PowerToys.exe [1205128 2021-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {141EFB14-52D9-46B2-B3DF-D8E8A99C0482} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {1DE49DBF-23D2-490C-A07D-E66DFF572B99} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22139CE6-A40A-4182-B491-9D031A20194C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053768 2021-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {244F9FAA-E85D-4DD7-80E7-6F5985A42757} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B2C06E6-254F-40CC-93B8-3D8778179C3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {316CCD8B-7797-4C3B-91A1-F2B6C5C17D4D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B65C273-19C3-4454-8DA8-9376ECC05359} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-22] (Google LLC -> Google LLC)
Task: {51D3F887-0632-4C4E-81B0-158DD46B60A8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5431C7C2-129F-454F-AFD2-A592FE01FDD6} - System32\Tasks\update-S-1-5-21-3593820219-2832368027-3012111108-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {5B16A634-30A3-411A-AEC0-CA6853AE05C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {66A29F20-8F97-4A4B-A670-5C37045E3DA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {66BDEEEF-2195-484A-8356-B32E6787D1DA} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D0CAB02-6349-4E00-8685-DD5DFCF1FAA4} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {7D1FF4A6-AB65-46A7-A81B-F72C7111B063} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {960D8C39-3FB4-4AB5-B43C-0638D87AEAF3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9DB66BC9-151D-4665-8CE9-5E1CEA92A076} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053768 2021-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {9EA5790B-79C0-4528-AB38-9448E0E862DA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {A297DF0C-E4C5-42A3-B461-C29293F77C64} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A685C74B-6C70-4EBC-9BF7-49F57B21EB4D} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {AB05B368-13F7-468A-9B30-E553C06B5449} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [38400 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {B5643108-DFEE-4A0F-9016-E93F1B00A408} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9FCD788-913E-42F6-B32F-1BA096E42426} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {BE030DC3-A9FC-485F-A753-E17382563F0F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C5DC1B07-79AA-4046-B8E2-4DD1F1747FCD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {C969EDE4-61D4-4745-B0FA-9E2719B05E09} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-22] (Google LLC -> Google LLC)
Task: {D090A5A5-A025-4804-A633-B9C6D147DBCB} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {E62BFA1F-2BF6-4272-A64E-629CBE61050B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {EB417495-5B9D-4C1D-8749-38638A28B4CD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3593820219-2832368027-3012111108-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{93e5c563-c65c-4a7a-ac62-5ac593d5ee40}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c8b1b754-1c31-4189-93da-e1eb5ad1c5f8}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{ed358a37-58f7-42c8-8c10-a89e0bac9f4d}: [DhcpNameServer] 141.7.2.1 141.7.2.2
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\kaibe\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-02]
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (Cisco Webex Extension) - C:\Users\kaibe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmihkeafcknlomclapaddfljaeegfbdl [2020-09-28]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\kaibe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2021-09-10]
Edge Extension: (Amazon Order History Reporter) - C:\Users\kaibe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mgkilgclilajckgnedgjgnfdokkgnibi [2021-06-15]
Edge Extension: (Citavi Picker) - C:\Users\kaibe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mielbhbkcliienpdicphhecpodcaeefg [2021-09-10]
Edge HKLM-x32\...\Edge\Extension: [cmihkeafcknlomclapaddfljaeegfbdl]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-07-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-07-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2020-09-18] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-07-05] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default [2021-10-02]
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Präsentationen) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-22]
CHR Extension: (Docs) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-22]
CHR Extension: (Google Drive) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Get cookies.txt) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgaddhkoddajcdgocldbbfleckgcbcid [2021-01-22]
CHR Extension: (YouTube) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-22]
CHR Extension: (Honey) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-09-27]
CHR Extension: (Avira Safe Shopping) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-08-20]
CHR Extension: (OneTab) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2021-07-21]
CHR Extension: (Tabellen) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-22]
CHR Extension: (Google Docs Offline) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-24]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-09-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Citavi Picker) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2021-07-27]
CHR Extension: (Google Mail) - C:\Users\kaibe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [jlhmfgmfgeifomenelglieieghnjghma]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-07-05] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-09] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7789240 2021-10-02] (Malwarebytes Inc -> Malwarebytes)
S3 OpenVpnService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [483976 2020-08-13] (Geek Software GmbH -> Geek Software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [146240 2020-09-18] (Cisco WebEx LLC -> Cisco WebEx LLC)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 CsrBtOBEX-Dienst; "C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmsoi.inf_amd64_c28930fcde990595\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmsoi.inf_amd64_c28930fcde990595\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2018-10-05] (Logitech -> Logitech Inc.)
R3 MaximPowerMeter; C:\WINDOWS\System32\drivers\MaximPowerMeter.sys [40728 2018-10-04] (WDKTestCert satertza,130571941058270086 -> Maxim Integrated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-10-02] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsld185d4d0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CCF8E153-B15C-43EF-97B2-30DD9CB753AA}\MpKslDrv.sys [130296 2021-10-02] (Microsoft Windows -> Microsoft Corporation)
S3 msump64x64; C:\WINDOWS\System32\DriverStore\FileRepository\msump64x64sta.inf_amd64_89698266d72b169e\msump64x64.sys [937472 2021-03-19] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 msux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\msux64w10.inf_amd64_440fd3d3d9361452\msux64w10.sys [702304 2020-02-20] (Microsoft Corporation -> Microsoft)
R3 OemShZDigitizerIntegration; C:\WINDOWS\System32\drivers\Surface1832DigitizerIntegration.sys [35856 2018-10-04] (Microsoft Corporation -> Microsoft Corporation)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-10-26] (Razer Inc. -> Razer Inc)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-10-02 21:01 - 2021-10-02 21:01 - 000039220 _____ C:\Users\kaibe\Desktop\FRST.txt
2021-10-02 21:00 - 2021-10-02 21:01 - 000000000 ____D C:\FRST
2021-10-02 21:00 - 2021-10-02 21:00 - 002304512 _____ (Farbar) C:\Users\kaibe\Desktop\FRST64.exe
2021-10-02 20:59 - 2021-10-02 21:00 - 002304512 _____ (Farbar) C:\Users\kaibe\Downloads\FRST64.exe
2021-10-02 14:34 - 2021-10-02 14:34 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-10-02 14:13 - 2021-10-02 14:13 - 000989584 _____ (GridinSoft LLC) C:\Users\kaibe\Downloads\gsam-install.exe
2021-10-02 14:10 - 2021-10-02 21:02 - 000000000 ____D C:\Users\kaibe\AppData\LocalLow\IGDump
2021-10-02 14:07 - 2021-10-02 14:07 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-10-02 14:07 - 2021-10-02 14:07 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-10-02 14:07 - 2021-10-02 14:07 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-10-02 14:07 - 2021-10-02 14:07 - 000002043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-10-02 14:07 - 2021-10-02 14:07 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-10-02 14:06 - 2021-10-02 14:06 - 000000000 ____D C:\Program Files\Malwarebytes
2021-10-02 14:05 - 2021-10-02 14:06 - 002101944 _____ (Malwarebytes) C:\Users\kaibe\Downloads\MBSetup.exe
2021-10-02 13:57 - 2021-10-02 13:57 - 000018625 _____ C:\Users\kaibe\AppData\LocalLow\sqlite3.dll
2021-10-02 13:56 - 2021-10-02 13:56 - 000002220 _____ C:\Users\kaibe\Desktop\dfControl.ini
2021-10-02 13:56 - 2021-10-02 13:56 - 000000000 _____ C:\Users\kaibe\AppData\Roaming\1549.tmp
2021-10-02 13:55 - 2021-10-02 13:55 - 000000000 _____ C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\PlsWnEU2.exe
2021-10-02 09:44 - 2021-10-02 09:44 - 000001866 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind.lnk
2021-10-02 09:44 - 2021-10-02 09:44 - 000001854 _____ C:\Users\Public\Desktop\XMind.lnk
2021-10-02 08:02 - 2021-10-02 08:02 - 000393736 _____ (Cisco Webex LLC) C:\Users\kaibe\Downloads\webex.exe
2021-10-01 11:07 - 2021-10-01 11:07 - 000001105 _____ C:\Users\kaibe\Downloads\portfolio_Portfolio_01-10-2021.csv
2021-10-01 08:10 - 2021-10-01 08:10 - 000003208 _____ C:\Users\kaibe\Downloads\Abrechnung-Bar (3).csv
2021-09-30 17:25 - 2021-09-30 17:25 - 001305184 _____ C:\Users\kaibe\Downloads\Webinar Bewerbungstraining_Heilbronn.pdf
2021-09-29 20:28 - 2021-09-29 20:28 - 003483720 _____ C:\Users\kaibe\Downloads\Master_Thesis_Belenkiy.pdf
2021-09-29 20:11 - 2021-09-29 20:11 - 000477184 _____ C:\Users\kaibe\Downloads\Planungsblatt.xls
2021-09-29 20:07 - 2021-09-29 20:07 - 000149504 _____ C:\Users\kaibe\Downloads\TopSim_GMII_Kalkulation_Ansicht.xls
2021-09-29 08:50 - 2021-09-29 08:50 - 000537134 _____ C:\Users\kaibe\Downloads\Airbnb_ Ferienwohnungen, Blockhütten, Strandhäuser, besondere Unterkünfte*& Entdeckungen.html
2021-09-29 08:50 - 2021-09-29 08:50 - 000000000 ____D C:\Users\kaibe\Downloads\Airbnb_ Ferienwohnungen, Blockhütten, Strandhäuser, besondere Unterkünfte*& Entdeckungen_files
2021-09-29 08:17 - 2021-09-29 08:17 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\figma-desktop
2021-09-28 14:59 - 2021-09-28 15:00 - 3217355677 _____ C:\Users\kaibe\Downloads\AnKing V10.apkg
2021-09-28 14:35 - 2021-09-28 15:43 - 000000000 ____D C:\Users\kaibe\AppData\Local\Skitch
2021-09-28 14:01 - 2021-09-28 14:01 - 006133891 _____ C:\Users\kaibe\Downloads\KundenManagement_Skript-Version 2021.pptx
2021-09-27 12:37 - 2021-09-27 12:37 - 000455814 _____ C:\Users\kaibe\Downloads\dControl (3).zip
2021-09-27 12:37 - 2021-09-27 12:37 - 000455814 _____ C:\Users\kaibe\Downloads\dControl (2).zip
2021-09-27 12:36 - 2021-09-27 12:36 - 000455218 _____ C:\Users\kaibe\Downloads\d20Control.zip
2021-09-26 22:33 - 2021-09-26 22:33 - 001444775 _____ C:\Users\kaibe\Downloads\Prüfungsleistung e-Business 1, Kai Beerhenke, Jasmin Probsteder,
2021-09-26 16:32 - 2021-09-26 16:32 - 000000539 _____ C:\Users\kaibe\Downloads\PinCCF.zip
2021-09-24 20:38 - 2021-09-24 20:38 - 000001974 _____ C:\Users\Public\Desktop\OpenAudible.lnk
2021-09-24 20:38 - 2021-09-24 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenAudible
2021-09-24 19:44 - 2021-09-24 19:44 - 000024199 _____ C:\Users\kaibe\Downloads\Stundenplan_HHN (1).pdf
2021-09-24 17:08 - 2021-09-24 17:08 - 000036804 _____ C:\Users\kaibe\Downloads\Finanzfluss_Haushaltsbuch.xlsx
2021-09-24 12:32 - 2021-09-24 12:32 - 000966656 _____ C:\Users\kaibe\Downloads\Dividendenplaner.xls
2021-09-24 12:30 - 2021-09-24 12:30 - 002488299 _____ C:\Users\kaibe\Downloads\09_2021_Diamantenliste.pdf
2021-09-24 12:30 - 2021-09-24 12:30 - 000769843 _____ C:\Users\kaibe\Downloads\Checkliste-Branchenmischung-August-2021.pdf
2021-09-23 09:16 - 2021-10-02 14:08 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Breitbandmessung
2021-09-23 09:15 - 2021-09-23 09:15 - 133636656 _____ (zafaco GmbH) C:\Users\kaibe\Downloads\Breitbandmessung-win.exe
2021-09-23 09:15 - 2021-09-23 09:15 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Breitbandmessung.lnk
2021-09-23 09:15 - 2021-09-23 09:15 - 000002352 _____ C:\Users\Public\Desktop\Breitbandmessung.lnk
2021-09-23 09:15 - 2021-09-23 09:15 - 000000000 ____D C:\Users\kaibe\AppData\Local\breitbandmessung-updater
2021-09-23 09:15 - 2021-09-23 09:15 - 000000000 ____D C:\Program Files\Breitbandmessung
2021-09-22 22:45 - 2021-09-22 22:45 - 000046337 _____ C:\Users\kaibe\Downloads\Browsermessung _ Breitbandmessung 2.pdf
2021-09-22 21:55 - 2021-09-22 21:55 - 000045905 _____ C:\Users\kaibe\Downloads\Browsermessung _ Breitbandmessung.pdf
2021-09-22 21:54 - 2021-09-22 21:54 - 000000268 _____ C:\Users\kaibe\Downloads\Breitbandmessung_22_09_2021_21_54_40.csv
2021-09-21 19:30 - 2021-09-21 19:30 - 000035385 _____ C:\Users\kaibe\Downloads\Stundenplan_HHN.pdf
2021-09-21 19:27 - 2021-09-21 19:27 - 000039261 _____ C:\Users\kaibe\Downloads\Stundenplan_HHN_BM7P.pdf
2021-09-20 18:37 - 2021-09-20 18:37 - 000086235 _____ C:\Users\kaibe\Downloads\Download.pdf
2021-09-19 19:41 - 2021-09-19 19:42 - 000000000 ____D C:\Users\kaibe\Documents\Image-Line
2021-09-19 19:41 - 2021-09-19 19:41 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2021-09-19 19:41 - 2021-09-19 19:41 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2021-09-19 19:40 - 2021-09-24 19:36 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2021-09-19 19:40 - 2021-09-19 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2021-09-19 19:40 - 2021-09-19 19:40 - 000000000 ____D C:\Program Files\Common Files\VST2
2021-09-19 19:40 - 2021-09-19 19:40 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2021-09-19 19:38 - 2021-09-19 19:41 - 000000000 ____D C:\Program Files\Image-Line
2021-09-19 19:36 - 2021-09-19 19:37 - 971123472 _____ (Image-Line) C:\Users\kaibe\Downloads\flstudio_win_20.8.4.2576.exe
2021-09-17 13:50 - 2021-09-17 13:50 - 000000000 ___RD C:\Users\kaibe\OneDrive
2021-09-17 13:45 - 2021-09-29 22:12 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3593820219-2832368027-3012111108-1001
2021-09-17 13:45 - 2021-09-29 22:12 - 000002409 _____ C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-17 09:57 - 2021-09-17 09:57 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-17 09:57 - 2021-09-17 09:57 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-17 09:57 - 2021-09-17 09:57 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 001328376 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 001324032 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-17 09:57 - 2021-09-17 09:57 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 09:57 - 2021-09-17 09:57 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-17 09:57 - 2021-09-17 09:57 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-17 09:57 - 2021-09-17 09:57 - 000512864 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-17 09:57 - 2021-09-17 09:57 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-17 09:57 - 2021-09-17 09:57 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-17 09:57 - 2021-09-17 09:57 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-17 09:57 - 2021-09-17 09:57 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-09-17 09:57 - 2021-09-17 09:57 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-17 09:57 - 2021-09-17 09:57 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-17 09:57 - 2021-09-17 09:57 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-17 09:57 - 2021-09-17 09:57 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-17 09:57 - 2021-09-17 09:57 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-17 09:51 - 2021-09-17 09:51 - 000000000 ___HD C:\$WinREAgent
2021-09-11 21:41 - 2021-09-29 15:20 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Figma
2021-09-11 21:41 - 2021-09-11 21:41 - 000002151 _____ C:\Users\kaibe\Desktop\Figma.lnk
2021-09-11 21:41 - 2021-09-11 21:41 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Figma, Inc
2021-09-11 21:40 - 2021-09-29 08:16 - 000000000 ____D C:\Users\kaibe\AppData\Local\Figma
2021-09-10 22:50 - 2021-09-10 22:50 - 083320032 _____ (Figma, Inc.) C:\Users\kaibe\Downloads\FigmaSetup.exe
2021-09-10 22:11 - 2021-09-10 22:11 - 002076672 _____ C:\Users\kaibe\Downloads\SurfaceDock2_DriverOnly_Win10_17763_20.054.29700.0.msi
2021-09-10 17:47 - 2021-09-10 17:47 - 000000407 _____ C:\Users\kaibe\Downloads\tax-report-2021.csv
2021-09-08 17:04 - 2021-09-08 17:04 - 001305184 _____ C:\Users\kaibe\Downloads\Webinar Bewerbungserstellung_11_03-2021.pdf
2021-09-06 19:12 - 2021-09-06 19:12 - 017283813 _____ C:\Users\kaibe\Downloads\wordpress-5.8-de_DE.zip
2021-09-05 14:52 - 2021-09-05 14:52 - 000159574 _____ C:\Users\kaibe\Downloads\206576-Immatrikulationsbescheinigung(HHN).pdf
2021-09-05 14:52 - 2021-09-05 14:52 - 000159274 _____ C:\Users\kaibe\Downloads\206576-Immatrikulationsbescheinigung(HHN) (1).pdf
2021-09-05 14:48 - 2021-09-05 14:48 - 000144984 _____ C:\Users\kaibe\Downloads\Report4a567355-eaae-40e7-9e69-2a3d0221281e.pdf
2021-09-03 10:21 - 2021-09-03 10:21 - 000012592 _____ C:\Users\kaibe\Downloads\2021.08.09_Rechnung_Kundennr_492863301.pdf
2021-09-03 10:06 - 2021-09-03 10:06 - 000001407 _____ C:\Users\kaibe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-09-03 10:05 - 2021-09-03 10:05 - 000002655 _____ C:\Users\kaibe\Downloads\Abrechnung-Bar (2).csv
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-10-02 20:57 - 2021-04-20 08:16 - 000000000 ____D C:\Users\kaibe\Documents\Outlook-Dateien
2021-10-02 20:54 - 2020-06-22 06:16 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-02 20:52 - 2021-07-16 14:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2021-10-02 20:52 - 2020-08-23 16:18 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-02 20:51 - 2021-07-19 08:41 - 000000000 ____D C:\Users\kaibe\AppData\Local\Everything
2021-10-02 20:51 - 2021-07-19 08:37 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Everything
2021-10-02 20:40 - 2021-01-22 14:21 - 001863144 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-02 20:40 - 2019-12-07 16:51 - 000805256 _____ C:\WINDOWS\system32\perfh007.dat
2021-10-02 20:40 - 2019-12-07 16:51 - 000168730 _____ C:\WINDOWS\system32\perfc007.dat
2021-10-02 20:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-02 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-02 14:33 - 2021-05-07 22:24 - 000041448 _____ C:\WINDOWS\system32\OV8865_REAR.aiqd
2021-10-02 14:33 - 2021-01-22 14:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-02 14:33 - 2021-01-22 14:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-02 14:33 - 2020-09-27 00:28 - 000041448 _____ C:\WINDOWS\system32\OV5693_FRONT.aiqd
2021-10-02 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-02 14:33 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-02 14:07 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-10-02 14:03 - 2021-07-27 09:27 - 000000000 ____D C:\Users\kaibe\Documents\Citavi 6
2021-10-02 13:58 - 2020-10-02 09:46 - 000000000 ____D C:\Users\kaibe\AppData\Local\Webex
2021-10-02 13:57 - 2020-11-03 15:37 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\KeePass
2021-10-02 13:56 - 2020-09-27 12:35 - 000000448 __RSH C:\ProgramData\ntuser.pol
2021-10-02 13:28 - 2021-01-22 14:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-02 13:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-02 13:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-02 09:44 - 2021-05-15 12:49 - 000000000 ____D C:\Program Files\XMind
2021-10-02 09:44 - 2020-08-23 19:13 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\WhatsApp
2021-10-02 09:43 - 2020-10-02 09:45 - 000000000 ____D C:\Users\kaibe\AppData\LocalLow\WebEx
2021-10-02 08:45 - 2020-08-30 11:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-10-02 08:04 - 2020-08-29 18:06 - 000000000 ____D C:\Users\kaibe\AppData\Local\D3DSCache
2021-10-01 09:28 - 2021-05-04 18:15 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Anki2
2021-10-01 08:30 - 2021-08-01 23:16 - 000002124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-10-01 08:30 - 2021-08-01 23:16 - 000002113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-10-01 08:17 - 2020-08-29 20:28 - 000000000 ____D C:\Users\kaibe\AppData\Local\CrashDumps
2021-10-01 08:10 - 2021-01-22 14:17 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 08:10 - 2021-01-22 14:17 - 000003508 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-29 20:11 - 2020-08-22 11:45 - 000000000 ____D C:\Users\kaibe\AppData\Local\Packages
2021-09-29 19:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-09-27 12:17 - 2020-09-29 09:16 - 000073288 _____ C:\WINDOWS\system32\Drivers\SurfaceTconPrediction.bin
2021-09-26 23:35 - 2020-10-06 15:46 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\vlc
2021-09-26 22:12 - 2020-09-05 10:18 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-26 22:12 - 2020-09-05 10:18 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-26 17:41 - 2021-07-07 13:49 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Nextcloud
2021-09-24 21:43 - 2020-12-13 01:10 - 000000000 ____D C:\Users\kaibe\OpenAudible
2021-09-24 20:38 - 2020-12-13 01:10 - 000000000 ____D C:\Program Files\OpenAudible
2021-09-24 20:30 - 2020-12-13 01:18 - 000001120 _____ C:\Users\Public\Desktop\AAX Audio Converter.lnk
2021-09-24 20:30 - 2020-12-13 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\audiamus
2021-09-24 10:00 - 2020-10-22 14:43 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-24 10:00 - 2020-10-22 14:43 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-23 13:27 - 2020-10-21 21:52 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Mp3tag
2021-09-22 20:48 - 2020-10-09 11:47 - 000000000 ____D C:\Users\kaibe\AppData\Local\ElevatedDiagnostics
2021-09-22 20:29 - 2020-12-24 12:10 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\audacity
2021-09-21 19:52 - 2020-08-29 18:06 - 000000000 ____D C:\Users\kaibe\AppData\Roaming\Telegram Desktop
2021-09-19 19:50 - 2019-03-13 00:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-09-19 19:40 - 2020-08-22 11:49 - 000803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-09-19 15:11 - 2020-08-23 16:29 - 000000000 ____D C:\Program Files\Microsoft Office
2021-09-17 13:50 - 2021-01-22 14:12 - 000000000 ____D C:\Users\kaibe
2021-09-17 10:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-17 10:28 - 2021-01-22 14:09 - 000454536 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-17 10:27 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-09-17 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-17 10:27 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-17 09:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-17 09:50 - 2020-08-23 16:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-17 09:47 - 2020-08-23 16:28 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-15 09:27 - 2021-04-08 11:03 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-11 21:41 - 2020-08-23 19:13 - 000000000 ____D C:\Users\kaibe\AppData\Local\SquirrelTemp
2021-09-11 14:47 - 2020-08-29 18:05 - 000000000 ____D C:\Users\kaibe\AppData\Local\Ubisoft Game Launcher
2021-09-05 18:25 - 2020-11-03 11:39 - 000000000 ____D C:\Users\kaibe\AppData\Local\WhatsApp
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-10-02 13:56 - 2021-10-02 13:56 - 000000000 _____ () C:\Users\kaibe\AppData\Roaming\1549.tmp
2020-09-03 16:10 - 2020-09-03 16:10 - 000000000 _____ () C:\Users\kaibe\AppData\Local\oobelibMkey.log
2021-01-22 16:36 - 2021-01-22 16:36 - 000000752 _____ () C:\Users\kaibe\AppData\Local\recently-used.xbel
2021-08-29 20:31 - 2021-08-29 20:31 - 000007605 _____ () C:\Users\kaibe\AppData\Local\Resmon.ResmonCfg
2021-01-04 15:20 - 2021-01-04 15:20 - 000000003 _____ () C:\Users\kaibe\AppData\Local\updater.log
2021-01-04 15:20 - 2021-01-04 15:20 - 000000424 _____ () C:\Users\kaibe\AppData\Local\UserProducts.xml
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ======================== --- --- --- Code:
Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 02.10.21
Scan-Zeit: 21:13
Protokolldatei: cb87aba4-23b4-11ec-bebd-00ffed358a37.json
-Softwaredaten-
Version: 4.4.7.134
Komponentenversion: 1.0.1464
Version des Aktualisierungspakets: 1.0.45516
Lizenz: Abgelaufen
-Systemdaten-
Betriebssystem: Windows 10 (Build 19042.1237)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-FAM83KL\kaibe
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 381493
Erkannte Bedrohungen: 34
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 17 Min., 11 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 22
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicea, Keine Aktion durch Benutzer, 5182, 954951, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServiceb, Keine Aktion durch Benutzer, 5182, 954952, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicec, Keine Aktion durch Benutzer, 5182, 954953, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServiced, Keine Aktion durch Benutzer, 5182, 954954, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicee, Keine Aktion durch Benutzer, 5182, 954955, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicef, Keine Aktion durch Benutzer, 5182, 954956, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServiceh, Keine Aktion durch Benutzer, 5182, 954958, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicei, Keine Aktion durch Benutzer, 5182, 954960, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicej, Keine Aktion durch Benutzer, 5182, 954961, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicek, Keine Aktion durch Benutzer, 5182, 954962, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicel, Keine Aktion durch Benutzer, 5182, 954963, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicea\PARAMETERS, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServiceb\PARAMETERS, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicec\PARAMETERS, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServiced\PARAMETERS, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicee\PARAMETERS, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicef\PARAMETERS, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServiceh\PARAMETERS, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicei\PARAMETERS, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicej\PARAMETERS, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicek\PARAMETERS, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicel\PARAMETERS, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Registrierungswert: 11
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicea\PARAMETERS|SERVICEDLL, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServiceb\PARAMETERS|SERVICEDLL, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicec\PARAMETERS|SERVICEDLL, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServiced\PARAMETERS|SERVICEDLL, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicee\PARAMETERS|SERVICEDLL, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicef\PARAMETERS|SERVICEDLL, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServiceh\PARAMETERS|SERVICEDLL, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicei\PARAMETERS|SERVICEDLL, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicej\PARAMETERS|SERVICEDLL, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicek\PARAMETERS|SERVICEDLL, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Backdoor.Farfli, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AppServicel\PARAMETERS|SERVICEDLL, Keine Aktion durch Benutzer, 5182, 954916, 1.0.45516, , ame, , ,
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 1
Backdoor.Farfli, C:\WINDOWS\SYSTEM32\37V80O0246.TMP, Keine Aktion durch Benutzer, 5182, 954951, , , , , 8074F73F7742309B033676CD03EB0928, BE94DF270ACFC8E5470FA161B808D0DE1C9E85EFEEFF4A5D82F5FD09629AFA8E
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end) |