Windows 10: Passwort-Trojaner wirklich weg?
Hallo,
der Windows Defender hat einen Wacatac in Quarantäne gestellt. Malwarebytes und eset habe ich danach drüber laufen lassen.
Hier dazu die Logfiles von Malwarebytes: Code:
Protokolldatei: ec65ac40-bd46-11ed-9e62-107b44f0e531.json
-Softwaredaten-
Version: 4.5.23.241
Komponentenversion: 1.0.1927
Version des Aktualisierungspakets: 1.0.66441
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.2673)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-****\****
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 433023
Erkannte Bedrohungen: 3
In die Quarantäne verschobene Bedrohungen: 3
Abgelaufene Zeit: 3 Min., 20 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 1
PUP.Optional.VLCUpdaterDE, HKU\S-1-5-21-341515215-1173906820-3305953664-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\STARTUPAPPROVED\RUN|VLC UPDATER, In Quarantäne, 1638, 750355, 1.0.66441, , ame, , ,
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 2
PUP.Optional.QwebDe, C:\USERS\NIKLA\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\USER PINNED\TASKBAR\QWEB SYMBOL.LNK, In Quarantäne, 1476, 496142, 1.0.66441, , ame, , 3E9DADC7A69FF007E90069FF81161A96, E207F82B2A0477132651D1B9020035EF9BA2D2FC2ED5236A9CF4728FA3B38933
Spyware.PasswordStealer, C:\PROGRAM FILES (X86)\POST SERVICE & CONSULTING LIMITED\VIDEODOWNLOADER\DOWNLOADER.EXE, In Quarantäne, 511, 786368, 1.0.66441, , ame, , CB61DCCE14C847A9527D4F7A234458F4, A63BB1F4B3AE8717202704CD293F9357914A0DC35A7070A683AED7A756F2984E
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Und eset: Code:
10.03.2023 21:26:43
Geprüfte Dateien: 2997712
Erkannte Dateien: 2
Gesäuberte Dateien: 2
Prüfdauer gesamt 05:19:22
Prüfstatus: Abgeschlossen
C:\$Recycle.Bin\S-1-5-21-341515215-1173906820-3305953664-1001\$RBJO73G\aswOfferTool.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung gelöscht
C:\$Recycle.Bin\S-1-5-21-341515215-1173906820-3305953664-1001\$RBJO73G\offertool_x64_ais-959.vpx Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung gelöscht
Ganz sicher bin ich mir immernoch nicht, deswegen habe ich einen Scan mit Frst durchgeführt und wollte jetzt mal hier nachfragen.
FRST Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2023
durchgeführt von **** (Administrator) auf DESKTOP-**** (11-03-2023 11:22:26)
Gestartet von D:\Downloads
Geladene Profile: ******
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.2673 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Advanced Micro Devices Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\AMD\CNext\CCCSlim\MOM.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\AMD\CNext\CCCSlim\MOM.exe ->) (Advanced Micro Devices Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\AMD\CNext\CCCSlim\CCC.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe ->) (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
(C:\Program Files\Tablet\Wacom\WacomHost.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco Secure Client\UI\csc_ui.exe
(Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
(D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe ->) (Kristjan Skutta -> ) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe <4>
(DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atieclxx.exe
(explorer.exe ->) (Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(explorer.exe ->) (Kristjan Skutta -> ) D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET + Big-R + obelix30) [Datei ist nicht signiert] C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe
(G. SKILL International Enterprise Co., Ltd. -> G.SKILL Inc.) C:\Program Files (x86)\G.SKILL\Trident Z Lighting Control\hid.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(S:\Programme\MDESIGN\lmgrd.exe ->) (Tedata GmbH) [Datei ist nicht signiert] S:\Programme\MDESIGN\TEDATA64.exe
(S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe ->) (Mentor Graphics Corporation -> Mentor Graphics Corporation) S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe
(services.exe ->) (3Dconnexion SAM -> 3Dconnexion) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\Mgl3DCtlrRPCService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.05\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco Secure Client\vpnagent.exe
(services.exe ->) (Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe
(services.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
(services.exe ->) (Endor AG -> ) C:\Program Files\Fanatec\Fanatec Wheel\FWPnpService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Flexera Software LLC -> Flexera) S:\Programme\MDESIGN\lmgrd.exe <2>
(services.exe ->) (Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Leawo Software) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe
(services.exe ->) (Mentor Graphics Corporation -> Mentor Graphics Corporation) S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.23.1.21\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.23.1.21\nsWscSvc.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2203.1037.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.3DBuilder_20.0.3.0_x64__8wekyb3d8bbwe\Builder3D.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.43112.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21374.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21374.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(svchost.exe ->) (Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2307.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Flight Yoke System] => C:\Program Files\Logitech\Flight Yoke System\Yoke_Profiler.exe [19456 2018-02-14] (Logitech) [Datei ist nicht signiert]
HKLM\...\Run: [3DxWare Service] => C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\3DxService.exe [2518584 2020-09-07] (3Dconnexion SAM -> 3Dconnexion, INC)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Sonic Studio 3] => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1233920 2017-10-18] (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [20369616 2017-10-11] (Corsair Components, Inc. -> Corsair Components, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-06-15] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [433800 2018-09-17] (Geek Software GmbH -> Geek Software GmbH)
HKLM-x32\...\Run: [Spectrum] => C:\Program Files (x86)\G.SKILL\Trident Z Lighting Control\HID.exe [1747048 2022-05-10] (G. SKILL International Enterprise Co., Ltd. -> G.SKILL Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [138214768 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Cisco Secure Client] => C:\Program Files (x86)\Cisco\Cisco Secure Client\UI\csc_ui.exe [2999392 2022-10-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2628488 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [CorsairLink4] => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [27146448 2018-03-30] (Corsair Components, Inc. -> Corsair Components, Inc.)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [WallpaperEngine] => D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe [2918904 2020-09-16] (Kristjan Skutta -> )
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1746776 2021-02-15] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [Lync] => "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe" /fromrunkey (Keine Datei)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\nikla\AppData\Local\WebEx\WebexHost.exe [8040032 2023-02-22] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [280440 2021-06-06] (nordvpn s.a. -> TEFINCOM S.A.)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [CorsairEffectsEngine] => "C:\Users\nikla\AppData\Local\CorsairEffectsEngine\Update.exe" --processStart CorsairEffectsEngine.exe (Keine Datei)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [SignalRgb] => "C:\Users\nikla\AppData\Local\VortxEngine\SignalRgbLauncher.exe" --silent (Keine Datei)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [MicrosoftEdgeAutoLaunch_ALB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --launcher=on_logon_windows [4243408 2023-03-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [MicrosoftEdgeAutoLaunch_BD744D00B7947BA4CE821E1D00C3AA26] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-03-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\nikla\AppData\Local\Microsoft\Teams\Update.exe [2587456 2023-02-16] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [GoogleContactSync] => C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe [3342848 2022-08-06] (WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET + Big-R + obelix30) [Datei ist nicht signiert]
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\Run: [GoogleChromeAutoLaunch_333DA321688CFEFA9F9D34AB6803D568] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3221272 2023-03-04] (Google LLC -> Google LLC)
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\MountPoints2: {2340272e-be10-11eb-974e-e8d11bfb5684} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\MountPoints2: {3e92ea2f-46ca-11ec-9762-e8d11bfb5684} - "J:\OnePlus_setup.exe" /s
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\MountPoints2: {8ee68233-cc50-11e7-9519-107b44f0e531} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-341515215-1173906820-3305953664-1001\...\MountPoints2: {dbd5ed5b-d2ca-11ec-9784-e8d11bfb5684} - "E:\OnePlus_setup.exe" /s
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\WINDOWS\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series XPS: C:\WINDOWS\system32\CNMXLMBA.DLL [392192 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\WINDOWS\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [181248 2023-03-08] (pdfforge GmbH) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\111.0.5563.65\Installer\chrmstp.exe [2023-03-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CADClick® Click2CAD Toolbox.lnk [2019-05-16]
ShortcutTarget: CADClick® Click2CAD Toolbox.lnk -> C:\Program Files (x86)\KiM GmbH\CADClick Click2CAD Toolbox\CADClick_Click2CAD.exe (KiM GmbH) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Imaging Edge Desktop.lnk [2020-05-11]
ShortcutTarget: Imaging Edge Desktop.lnk -> C:\Program Files\Sony\Imaging Edge Desktop\ied.exe (Sony Imaging Products & Solutions Inc. -> Sony)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2021 Fast Start.lnk [2022-02-17]
ShortcutTarget: SOLIDWORKS 2021 Fast Start.lnk -> C:\Windows\Installer\{9C0A2571-4AAE-4FEE-B673-038B38B85EFC}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Hintergrund-Downloader.lnk [2022-02-16]
ShortcutTarget: SOLIDWORKS Hintergrund-Downloader.lnk -> C:\Program Files (x86)\Common Files\SOLIDWORKS Installations-Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
Startup: C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-06-30]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Keine Datei)
Startup: C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Corsair Effects Engine.appref-ms [2018-07-26] () [Datei ist nicht signiert]
InternetURL: C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Kalender.url -> URL: hxxps://calendar.google.com/calendar/
Startup: C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Luminar Neo.lnk [2023-02-06]
ShortcutTarget: Luminar Neo.lnk -> C:\Program Files\Skylum\Luminar Neo\Luminar Neo.exe (Skylum Software USA, Inc. -> Skylum)
Startup: C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook.lnk [2021-09-20]
ShortcutTarget: Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Keine Datei)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B6F4C12-5E96-481D-AE0D-EDCFB7B8E788} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-07-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1A955452-8B04-4B8F-9B50-2CE76A1D699C} - System32\Tasks\Norton AntiVirus Plus\Norton AntiVirus Error Analyzer => C:\Program Files\Norton Security\Engine\22.23.1.21\SymErr.exe [379024 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {260597EE-1EFE-4E62-888B-4E59D0F8DA3F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-23] (Google Inc -> Google Inc.)
Task: {26EBBFC4-6B4F-422F-A559-2F8D1F1CD458} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\nikla\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-10] (ESET, spol. s r.o. -> ESET)
Task: {29E993DC-13A6-42DB-B09F-95541369A879} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-07-09] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
Task: {2A244E2A-03C3-49DA-91C4-0DC1BA7ED144} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2353000 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {359EB1CC-3032-4ABD-8F07-010EBD31ED9D} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3825768 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EE56148-692A-4A39-91D0-6D395FF694EA} - System32\Tasks\SS3svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1233920 2017-10-18] (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert]
Task: {4A0C5A39-B5CF-4EFF-8083-2A2726851F33} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-341515215-1173906820-3305953664-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206000 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B289FC6-80A8-4F64-B77D-B30F8E51792F} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1627648 2020-07-09] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
Task: {4C443E01-1E76-4567-BA7B-489C2F60C35D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {4F6AFD6C-C87D-48BF-9DBC-8B8C273F07BA} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {506870FF-3B3C-4567-A207-2258BE7CE6CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8519680 2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {683599C2-E99D-4675-9B56-B47441944B6D} - System32\Tasks\Norton AntiVirus Plus\Norton AntiVirus Autofix => C:\Program Files\Norton Security\Engine\22.23.1.21\SymErr.exe [379024 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {71F7958C-0126-46C4-ADAC-73789EF1CA48} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64408 2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {74433CBB-1D30-465D-83EB-22C491A97D72} - System32\Tasks\Norton AntiVirus Plus\Norton AntiVirus Error Processor => C:\Program Files\Norton Security\Engine\22.23.1.21\SymErr.exe [379024 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {7A711CB0-82DC-4393-BFC2-B22145958FD5} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-07-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7B3410FE-A596-4782-963C-FBB9F876ED93} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-07-09] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
Task: {89E0A7DB-FA1D-4170-96DC-F7AE74A0B560} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {89EF1B3B-71B0-431F-AA2E-B627F4A2EBCB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9263973F-C98E-4E95-A086-817F0C1C2751} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-23] (Google Inc -> Google Inc.)
Task: {974A70E0-A94A-48B7-80EA-1DF4109BB04B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F209321-9225-4158-A4BB-5BB54AA08B35} - System32\Tasks\SS3svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe [811520 2017-10-18] (ASUSTeK COMPUTER INC.) [Datei ist nicht signiert]
Task: {A2186A0F-BC52-4AF9-99C2-39848ABA3D3E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206000 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB8691ED-C0C1-4B5F-A562-1F25C2FE6E3A} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe [247256 2016-12-16] (ASUSTeK Computer Inc. -> )
Task: {B6E6057C-4802-4A57-8875-434945C57CBE} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-10-31] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {BF053508-657C-438D-A3EB-75A46F177903} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8519680 2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF0FCB18-B0F1-4441-8FF5-30C4484F9369} - System32\Tasks\Driver Booster SkipUAC (***) => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe /skipuac (Keine Datei)
Task: {C0EB3C26-4126-49D2-9F28-8EAB094117D9} - System32\Tasks\MATLAB R2021b Startup Accelerator => C:\Program Files\MATLAB\R2021b\bin\win64\MATLABStartupAccelerator.exe (Keine Datei)
Task: {C959DDE1-4A51-46DB-90E0-997E20F3677D} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.23.1.21\WSCStub.exe [646520 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {D463F2FA-A2DF-49B7-A6EC-64272BBB4CDD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {D7CE29BA-5920-4045-9E4E-6A832C3F3E8D} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-15] (Overwolf Ltd -> Overwolf LTD)
Task: {E35B0485-9AFC-403B-93A7-EE830ADBAFE7} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\nikla\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-10] (ESET, spol. s r.o. -> ESET)
Task: {E7A48BD2-AD71-4D6F-93CB-C836C20108CE} - System32\Tasks\MATLAB R2022b Startup Accelerator => S:\Programme\MATLAB\R2022b\bin\win64\MATLABStartupAccelerator.exe [98816 2022-06-29] () [Datei ist nicht signiert]
Task: {EB0CCE20-D7A7-4D04-81B0-6FADAB93F22D} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43797544 2022-09-01] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {EF243A99-6D8D-47B7-AF56-F5615BF3397A} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-10-31] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\MATLAB R2021b Startup Accelerator.job => C:\Program Files\MATLAB\R2021b\bin\win64\MATLABStartupAccelerator.exe C:\Program Files\MATLAB\R2021b#DESKTOP-***GFFN\***.Sta
Task: C:\WINDOWS\Tasks\MATLAB R2022b Startup Accelerator.job => S:\Programme\MATLAB\R2022b\bin\win64\MATLABStartupAccelerator.exeS:\Programme\MATLAB\R2022b#DESKTOP-***GFFN\***.Sta
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9bca827c-244f-4b38-98cd-b5ddd81e8ff6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a5c95a1a-f2a2-4aca-89e9-0b441b481868}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{dec42306-addf-4283-be25-2fd81a0d81da}: [DhcpNameServer] 192.168.0.1
Edge:
=======
DownloadDir: D:\Downloads
Edge Notifications: HKU\S-1-5-21-341515215-1173906820-3305953664-1001 -> hxxps://calendar.google.com
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-09]
Edge Extension: (Cisco Webex Extension) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmihkeafcknlomclapaddfljaeegfbdl [2021-02-26]
Edge Extension: (Checker Plus for Google Calendar™) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fbongfbliechkeaegkjfehhimpenoani [2023-03-05]
Edge Extension: (McAfee® WebAdvisor) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2023-03-05]
Edge Extension: (PAYBACK Internet Assistent) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fmgfmfcpbgahfllkogflflfebdbfogga [2022-07-13]
Edge Extension: (Return YouTube Dislike) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-02-20]
Edge Extension: (In Google Drive speichern) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2023-03-05]
Edge Extension: (Tampermonkey) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iikmkjmpaadaobahmlepeloendndfphd [2023-02-03]
Edge Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2023-03-08]
Edge Extension: (Citavi Picker) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mielbhbkcliienpdicphhecpodcaeefg [2022-06-24]
Edge Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2023-03-05]
Edge Extension: (I don't care about cookies) - C:\Users\nikla\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oholpbloipjbbhlhohaebmieiiieioal [2023-02-20]
Edge HKLM-x32\...\Edge\Extension: [cmihkeafcknlomclapaddfljaeegfbdl]
Edge HKLM-x32\...\Edge\Extension: [mielbhbkcliienpdicphhecpodcaeefg]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => nicht gefunden
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Composer\Bin\npcomposerplayerwebplugin.dll [2021-10-29] (DASSAULT SYSTEMES SE -> Dassault Systemes)
FF Plugin: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Composer\Bin\x86\npcomposerplayerwebplugin.dll [2021-10-29] (DASSAULT SYSTEMES SE -> Dassault Systemes)
FF Plugin-x32: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-02-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @ptc.com/IsoView -> C:\Program Files (x86)\Common Files\PTC\npisoview.dll [2016-11-29] (PTC Inc. -> PTC Inc.)
FF Plugin-x32: @ptc.com/ProductViewLite -> C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll [2016-11-29] (PTC Inc. -> PTC)
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2021-01-29] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default [2023-03-11]
CHR Extension: (Just Black) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2023-03-06]
CHR Extension: (Tampermonkey) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2023-03-06]
CHR Extension: (I don't care about cookies) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-03-06]
CHR Extension: (Norton Safe Web) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2023-03-08]
CHR Extension: (Return YouTube Dislike) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-03-06]
CHR Extension: (Google Docs Offline) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-06]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-03-06]
CHR Extension: (In Google Drive speichern) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2023-03-06]
CHR Extension: (Checker Plus for Google Calendar™) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhggnncdpfibdhinjiegagmopldibha [2023-03-06]
CHR Extension: (Cisco Webex Extension) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2023-03-06]
CHR Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2023-03-09]
CHR Extension: (Shazam: Finde Songtitel in deinem Browser) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-03-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-06]
CHR Extension: (Citavi Picker) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2023-03-06]
CHR Extension: (PAYBACK Internet Assistent) - C:\Users\nikla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbfjbhoglggakhkngkbfehgghkaadeba [2023-03-06]
CHR Profile: C:\Users\nikla\AppData\Local\Google\Chrome\User Data\System Profile [2023-03-09]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [jlhmfgmfgeifomenelglieieghnjghma]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [394864 2022-09-27] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.05\atkexComSvc.exe [456008 2022-10-31] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 AsRogAuraService; C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe [753624 2016-12-16] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-10-31] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-05-19] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-10-31] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [678256 2022-10-31] (ASUSTeK COMPUTER INC. -> ASUS)
R2 CdRomAccessAgentService; C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe [90112 2023-03-06] (Leawo Software) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12554240 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
R3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [34512 2018-03-30] (Corsair Components, Inc. -> Corsair Components, Inc.)
S3 CoordinatorServiceHost; S:\Programme\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [79576 2021-10-30] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
R2 csc_vpnagent; C:\Program Files (x86)\Cisco\Cisco Secure Client\vpnagent.exe [1215584 2022-12-13] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-09-23] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2022-05-19] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.038.0219.0001\FileSyncHelper.exe [3486600 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (FUTUREMARK INC -> Futuremark)
R2 FWPnpService; C:\Program Files\Fanatec\Fanatec Wheel\FWPnpService.exe [250864 2019-01-10] (Endor AG -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [389696 2017-07-10] (Canon Inc. -> )
S3 impi_hydra; S:\Programme\SOLIDWORKS Corp\SOLIDWORKS\hydra_service.exe [924472 2021-10-29] (Intel(R) Software Development Products -> Intel Corporation)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3835360 2022-03-10] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
S2 MDESIGN License Manager; C:\Program Files (x86)\FLEXlm\MDESIGN\lmgrd.exe [1396200 2018-06-29] (Flexera Software LLC -> Flexera Software LLC)
R2 MDESIGN License Manager 64; S:\Programme\MDESIGN\lmgrd.exe [1203536 2022-10-20] (Flexera Software LLC -> Flexera)
R2 Mgl3DCtlrRPCService; C:\Program Files\3Dconnexion\3DxWare\3DxWinCore\Mgl3DCtlrRPCService.exe [166968 2020-09-07] (3Dconnexion SAM -> 3Dconnexion)
R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [280440 2021-06-06] (nordvpn s.a. -> TEFINCOM S.A.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.23.1.21\NortonSecurity.exe [344888 2023-02-02] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.23.1.21\nsWscSvc.exe [1059176 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-10-16] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.038.0219.0001\OneDriveUpdaterService.exe [3865992 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-15] (Overwolf Ltd -> Overwolf LTD)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [433800 2018-09-17] (Geek Software GmbH -> Geek Software GmbH)
R2 RemoteSolverDispatcher; S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [252936 2021-10-29] (Mentor Graphics Corporation -> Mentor Graphics Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1574512 2023-02-13] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [226976 2023-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2017-11-17] (SolidWorks) [Datei ist nicht signiert]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 SWVisualize2021.Queue.Server; S:\Programme\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [30424 2021-10-30] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15212856 2023-01-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [145096 2021-01-29] (Cisco WebEx LLC -> Cisco WebEx LLC)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\nikla\AppData\Roaming\Zoom"
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 3dxhid; C:\WINDOWS\System32\drivers\3dxhid.sys [49952 2020-09-02] (3Dconnexion SAM -> 3Dconnexion SAM)
R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [304056 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54720 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\amdkmdag.sys [94459216 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-11-18] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [49256 2022-08-15] (ASUSTeK COMPUTER INC. -> )
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.23.1.21\Definitions\BASHDefs\20230309.011\BHDrvx64.sys [1696736 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\ccSetx64.sys [198280 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2017-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2017-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz146; C:\WINDOWS\temp\cpuz146\cpuz146_x64.sys [52824 2023-03-11] (CPUID -> CPUID)
R1 CTIAIO; C:\WINDOWS\system32\drivers\CtiAIo64.sys [32304 2022-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [32296 2022-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 e2esoft_ivcamaudio_simple; C:\WINDOWS\system32\drivers\iVCamAud.sys [255464 2020-11-04] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 FanatecWheelFilterUsb; C:\WINDOWS\System32\drivers\FWFilterUsb.sys [91872 2019-01-10] (Endor AG -> Endor AG)
R3 FWVirtualInputDevice; C:\WINDOWS\System32\drivers\FWVirtualInputDevice.sys [35552 2019-01-10] (Endor AG -> Endor AG)
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2022-10-31] (ASUSTeK Computer Inc. -> )
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-09-15] (Martin Malik - REALiX -> REALiX(tm))
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.23.1.21\Definitions\IPSDefs\20230310.061\IDSvia64.sys [1527816 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [35344 2022-09-21] (ASUSTEK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1090536 2020-11-02] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
R3 KMJHidMini; C:\WINDOWS\System32\drivers\3dxkmj.sys [18944 2020-09-02] (Microsoft Windows Hardware Compatibility Publisher -> 3Dconnextion Inc.)
R3 KMJShim; C:\WINDOWS\System32\drivers\3dxshim.sys [7168 2020-09-02] (Microsoft Windows Hardware Compatibility Publisher -> 3Dconnextion Inc.)
R3 LSaiMini; C:\WINDOWS\System32\drivers\LSaiMini.sys [20720 2018-02-14] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
R3 LSaiNtBus; C:\WINDOWS\system32\drivers\LSaiBus.sys [60336 2018-02-14] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
R1 LUMDriver; C:\WINDOWS\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM Polska Sp. z o.o. -> IBM)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-06-08] (TEFINCOM S.A. -> )
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2019-07-19] (SoftEther Corporation -> SoftEther Corporation)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [42576 2021-06-13] (nordvpn s.a. -> TEFINCOM S.A.)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\nsvst.sys [57120 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 SaiK0bac; C:\WINDOWS\system32\DRIVERS\SaiK0bac.sys [217408 2018-02-14] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
S3 SaiU0bac; C:\WINDOWS\system32\DRIVERS\SaiU0bac.sys [24816 2018-02-14] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R2 SignalRgbDriver; C:\WINDOWS\System32\Drivers\SignalRgbDriver.sys [25832 2022-03-22] (WHIRLWIND VIRTUAL REALITIES INC. -> )
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\SRTSP64.SYS [956048 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\SRTSPX64.SYS [52872 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\SYMEFASI64.SYS [2180248 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\SymELAM.sys [36016 2023-02-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100344 2023-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.23.1.21\SymPlatform\SymEvnt.sys [722400 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\Ironx64.SYS [306824 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\symnets.sys [492728 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 USBTINSP; C:\WINDOWS\System32\drivers\tinspusb.sys [142848 2010-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [54176 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R2 WinRing0x64; C:\WINDOWS\System32\Drivers\WinRing0x64.sys [14544 2022-03-22] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617010.015\wpCtrlDrv.sys [1016792 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 CM_VENDER_CMD; \??\C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-03-11 11:19 - 2023-03-11 11:22 - 000000000 ____D C:\FRST
2023-03-10 22:18 - 2023-03-10 22:18 - 000007628 _____ C:\Users\nikla\AppData\Local\Resmon.ResmonCfg
2023-03-10 22:01 - 2023-03-10 22:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2023-03-10 21:28 - 2023-03-10 21:28 - 000003884 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-03-10 21:28 - 2023-03-10 21:28 - 000003442 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-03-10 16:04 - 2023-03-10 16:04 - 000001378 _____ C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-03-10 16:04 - 2023-03-10 16:04 - 000000000 ____D C:\Users\nikla\AppData\Local\ESET
2023-03-10 13:33 - 2023-03-10 13:33 - 000000746 _____ C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SALOME-9.10.0.lnk
2023-03-10 13:33 - 2023-03-10 13:33 - 000000178 _____ C:\Users\nikla\AppData\Roaming\.omniORB_DESKTOP-***GFFN_12332.cfg
2023-03-10 13:01 - 2023-03-10 13:01 - 000000000 ____D C:\Users\nikla\AppData\Local\MathWorks
2023-03-09 12:29 - 2023-03-09 12:29 - 000000000 ____D C:\Users\nikla\AppData\Local\Norton
2023-03-08 16:31 - 2023-03-08 16:31 - 000000000 ____D C:\Users\nikla\AppData\Local\NPE
2023-03-08 15:41 - 2023-03-08 15:41 - 000001083 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2023-03-08 15:41 - 2023-03-08 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2023-03-08 15:40 - 2023-03-08 15:40 - 000000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.34.lnk
2023-03-08 15:36 - 2023-03-08 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom
2023-03-08 15:36 - 2023-03-08 15:36 - 000000000 ____D C:\Program Files (x86)\Zoom
2023-03-08 15:35 - 2023-03-08 15:35 - 000001076 _____ C:\Users\Public\Desktop\Audacity.lnk
2023-03-08 15:35 - 2023-03-08 15:35 - 000000680 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2023-03-08 15:35 - 2023-03-08 15:35 - 000000000 ____D C:\Users\nikla\AppData\Local\pdfforge
2023-03-08 15:35 - 2023-03-08 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2023-03-08 15:35 - 2023-03-08 15:35 - 000000000 ____D C:\Program Files\PDFCreator
2023-03-08 13:18 - 2023-03-08 13:18 - 000000000 ____D C:\Program Files\Common Files\AV
2023-03-08 12:30 - 2023-03-10 19:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton AntiVirus Plus
2023-03-08 12:28 - 2023-03-08 12:28 - 000003376 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2023-03-08 12:28 - 2023-03-08 12:28 - 000002297 _____ C:\Users\Public\Desktop\Norton Security.lnk
2023-03-08 12:28 - 2023-03-08 12:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2023-03-08 12:28 - 2023-03-08 12:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2023-03-08 12:28 - 2023-03-08 12:28 - 000000000 ____D C:\Program Files\Norton Security
2023-03-08 12:28 - 2023-03-08 12:28 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2023-03-08 12:26 - 2023-03-08 12:26 - 000000000 ____D C:\ProgramData\NortonInstaller
2023-03-08 12:26 - 2023-03-08 12:26 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2023-03-08 12:23 - 2023-03-09 12:29 - 000000000 ____D C:\ProgramData\Norton
2023-03-08 12:23 - 2023-03-08 12:23 - 000000000 ____D C:\Users\Public\Downloads\Norton
2023-03-08 01:19 - 2023-03-08 01:23 - 000000000 ____D C:\Users\nikla\AppData\LocalLow\IGDump
2023-03-08 01:18 - 2023-03-08 01:18 - 000000000 ____D C:\Users\nikla\AppData\Local\mbam
2023-03-07 22:49 - 2023-03-07 22:49 - 000002399 _____ C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Signal.lnk
2023-03-07 22:49 - 2023-03-07 22:49 - 000000000 ____D C:\Users\nikla\AppData\Local\signal-desktop-updater
2023-03-07 11:24 - 2023-03-07 11:24 - 000000000 ____D C:\Users\nikla\AppData\Local\Siemens
2023-03-07 10:54 - 2023-03-07 10:54 - 000000000 ____D C:\Users\nikla\.thumbnails
2023-03-06 22:56 - 2023-03-06 22:56 - 000000000 ___HD C:\$WinREAgent
2023-03-06 22:44 - 2023-03-07 21:01 - 000000000 ____D C:\Users\nikla\AppData\Local\Adobe
2023-03-06 22:27 - 2023-03-07 10:57 - 000000000 ____D C:\Users\nikla\AppData\Local\cache
2023-03-06 22:22 - 2023-03-06 22:22 - 000000000 ____D C:\Users\nikla\AppData\Local\VirtualStore
2023-03-06 22:22 - 2023-03-06 22:22 - 000000000 ____D C:\Users\nikla\AppData\Local\Sentry
2023-03-06 22:22 - 2023-03-06 22:22 - 000000000 ____D C:\Users\nikla\AppData\Local\PeerDistRepub
2023-03-06 22:22 - 2023-03-06 22:22 - 000000000 ____D C:\Users\nikla\AppData\Local\ATI
2023-03-06 21:29 - 2023-03-06 21:29 - 000684984 _____ (Mozilla Foundation) C:\Users\nikla\AppData\LocalLow\freebl3.dll
2023-03-06 21:29 - 2023-03-06 21:29 - 000627128 _____ (Mozilla Foundation) C:\Users\nikla\AppData\LocalLow\mozglue.dll
2023-03-06 21:29 - 2023-03-06 21:29 - 000254392 _____ (Mozilla Foundation) C:\Users\nikla\AppData\LocalLow\softokn3.dll
2023-03-06 21:19 - 2023-03-06 21:19 - 000000000 ____D C:\Users\nikla\AppData\Local\Leawo Blu-ray Ripper
2023-03-06 21:06 - 2023-03-06 21:11 - 000000000 ____D C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VidCoder
2023-03-06 21:06 - 2023-03-06 21:11 - 000000000 ____D C:\Users\nikla\AppData\Local\VidCoder.Stable
2023-03-06 21:06 - 2023-03-06 21:10 - 000000000 ____D C:\Users\nikla\AppData\Roaming\VidCoder
2023-03-06 21:06 - 2023-03-06 21:06 - 000000000 ____D C:\Users\nikla\AppData\Local\ToastNotificationManagerCompat
2023-03-06 21:06 - 2023-03-06 21:06 - 000000000 ____D C:\Users\nikla\AppData\Local\IsolatedStorage
2023-03-06 21:06 - 2023-03-06 21:06 - 000000000 ____D C:\Program Files\dotnet
2023-03-06 21:05 - 2023-03-06 21:06 - 000000000 ____D C:\Users\nikla\AppData\Local\SquirrelClowdTemp
2023-03-06 21:03 - 2023-03-06 21:03 - 000000000 ___HD C:\ProgramData\vid
2023-03-06 21:03 - 2023-03-06 21:03 - 000000000 ___HD C:\ProgramData\tks
2023-03-06 21:01 - 2023-03-06 21:01 - 000000000 ____D C:\Users\nikla\AppData\Local\Blu-ray Master
2023-03-06 20:52 - 2023-03-06 20:52 - 000000000 ____D C:\Users\nikla\AppData\Local\Swiss Academic Software
2023-03-06 18:36 - 2023-03-06 18:36 - 000000000 ____D C:\Users\nikla\AppData\Local\Edraw
2023-03-06 18:36 - 2023-03-06 18:36 - 000000000 ____D C:\Users\nikla\AppData\Local\CEF
2023-03-06 18:32 - 2023-03-06 18:32 - 000000000 ____D C:\Users\nikla\AppData\Local\MicrosoftEdge
2023-03-05 14:23 - 2023-03-09 15:44 - 000000000 ____D C:\Users\nikla\AppData\Roaming\gtk-2.0
2023-03-05 14:18 - 2023-03-05 14:18 - 000001659 _____ C:\Users\Public\Desktop\Z88Aurora V5.lnk
2023-03-05 14:18 - 2023-03-05 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z88Aurora V5
2023-03-05 14:16 - 2023-03-05 14:16 - 000001651 _____ C:\Users\Public\Desktop\Z88ArionV3.lnk
2023-03-05 14:16 - 2023-03-05 14:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z88ArionV3
2023-03-05 13:53 - 2023-03-05 13:53 - 000000000 ____D C:\Users\nikla\flasheur
2023-03-05 13:34 - 2023-03-05 13:34 - 000000233 _____ C:\Users\nikla\AppData\Roaming\.omniORB_***_DESKTOP-***GFFN_2813.cfg
2023-03-05 13:28 - 2023-03-05 13:28 - 000000233 _____ C:\Users\nikla\AppData\Roaming\.omniORB_***_DESKTOP-***GFFN_2812.cfg
2023-03-04 19:48 - 2023-03-04 19:48 - 000000000 ____D C:\Users\nikla\.config
2023-03-04 19:45 - 2023-03-04 19:45 - 000000000 ____D C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Code_Aster v2021
2023-03-04 19:39 - 2023-03-10 19:27 - 000000233 _____ C:\Users\nikla\AppData\Roaming\.omniORB_***_last.cfg
2023-03-04 19:39 - 2023-03-05 14:09 - 000000104 _____ C:\Users\nikla\AppData\Roaming\.salome_PortManager.cfg
2023-03-04 19:39 - 2023-03-04 19:39 - 000000233 _____ C:\Users\nikla\AppData\Roaming\.omniORB_***_DESKTOP-***GFFN_2810.cfg
2023-02-28 12:11 - 2023-03-11 00:35 - 000000000 ____D C:\Users\nikla\AppData\Roaming\GoContactSyncMOD
2023-02-28 12:11 - 2023-02-28 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GO Contact Sync Mod
2023-02-28 12:11 - 2023-02-28 12:11 - 000000000 ____D C:\Program Files (x86)\GO Contact Sync Mod
2023-02-25 13:26 - 2023-02-25 13:26 - 000050715 _____ C:\Users\nikla\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2023-02-22 12:29 - 2023-02-22 12:29 - 000000000 ____D C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2023-02-22 12:29 - 2023-02-22 12:29 - 000000000 ____D C:\Program Files (x86)\LinuxLive USB Creator
2023-02-21 15:14 - 2023-02-21 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2023-02-21 15:14 - 2023-02-21 15:14 - 000000000 ____D C:\Program Files (x86)\Cisco
2023-02-16 19:08 - 2023-02-16 19:24 - 000002364 _____ C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2023-02-16 17:24 - 2023-03-09 17:04 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-02-16 17:22 - 2023-03-09 10:44 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-02-16 17:22 - 2023-03-09 10:44 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-16 17:22 - 2023-02-16 17:22 - 000000000 ___RD C:\Users\Default\OneDrive
2023-02-16 17:22 - 2023-02-16 17:22 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2023-02-16 17:21 - 2023-02-16 17:21 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-02-16 17:19 - 2023-02-16 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-02-16 17:19 - 2023-02-16 17:19 - 000002541 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2023-02-16 17:19 - 2023-02-16 17:19 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-02-16 17:12 - 2023-02-16 17:12 - 000000000 ____D C:\Program Files\Microsoft Office 15
2023-02-15 20:57 - 2023-02-15 20:57 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk
2023-02-15 20:57 - 2023-02-15 20:57 - 000001092 _____ C:\Users\Public\Desktop\AusweisApp2.lnk
2023-02-15 20:57 - 2023-02-15 20:57 - 000000000 ____D C:\Users\nikla\AppData\Local\Governikus GmbH & Co. KG
2023-02-15 20:57 - 2023-02-15 20:57 - 000000000 ____D C:\Program Files\AusweisApp2
2023-02-12 16:50 - 2023-02-12 16:50 - 000000000 ____D C:\ProgramData\mwboost_interprocess
2023-02-12 16:44 - 2023-02-12 16:44 - 000003856 _____ C:\WINDOWS\system32\Tasks\MATLAB R2022b Startup Accelerator
2023-02-12 16:44 - 2023-02-12 16:44 - 000001029 _____ C:\Users\Public\Desktop\MATLAB R2022b.lnk
2023-02-12 16:44 - 2023-02-12 16:44 - 000000586 _____ C:\WINDOWS\Tasks\MATLAB R2022b Startup Accelerator.job
2023-02-12 16:44 - 2023-02-12 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2022b
2023-02-10 19:07 - 2023-02-10 19:07 - 000000787 _____ C:\Users\Public\Desktop\Inkscape.lnk
2023-02-10 19:07 - 2023-02-10 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-11 11:09 - 2020-09-15 11:36 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{9F977908-B9F0-4B85-955B-C6FD9A658823}
2023-03-11 11:08 - 2017-11-17 16:06 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-11 11:06 - 2017-11-17 15:43 - 000000000 ___RD C:\Users\nikla\OneDrive
2023-03-11 11:05 - 2023-01-25 06:54 - 000003152 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2023-03-11 11:05 - 2023-01-25 06:54 - 000003138 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2023-03-11 11:05 - 2017-11-17 19:29 - 000000000 ____D C:\Users\nikla\AppData\Roaming\WTablet
2023-03-10 20:15 - 2020-09-15 11:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-10 19:17 - 2018-07-19 15:58 - 000000000 ____D C:\Program Files (x86)\CorsairLink4
2023-03-10 17:35 - 2022-10-31 11:46 - 000000000 ____D C:\Program Files\ASUS
2023-03-10 13:01 - 2021-10-22 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2021b
2023-03-09 17:11 - 2020-09-15 11:32 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-09 17:11 - 2019-12-07 15:51 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat
2023-03-09 17:11 - 2019-12-07 15:51 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat
2023-03-09 17:11 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-03-09 17:04 - 2020-09-15 11:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-09 17:04 - 2020-09-15 11:30 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-09 17:04 - 2017-12-09 15:14 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-03-09 17:03 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2023-03-09 17:03 - 2017-11-17 15:37 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2023-03-09 16:57 - 2017-11-17 16:02 - 000000000 ____D C:\Program Files (x86)\ASUS
2023-03-09 15:10 - 2018-06-02 20:59 - 000000000 ____D C:\Users\nikla\AppData\Local\D3DSCache
2023-03-09 13:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-08 22:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-08 16:07 - 2020-05-07 20:07 - 000000000 ____D C:\Users\nikla\AppData\Roaming\Zoom
2023-03-08 15:53 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-03-08 15:43 - 2022-10-13 15:40 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-03-08 15:43 - 2022-10-13 15:40 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2023-03-08 15:43 - 2020-09-15 11:36 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-03-08 15:42 - 2019-02-23 12:45 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-08 15:41 - 2020-07-31 14:12 - 000000000 ____D C:\Program Files\Git
2023-03-08 15:41 - 2018-06-26 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2023-03-08 15:41 - 2018-06-26 17:55 - 000000000 ____D C:\Program Files (x86)\Calibre2
2023-03-08 15:37 - 2018-09-09 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2023-03-08 15:37 - 2018-09-09 09:30 - 000000000 ____D C:\Program Files\7-Zip
2023-03-08 15:37 - 2018-07-19 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2023-03-08 15:37 - 2018-07-19 17:06 - 000000000 ____D C:\Program Files\Java
2023-03-08 15:37 - 2017-11-21 23:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-03-08 15:36 - 2017-11-21 23:22 - 000000000 ____D C:\Program Files (x86)\Java
2023-03-08 15:35 - 2018-09-15 16:41 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2023-03-08 15:35 - 2018-09-15 16:41 - 000000000 ____D C:\Program Files (x86)\Audacity
2023-03-08 15:35 - 2018-01-26 15:16 - 000181248 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2023-03-08 12:37 - 2020-05-10 18:14 - 000000000 ____D C:\Users\nikla\AppData\Local\WebEx
2023-03-08 12:28 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-03-08 12:17 - 2017-11-17 16:06 - 000000000 ____D C:\Users\nikla\AppData\Local\Google
2023-03-08 01:45 - 2021-09-30 09:58 - 000000000 ____D C:\Users\nikla\AppData\Roaming\Signal
2023-03-07 10:54 - 2020-09-15 00:00 - 000000000 ____D C:\Users\nikla
2023-03-07 00:39 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-07 00:39 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-03-07 00:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-07 00:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-07 00:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-03-07 00:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-03-06 23:05 - 2018-02-27 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
2023-03-06 23:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-06 22:21 - 2017-11-17 15:42 - 000000000 ____D C:\Users\nikla\AppData\Local\ConnectedDevicesPlatform
2023-03-06 21:50 - 2017-11-18 12:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-06 21:19 - 2018-02-13 14:43 - 000000000 ____D C:\Users\nikla\AppData\Roaming\Leawo
2023-03-06 21:19 - 2018-02-13 14:43 - 000000000 ____D C:\ProgramData\Leawo
2023-03-06 21:06 - 2017-11-17 16:39 - 000000000 ____D C:\ProgramData\Package Cache
2023-03-06 21:03 - 2018-02-13 15:10 - 000000000 ____D C:\Users\nikla\AppData\Roaming\vlc
2023-03-06 18:24 - 2020-03-20 21:47 - 000000000 ____D C:\Users\nikla\AppData\Local\Overwolf
2023-03-06 18:06 - 2017-11-17 15:42 - 000000000 ____D C:\Users\nikla\AppData\Local\Packages
2023-03-06 18:00 - 2017-11-17 18:40 - 000000000 ____D C:\Users\nikla\AppData\Local\3Dconnexion
2023-03-06 16:53 - 2019-01-27 13:33 - 000000000 ____D C:\Users\nikla\AppData\Roaming\obs-studio
2023-03-06 16:49 - 2019-12-07 15:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-03-05 22:23 - 2022-06-19 19:04 - 000000000 ____D C:\Users\nikla\.mediathek3
2023-03-05 22:00 - 2022-01-28 13:32 - 000000000 ____D C:\Users\nikla\AppData\Local\JM01
2023-03-04 19:59 - 2023-01-17 15:58 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-04 19:59 - 2020-09-07 09:44 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-04 19:48 - 2017-11-26 10:36 - 000000000 ____D C:\Users\nikla\AppData\Local\CrashDumps
2023-03-04 11:11 - 2022-01-18 21:34 - 000000000 ____D C:\ProgramData\Swiss Academic Software
2023-03-04 11:11 - 2022-01-18 21:32 - 000002108 _____ C:\Users\Public\Desktop\Citavi 6.lnk
2023-03-04 11:11 - 2022-01-18 21:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 6
2023-03-04 11:10 - 2022-01-18 21:32 - 000000000 ____D C:\Users\nikla\AppData\Local\Downloaded Installations
2023-03-02 16:47 - 2022-10-31 11:41 - 000000000 ____D C:\ProgramData\ASUS
2023-03-02 10:33 - 2021-12-11 11:41 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-341515215-1173906820-3305953664-1001
2023-03-01 07:48 - 2021-12-10 19:36 - 000000675 _____ C:\Users\nikla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Studienarbeit Lenker.lnk
2023-02-28 23:09 - 2017-11-17 16:39 - 000000000 ____D C:\ProgramData\CLink4
2023-02-28 22:52 - 2020-09-15 11:36 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-28 22:52 - 2020-09-15 11:36 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-28 12:10 - 2022-06-21 09:11 - 000000000 ____D C:\Program Files (x86)\GContactSync
2023-02-28 12:07 - 2017-11-17 15:43 - 000000000 ____D C:\Users\nikla\AppData\Local\Comms
2023-02-24 19:31 - 2022-04-05 11:52 - 000000000 ____D C:\Users\nikla\AppData\Roaming\inkscape
2023-02-24 19:30 - 2022-04-05 11:52 - 000000000 ____D C:\Users\nikla\.dbus-keyrings
2023-02-22 13:32 - 2017-11-18 13:17 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-02-21 15:14 - 2017-11-17 17:58 - 000000000 ____D C:\Users\nikla\AppData\Local\Cisco
2023-02-18 10:30 - 2017-11-17 22:16 - 000000000 ____D C:\Program Files\Microsoft Office
2023-02-16 19:08 - 2018-09-06 18:28 - 000000000 ____D C:\Users\nikla\AppData\Local\SquirrelTemp
2023-02-16 19:08 - 2017-11-17 15:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-02-16 19:06 - 2020-09-15 11:30 - 001898568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-16 19:04 - 2020-09-15 11:32 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-16 18:58 - 2017-11-18 12:16 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-16 17:19 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-02-16 17:10 - 2018-01-13 12:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-02-15 14:20 - 2018-03-02 21:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-15 11:59 - 2017-12-09 15:15 - 000000000 ____D C:\Users\nikla\AppData\Local\TeamViewer
2023-02-13 19:09 - 2017-11-17 16:16 - 000000000 ____D C:\Users\nikla\AppData\Local\PlaceholderTileLogoFolder
2023-02-12 16:54 - 2018-11-19 19:15 - 000000000 ____D C:\ProgramData\MDESIGN
2023-02-12 16:44 - 2021-10-22 18:34 - 000000000 ____D C:\ProgramData\MathWorks
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-03-10 13:33 - 2023-03-10 13:33 - 000000178 _____ () C:\Users\nikla\AppData\Roaming\.omniORB_DESKTOP-***GFFN_12332.cfg
2023-03-04 19:39 - 2023-03-04 19:39 - 000000233 _____ () C:\Users\nikla\AppData\Roaming\.omniORB_***_DESKTOP-***GFFN_2810.cfg
2023-03-05 13:28 - 2023-03-05 13:28 - 000000233 _____ () C:\Users\nikla\AppData\Roaming\.omniORB_***_DESKTOP-***GFFN_2812.cfg
2023-03-05 13:34 - 2023-03-05 13:34 - 000000233 _____ () C:\Users\nikla\AppData\Roaming\.omniORB_***_DESKTOP-***GFFN_2813.cfg
2023-03-04 19:39 - 2023-03-10 19:27 - 000000233 _____ () C:\Users\nikla\AppData\Roaming\.omniORB_***_last.cfg
2023-03-04 19:39 - 2023-03-05 14:09 - 000000104 _____ () C:\Users\nikla\AppData\Roaming\.salome_PortManager.cfg
2023-02-25 13:26 - 2023-02-25 13:26 - 000050715 _____ () C:\Users\nikla\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2022-03-27 16:59 - 2022-03-27 16:59 - 000012227 _____ () C:\Users\nikla\AppData\Roaming\Durch Trennzeichen getrennte Werte.CAL
2021-12-02 19:53 - 2022-12-16 18:36 - 000000016 _____ () C:\Users\nikla\AppData\Roaming\obs-virtualcam.txt
2023-03-10 22:18 - 2023-03-10 22:18 - 000007628 _____ () C:\Users\nikla\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
Lesestoff: