Gulliver77 | 04.09.2022 10:41 | Windows 10: Defender meldet immer wieder Fund von Behavior:Win32/Hive.ZY Hallo,
ich hoffe, Ihr könnt mir helfen, vielen Dank schon mal im voraus.
Seit heute morgen meldet der Windows Defender immer wieder den Fund Behavior:Win32/Hive.ZY. Es wird zwar entfernt, wird aber immer wieder neu entdeckt.
Dies ist eigentlich kein gewerblicher Rechner, aber ich unterstütze meine Frau bei ihrem Kleingewerbe.
Ich hoffe, das ist kein Problem. Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
durchgeführt von danie (Administrator) auf DANIEL-G-ASUS (ASUS System Product Name) (04-09-2022 11:23:09)
Gestartet von C:\Users\danie\Desktop
Geladene Profile: danie
Plattform: Microsoft Windows 10 Pro for Workstations Version 21H2 19044.1889 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\Jabra\Direct6\jabra-direct.exe ->) (GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct6\SoftphoneIntegrations.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FoxitProxyServer_Socket_PH.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(C:\Users\danie\AppData\Roaming\Zoom\bin\Zoom.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\danie\AppData\Roaming\Zoom\bin\zWebview2Agent.exe
(C:\Users\danie\AppData\Roaming\Zoom\bin\zWebview2Agent.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.70\msedgewebview2.exe <6>
(explorer.exe ->) (Agilebits -> AgileBits Inc.) C:\Users\danie\AppData\Local\1Password\app\7\1Password.exe <2>
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Learnpulse -> Learnpulse) C:\Users\danie\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\danie\AppData\Roaming\Zoom\bin\Zoom.exe <2>
(GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct6\jabra-direct.exe <4>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(RuntimeBroker.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\danie\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.08\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.15\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(services.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (devolo AG -> devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\FoxitPDFEditorUpdateService.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(services.exe ->) (MailStore Software GmbH -> MailStore Software GmbH) C:\Program Files (x86)\MailStore\MailStore Server\MailStoreServer_x64.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Numedia Soft, Inc. -> ) C:\Windows\SysWOW64\NMSAccess64.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_df0bee9f4cb9436e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\iked.exe
(services.exe ->) (Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(svchost.exe ->) (Audible Inc) C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.67.0_x64__xns73kv1ymhp2\AudibleRT.WindowsPhone.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.543.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1687616 2022-02-21] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [592608 2022-07-13] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [408376 2021-09-20] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Phantom_Sl] => C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\phantom_sl.exe [2048688 2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Software Inc)
HKLM-x32\...\Run: [Haufe.Loge.AutostartLauncher.exe] => C:\Program Files (x86)\Common Files\Lexware\Dll\Haufe.Loge.AutostartLauncher.exe [23288 2022-08-08] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct6\jabra-direct.exe [123464024 2022-08-10] (GN AUDIO A/S -> GN Audio A/S)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2629520 2022-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [Screenpresso] => C:\Users\danie\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [18187272 2022-07-22] (Learnpulse -> Learnpulse)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38274576 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [1Password] => C:\Users\danie\AppData\Local\1Password\app\7\1Password.exe [5511536 2022-07-14] (Agilebits -> AgileBits Inc.)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [Zoom] => C:\Users\danie\AppData\Roaming\Zoom\bin\Zoom.exe [279936 2022-08-09] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [MicrosoftEdgeAutoLaunch_E0359248083FDB44B7852C7D3585D0D2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795360 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\danie\AppData\Local\Microsoft\Teams\Update.exe [2576128 2022-08-31] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\MountPoints2: {4b7d3868-7437-11eb-9df9-f02f74300e86} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\MountPoints2: {80bf366c-0b59-11ed-9e5a-00e04cb4db03} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-22] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-02-20]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-08-22]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SyncBackPro.exe - Verknüpfung.lnk [2021-02-21]
ShortcutTarget: SyncBackPro.exe - Verknüpfung.lnk -> C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume17autocheck autochk /m /P \Device\HarddiskVolume19autocheck autochk *
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1152780F-AB22-4F1B-8DE7-343F1CC30A09} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {11632890-F203-4E97-BE2D-167A15AC2CD1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D887C91-A695-4224-8228-4E3B4F14C06D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Keine Datei)
Task: {230411DA-B163-4CFA-9DE1-7914B60F28DD} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei)
Task: {2CA4A9B2-83AF-4B6D-8BEB-9F880BCF5113} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [45540760 2021-01-13] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {30DE7B58-7F6B-42D6-AC96-D9257DCD9B26} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2025488 2021-01-22] (ASUSTeK Computer Inc. -> ASUS)
Task: {40DD96A7-A209-4EAE-A0AF-790A9157B957} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-20] (Google LLC -> Google LLC)
Task: {4837DD0C-D1BD-4715-9487-D13D3854C822} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {51ECF666-1230-42EF-9F5E-47EDA89DCA32} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4154248 2022-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {529B2C3B-D1E1-485E-98B2-26B446D7EAB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-20] (Google LLC -> Google LLC)
Task: {61E1D303-F1B8-4DB2-846A-E57C0434BE45} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {66DBEC8F-A5D8-41BB-AC56-5BC146EB3833} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8738DE28-7DC1-4245-89C0-1C6FF0319E80} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\Lexware Ordner auf NAS => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [57615280 2019-12-03] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {941E7B7D-C54B-4FC3-B503-A542FE5A19AC} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (Keine Datei)
Task: {952DCFAD-4991-4291-BD8E-306CC29D5DE1} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61856 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0DFAFCC-5988-492A-BC42-3174BC040ACE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9057CDE-23B4-4597-B9C7-DE67C4BF16F3} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\Daniel Cloud Backup => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [57615280 2019-12-03] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {ABDB82B2-0BC1-4653-9217-E8FB8CD8712D} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-02-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {B62F60F1-CBB2-4670-A052-00347C73FA9B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {C58B95C1-A109-4F76-AE22-409BA02E6BD3} - System32\Tasks\CCleanerSkipUAC - danie => C:\Program Files\CCleaner\CCleaner.exe [31990800 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CA77BC26-45B7-448C-988D-9D96589D2B7B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {CF786753-359E-42B3-B673-0FF2CAA8A485} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\Gewerbe Cloud Backup => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [57615280 2019-12-03] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {EEC0403A-E863-4D1C-805B-0DD291898A36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F33E1033-CCF4-4805-BE15-8AAE344061F9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2782327805-1913230689-3329431176-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4154248 2022-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5A36AA0-8323-43EA-B16D-C047438BA371} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA3C23A9-2B0D-4BD6-B315-458D3C753C96} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d70752ec7682d0 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-02-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 127.0.0.1 cryptomator-vault
Tcpip\..\Interfaces\{2bf19533-b5bf-4791-95db-88d8f7e8724d}: [NameServer] 192.168.178.1
Tcpip\..\Interfaces\{757e97e6-8579-45c1-9359-61fe08ab8133}: [DhcpNameServer] 192.168.178.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-04]
Edge Notifications: Default -> hxxps://business.facebook.com; hxxps://crm.zoho.com; hxxps://dashboard.tawk.to; hxxps://meet.google.com; hxxps://teams.microsoft.com; hxxps://web.prod.ndident.com; hxxps://www.facebook.com
Edge HomePage: Default -> hxxps://google.de/
Edge StartupUrls: Default -> "hxxp://google.de/"
Edge Extension: (ColorZilla) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2021-02-21]
Edge Extension: (DuckDuckGo) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caoacbimdbbljakfhgikoodekdnlcgpk [2022-08-24]
Edge Extension: (lock) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dppgmdbiimibapkepcbdbmkaabgiofem [2022-07-23]
Edge Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2022-07-01]
Edge Extension: (True Key™ by McAfee) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gnnbmcifkkjgjdbkilfglpdpmidkgefn [2022-05-29]
Edge Extension: (ScriptBlock) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hcdjknjpbnhdoabbngpmfekaecnpajba [2021-02-21]
Edge Extension: (MyJDownloader Browser Erweiterung) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ieapabanbplofifeaapjocpaogdhncdd [2021-07-04]
Edge Extension: (Tag Assistant Legacy (by Google)) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2021-10-07]
Edge Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2022-08-31]
Edge Extension: (uBlock Origin) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-08-24]
Edge Extension: (OneNote Web Clipper) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oogbnpmeihfgnccdnmmlgicknopghhma [2022-05-07]
FireFox:
========
FF DefaultProfile: ks8urf0i.default
FF ProfilePath: C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\ks8urf0i.default [2021-04-06]
FF ProfilePath: C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\7lqen0pg.default-release [2022-09-04]
FF Extension: (True Key™ by McAfee) - C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\7lqen0pg.default-release\Extensions\@true-key.xpi [2021-04-06] [UpdateUrl:hxxps://downloads.truekey.com/firefox/update.json]
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2021-09-25] []
FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2021-09-25]
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2022-09-04]
CHR HomePage: Default -> hxxps://duckduckgo.com/
CHR StartupUrls: Default -> "hxxps://duckduckgo.com/"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (lock) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2022-07-24]
CHR Extension: (ColorZilla) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2021-02-20]
CHR Extension: (DuckDuckGo) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2022-08-29]
CHR Extension: (Foxit PDF Creator) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2022-02-27]
CHR Extension: (uBlock Origin) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-08-29]
CHR Extension: (True Key™ by McAfee) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpaibbcbodhimfnjnakiidgbpiehfgci [2022-05-29]
CHR Extension: (MyJDownloader Browser Erweiterung) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-06-28]
CHR Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-28]
CHR Extension: (OneNote Web Clipper) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojbdfnpnhogfdgjbigejoaolejmgdhk [2022-04-22]
CHR Extension: (ScriptBlock) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcdjknjpbnhdoabbngpmfekaecnpajba [2021-02-20]
CHR Extension: (Audio Verbinden) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihiafjkopgiakbmihgoieodihjcblfbk [2021-02-20]
CHR Extension: (Tag Assistant Legacy (by Google)) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2021-09-27]
CHR Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2022-08-29]
CHR Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-06-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-20]
CHR Extension: (Video Cutter) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nodkcjollmmjidmcnhloaoahmciabnai [2021-02-20]
CHR Extension: (Audio Cutter) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimnkafgoiilijmlbnfoafihjjijbfp [2021-02-20]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-09-04]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-09-04]
CHR Extension: (Foxit PDF Creator) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2022-04-25]
CHR Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-01]
CHR Extension: (Google Hangouts) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2022-08-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-12]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\System Profile [2022-09-04]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\ChromeAddin\ChromeAddin.crx [2021-09-25]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\ChromeAddin\ChromeAddin.crx [2021-09-25]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [382112 2022-08-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.15\atkexComSvc.exe [468504 2022-08-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-02-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2022-08-18] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.08\AsusFanControlService.exe [1438744 2022-08-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-02-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [838760 2022-09-04] (ASUSTeK Computer Inc. -> )
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [6108344 2021-07-13] (devolo AG -> devolo AG)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-06-03] (Bayerisches Landesamt fuer Steuern -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncHelper.exe [3380624 2022-08-31] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\FoxitPDFEditorUpdateService.exe [2359416 2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] (Shrew Soft Inc -> )
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] (Shrew Soft Inc -> )
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [68408 2021-09-22] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3210232 2021-03-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 MailStoreServer; C:\Program Files (x86)\MailStore\MailStore Server\MailStoreServer_x64.exe [481296 2020-02-20] (MailStore Software GmbH -> MailStore Software GmbH)
R2 NMSAccess64; C:\Windows\SysWOW64\NMSAccess64.exe [82872 2009-01-12] (Numedia Soft, Inc. -> )
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.166.0807.0002\OneDriveUpdaterService.exe [3800976 2022-08-31] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [592608 2022-07-13] (geek software GmbH -> geek software GmbH)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6694520 2022-08-15] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6255896 2022-08-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-07-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-07-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_df0bee9f4cb9436e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_df0bee9f4cb9436e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43168 2022-08-18] (ASUSTeK Computer Inc. -> )
R1 avm_nwim; C:\Windows\system32\DRIVERS\avmnwim.sys [396088 2017-03-17] (WDKTestCert shuebner,130916460956458304 -> AVM)
S3 BrSerIb; C:\Windows\system32\DRIVERS\BrSerIb.sys [95344 2014-06-06] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\Windows\system32\DRIVERS\BrUsbSIb.sys [21872 2014-06-06] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 dokan1; C:\Windows\System32\DRIVERS\dokan1.sys [385528 2021-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Dokan Project)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R3 MpKslb05af08b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{893F1095-2FD6-485A-8B9C-53E5DE1931A8}\MpKslDrv.sys [141576 2022-09-04] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [36496 2021-07-13] (devolo AG -> Riverbed Technology, Inc.)
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2021-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [831616 2021-02-20] (IDRIX SARL -> IDRIX)
R1 vflt; C:\Windows\system32\DRIVERS\vfilter.sys [24064 2013-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S3 vnet; C:\Windows\System32\drivers\virtualnet.sys [17408 2013-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2022-07-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [452856 2022-07-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [91384 2022-07-01] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-09-04 11:56 - 2022-09-04 11:56 - 112459776 _____ C:\Windows\system32\config\SOFTWARE
2022-09-04 11:52 - 2022-09-04 11:56 - 000000000 ____D C:\Windows\Microsoft Antimalware
2022-09-04 11:23 - 2022-09-04 11:23 - 000042230 _____ C:\Users\danie\Desktop\FRST.txt
2022-09-04 11:17 - 2022-09-04 11:23 - 000000000 ____D C:\FRST
2022-09-04 11:16 - 2022-09-04 11:17 - 002371072 _____ (Farbar) C:\Users\danie\Desktop\FRST64.exe
2022-08-28 14:03 - 2022-08-28 14:03 - 000000000 ____D C:\Users\danie\AppData\Local\CompuKöln_Dokument_Manage
2022-08-28 13:58 - 2022-08-28 13:58 - 000001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CompuDMS.lnk
2022-08-28 13:58 - 2022-08-28 13:58 - 000001293 _____ C:\Users\Public\Desktop\CompuDMS.lnk
2022-08-28 13:58 - 2022-08-28 13:58 - 000000000 ____D C:\Program Files (x86)\CompuKöln Dokument Management GmbH
2022-08-24 09:12 - 2022-08-24 09:12 - 000003139 _____ C:\GetDeviceStatus.xml
2022-08-22 19:03 - 2022-08-22 19:03 - 000000000 ____D C:\ProgramData\Apple Computer
2022-08-22 19:03 - 2022-08-22 19:03 - 000000000 ____D C:\ProgramData\Apple
2022-08-15 14:39 - 2022-08-15 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jabra
2022-08-09 21:57 - 2022-08-09 21:57 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2022-08-09 21:57 - 2022-08-09 21:57 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2022-08-09 21:57 - 2022-08-09 21:57 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-08-09 21:57 - 2022-08-09 21:57 - 000162304 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2022-08-09 21:57 - 2022-08-09 21:57 - 000089088 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-09 21:57 - 2022-08-09 21:57 - 000073216 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-09 21:57 - 2022-08-09 21:57 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-08-09 21:57 - 2022-08-09 21:57 - 000011803 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-08-09 21:52 - 2022-08-09 21:52 - 000000000 ___HD C:\$WinREAgent
2022-08-09 21:11 - 2022-08-09 21:11 - 000000000 ____D C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-08-06 13:02 - 2022-08-06 13:02 - 000000000 ____D C:\Windows\system32\lxss
2022-08-06 13:01 - 2022-06-03 06:15 - 001905936 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2022-08-06 13:01 - 2022-06-03 06:15 - 001905936 _____ C:\Windows\system32\vulkaninfo.exe
2022-08-06 13:01 - 2022-06-03 06:15 - 001478416 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-08-06 13:01 - 2022-06-03 06:15 - 001478416 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2022-08-06 13:01 - 2022-06-03 06:15 - 001467840 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2022-08-06 13:01 - 2022-06-03 06:15 - 001432320 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2022-08-06 13:01 - 2022-06-03 06:15 - 001432320 _____ C:\Windows\system32\vulkan-1.dll
2022-08-06 13:01 - 2022-06-03 06:15 - 001209408 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2022-08-06 13:01 - 2022-06-03 06:15 - 001145616 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2022-08-06 13:01 - 2022-06-03 06:15 - 001145616 _____ C:\Windows\SysWOW64\vulkan-1.dll
2022-08-06 13:01 - 2022-06-03 06:12 - 002121696 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2022-08-06 13:01 - 2022-06-03 06:12 - 001529920 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2022-08-06 13:01 - 2022-06-03 06:12 - 001175712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2022-08-06 13:01 - 2022-06-03 06:12 - 000795736 _____ C:\Windows\system32\nvofapi64.dll
2022-08-06 13:01 - 2022-06-03 06:12 - 000715944 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2022-08-06 13:01 - 2022-06-03 06:12 - 000712640 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2022-08-06 13:01 - 2022-06-03 06:12 - 000636504 _____ C:\Windows\SysWOW64\nvofapi.dll
2022-08-06 13:01 - 2022-06-03 06:12 - 000057440 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2022-08-06 13:01 - 2022-06-03 06:11 - 008610448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2022-08-06 13:01 - 2022-06-03 06:11 - 007713848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2022-08-06 13:01 - 2022-06-03 06:11 - 005101520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2022-08-06 13:01 - 2022-06-03 06:11 - 002931872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2022-08-06 13:01 - 2022-06-03 06:11 - 001600672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2022-08-06 13:01 - 2022-06-03 06:11 - 000981672 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2022-08-06 13:01 - 2022-06-03 06:11 - 000792232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2022-08-06 13:01 - 2022-06-03 06:11 - 000456848 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2022-08-06 13:01 - 2022-06-03 06:10 - 005729744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2022-08-06 13:01 - 2022-06-03 06:09 - 000850080 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2022-08-06 13:01 - 2022-06-03 05:42 - 000089337 _____ C:\Windows\system32\nvinfo.pb
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-09-04 11:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-04 11:21 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-09-04 11:05 - 2021-02-20 09:13 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-04 11:05 - 2021-02-20 08:19 - 001636304 _____ C:\Windows\system32\PerfStringBackup.INI
2022-09-04 11:05 - 2019-12-07 16:51 - 000707158 _____ C:\Windows\system32\perfh007.dat
2022-09-04 11:05 - 2019-12-07 16:51 - 000143018 _____ C:\Windows\system32\perfc007.dat
2022-09-04 11:00 - 2021-10-25 17:33 - 000000000 ____D C:\Users\danie\AppData\Roaming\Jabra Direct
2022-09-04 11:00 - 2021-02-20 10:39 - 000000000 ____D C:\Program Files\CCleaner
2022-09-04 10:59 - 2021-10-25 17:33 - 000000000 ____D C:\Users\danie\AppData\Roaming\JabraSDK
2022-09-04 10:58 - 2021-10-16 14:22 - 000000000 ____D C:\ProgramData\firebird
2022-09-04 10:58 - 2021-09-08 15:59 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-09-04 10:58 - 2021-02-20 08:13 - 000877320 _____ C:\Windows\system32\wpbbin.exe
2022-09-04 10:58 - 2021-02-20 08:13 - 000838760 _____ C:\Windows\system32\AsusUpdateCheck.exe
2022-09-04 10:58 - 2021-02-20 08:13 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-04 10:58 - 2021-02-20 08:13 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-09-04 10:58 - 2021-02-20 08:13 - 000000000 ____D C:\ProgramData\NVIDIA
2022-09-04 10:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-09-04 10:51 - 2019-12-07 11:03 - 001310720 _____ C:\Windows\system32\config\BBI
2022-09-04 10:50 - 2021-02-20 10:07 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2022-09-04 10:50 - 2021-02-20 08:31 - 000000000 ____D C:\Users\danie
2022-09-04 10:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-04 10:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-09-04 10:45 - 2021-02-21 15:48 - 000000000 ____D C:\Users\danie\AppData\Local\CrashDumps
2022-09-04 10:42 - 2021-02-20 08:14 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-04 10:42 - 2021-02-20 08:14 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-09-04 10:42 - 2021-02-20 08:13 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-09-03 16:40 - 2021-02-20 11:50 - 000000000 ____D C:\ProgramData\Lexware
2022-09-03 16:05 - 2021-02-20 13:24 - 000000000 ____D C:\Users\danie\AppData\Roaming\vlc
2022-08-31 21:34 - 2021-12-11 19:00 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2782327805-1913230689-3329431176-1001
2022-08-31 21:34 - 2021-06-20 11:00 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-08-31 21:34 - 2021-06-20 11:00 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-31 19:00 - 2021-10-25 17:28 - 000002368 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-08-31 19:00 - 2021-10-25 17:28 - 000002360 _____ C:\Users\danie\Desktop\Microsoft Teams.lnk
2022-08-31 16:00 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-08-30 16:00 - 2021-02-20 09:13 - 000003632 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-30 16:00 - 2021-02-20 09:13 - 000003508 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-08-28 13:58 - 2021-02-20 08:37 - 000000000 ____D C:\ProgramData\Package Cache
2022-08-25 22:09 - 2019-12-07 16:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2022-08-25 21:48 - 2021-02-20 08:33 - 000000000 ____D C:\Users\danie\AppData\Local\Packages
2022-08-24 11:55 - 2021-02-23 22:37 - 000000000 ____D C:\Users\danie\AppData\Local\D3DSCache
2022-08-23 13:58 - 2021-02-20 10:39 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-08-23 13:58 - 2021-02-20 08:14 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-23 13:58 - 2021-02-20 08:14 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-22 22:06 - 2021-02-20 09:13 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-22 22:06 - 2021-02-20 09:13 - 000002158 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-08-22 19:35 - 2021-02-20 10:07 - 000000000 ____D C:\Users\danie\AppData\Roaming\AnyDesk
2022-08-22 09:44 - 2021-02-20 08:33 - 000000000 ____D C:\Users\danie\AppData\Local\Publishers
2022-08-22 09:44 - 2021-02-20 08:33 - 000000000 ____D C:\ProgramData\Packages
2022-08-22 09:43 - 2021-02-20 08:35 - 000000000 ____D C:\Users\danie\AppData\Local\PlaceholderTileLogoFolder
2022-08-19 16:05 - 2021-02-20 08:13 - 000000000 ____D C:\ProgramData\ASUS
2022-08-18 16:00 - 2021-02-20 08:39 - 000151608 _____ (©ASUSTeK Computer Inc.) C:\Windows\system32\AsIO3.dll
2022-08-18 16:00 - 2021-02-20 08:39 - 000123744 _____ (©ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsIO3.dll
2022-08-18 16:00 - 2021-02-20 08:39 - 000043168 _____ C:\Windows\system32\Drivers\AsIO3.sys
2022-08-18 16:00 - 2021-02-20 08:39 - 000000000 ____D C:\Users\danie\AppData\Local\ASUS
2022-08-15 14:39 - 2021-10-25 17:23 - 000000000 ____D C:\Program Files (x86)\Jabra
2022-08-14 19:55 - 2021-02-20 12:02 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-13 12:55 - 2021-02-20 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2022-08-09 22:02 - 2021-02-20 08:13 - 000521392 _____ C:\Windows\system32\FNTCACHE.DAT
2022-08-09 22:00 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-08-09 22:00 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-09 22:00 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-08-09 22:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-08-09 22:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-08-09 22:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-08-09 22:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-08-09 22:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-08-09 22:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-08-09 22:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-08-09 22:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-08-09 22:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-08-09 21:57 - 2021-02-20 08:17 - 003011072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-08-09 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2022-08-09 21:16 - 2021-02-20 08:42 - 000000000 ____D C:\Windows\system32\MRT
2022-08-09 21:13 - 2021-02-20 08:42 - 144534560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-08-09 21:11 - 2021-02-20 13:27 - 000001931 _____ C:\Users\danie\Desktop\Zoom.lnk
2022-08-09 21:11 - 2021-02-20 13:26 - 000000000 ____D C:\Users\danie\AppData\Roaming\Zoom
2022-08-09 21:10 - 2022-07-19 22:27 - 000000000 ____D C:\Program Files\FRITZ!Fernzugang
2022-08-08 14:22 - 2022-04-17 14:13 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2022.lnk
2022-08-08 14:22 - 2022-04-17 14:13 - 000002254 _____ C:\Users\Public\Desktop\SteuerSparErklärung 2022.lnk
2022-08-08 14:22 - 2022-04-17 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2022
2022-08-07 14:48 - 2021-02-20 10:59 - 000000000 ____D C:\Users\danie\AppData\Roaming\FileZilla
2022-08-07 14:47 - 2021-02-28 18:40 - 000000128 _____ C:\Users\danie\AppData\Local\PUTTY.RND
2022-08-07 14:42 - 2021-02-20 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2022-08-07 14:42 - 2021-02-20 10:59 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2022-08-07 12:44 - 2021-02-20 08:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-08-06 15:02 - 2021-02-20 08:13 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-08-06 13:02 - 2021-02-20 10:03 - 000000000 ____D C:\Users\danie\AppData\Local\NVIDIA
2022-08-06 13:02 - 2021-02-20 08:13 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-02-28 18:40 - 2022-08-07 14:47 - 000000128 _____ () C:\Users\danie\AppData\Local\PUTTY.RND
2022-01-31 12:33 - 2022-01-31 12:33 - 000001662 _____ () C:\Users\danie\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Viele Grüße
Daniel |