| |
| |||||||
Alles rund um Windows: Mehrere Virenfunde mit Malwarebytes / Windows 10 ProWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
04.08.2019, 18:05
| #1 |
| /// TB-Schüler   |  Problem: Mehrere Virenfunde mit Malwarebytes / Windows 10 Pro Hallo, ich hatte beim letzten Suchlauf mit Malwarebytes mehrere Virentreffer (benutze zur Zeit die Testversion, sonst nur den Windows Defender), unter anderem in \\Windows\system32\drivers\cnicdriver.sys. Seitdem habe ich das Gefühl, dass mein PC für irgendetwas Internet-Bandbreite "verschwendet". Für Hilfe wäre ich dankbar. Hier sind die Log-Files: Malwarebytes: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 03.08.19
Scan-Zeit: 12:26
Protokolldatei: 1a6590de-b5d9-11e9-a5db-bc5ff444a1ed.json
-Softwaredaten-
Version: 3.8.3.2965
Komponentenversion: 1.0.613
Version des Aktualisierungspakets: 1.0.11842
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 18362.239)
CPU: x64
Dateisystem: NTFS
Benutzer: System
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Zeitplaner
Ergebnis: Abgeschlossen
Gescannte Objekte: 452966
Erkannte Bedrohungen: 11
In die Quarantäne verschobene Bedrohungen: 11
Abgelaufene Zeit: 11 Min., 15 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 1
PUP.Optional.DriveTheLife, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CNICDRIVER, In Quarantäne, [450], [562561],1.0.11842
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 10
PUP.Optional.DriveTheLife, C:\WINDOWS\SYSTEM32\DRIVERS\CNICDRIVER.SYS, In Quarantäne, [450], [562561],1.0.11842
PUP.Optional.ChipDe, C:\USERS\HT\DOWNLOADS\DISKBOSS - CHIP-INSTALLER.EXE, In Quarantäne, [528], [562568],1.0.11842
PUP.Optional.ChipDe, C:\USERS\HT\DOWNLOADS\GIMP-2.10.4-SETUP - CHIP-INSTALLER.EXE, In Quarantäne, [528], [562568],1.0.11842
PUP.Optional.ChipDe, C:\USERS\HT\DOWNLOADS\MEDIACREATIONTOOL_1629915 - CHIP-INSTALLER.EXE, In Quarantäne, [528], [562568],1.0.11842
PUP.Optional.ChipDe, C:\USERS\HT\DOWNLOADS\PICPICK PORTABLE - CHIP-INSTALLER.EXE, In Quarantäne, [528], [562568],1.0.11842
PUP.Optional.ChipDe, C:\USERS\HT\DOWNLOADS\TDSSKILLER - CHIP-INSTALLER.EXE, In Quarantäne, [528], [562568],1.0.11842
PUP.Optional.ChipDe, C:\USERS\HT\VIDEOS\SHOWKEYPLUS - CHIP-INSTALLER.EXE, In Quarantäne, [528], [562568],1.0.11842
PUP.Optional.ChipDe, C:\USERS\HT\APPDATA\LOCAL\DOWNLOADED INSTALLATIONS\{C98C8305-357C-4DBD-9100-2AB1B6830EA9}\CHIP INSTALLER.MSI, In Quarantäne, [528], [594115],1.0.11842
PUP.Optional.PCVARK.Generic, C:\USERS\HT\DESKTOP\NEUE TOOLS\BACKPROTECTION PREMIUM.LNK, In Quarantäne, [747], [513042],1.0.11842
PUP.Optional.DownloadGuide, C:\USERS\HT\DESKTOP\NEUE TOOLS\OOSU10_CB-DL-MANAGER.EXE, In Quarantäne, [2703], [100902],1.0.11842
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 4-08-2019
durchgeführt von ht (Administrator) auf DESKTOP (04-08-2019 18:39:28)
Gestartet von C:\Users\ht\Desktop
Geladene Profile: ht (Verfügbare Profile: ht & postgres)
Platform: Windows 10 Pro Version 1903 18362.239 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files\DiskBoss\bin\diskbsa.exe
() [Datei ist nicht signiert] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\browsernativehost.exe
() [Datei ist nicht signiert] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [Datei ist nicht signiert] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19062.451.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Ransomware Protection\ARPTray.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Ransomware Protection\Service\arp-application-service.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Amaya Services Limited -> Rational Intellectual Holdings Ltd.) C:\Program Files (x86)\PokerStars.EU\br\PokerStarsBr.exe
(Amaya Services Limited -> Rational Intellectual Holdings Ltd.) C:\Program Files (x86)\PokerStars.EU\br\PokerStarsBr.exe
(Amaya Services Limited -> Rational Intellectual Holdings Ltd.) C:\Program Files (x86)\PokerStars.EU\br\PokerStarsBr.exe
(Amaya Services Limited -> Rational Intellectual Holdings Ltd.) C:\Program Files (x86)\PokerStars.EU\gameutil1.exe
(Amaya Services Limited -> Rational Intellectual Holdings Ltd.) C:\Program Files (x86)\PokerStars.EU\PokerStars.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(CYBERGHOST S.A. -> CyberGhost S.A.) C:\Program Files\CyberGhost 7\CyberGhost.Service.exe
(CyberGhost SRL -> CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(David Carpenter -> ) C:\Program Files\Everything\Everything.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(FreeDownloadManager.org) [Datei ist nicht signiert] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
(FreeDownloadManager.org) [Datei ist nicht signiert] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HexaD) [Datei ist nicht signiert] C:\Program Files\Duplicati\Duplicati.exe
(Innovative Solutions Grup SRL -> Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
(Innovative Solutions Grup SRL -> Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
(Innovative Solutions Grup SRL -> Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Max Value Software, LLC. -> PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe
(Max Value Software, LLC. -> PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTrackerWeb4.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ht\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vmcompute.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vmms.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MpCmdRun.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Realtek Semiconductor Corp.) [Datei ist nicht signiert] C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIMDE.EXE
(Ubisoft Entertainment Sweden AB -> Ubisoft) E:\Ubisoft Game Launcher\upc.exe
(Ubisoft Entertainment Sweden AB -> Ubisoft) E:\Ubisoft Game Launcher\UplayWebCore.exe
(Ulrich Decker -> RebootBlocker) C:\Program Files (x86)\RebootBlocker\RebootBlockerService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) F:\Steam\Steam.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2197608 2017-06-07] (David Carpenter -> )
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123488 2017-11-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3312208 2019-05-04] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Acronis Ransomware Protection] => C:\Program Files (x86)\Acronis\Ransomware Protection\ARPTray.exe [670736 2018-12-14] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-06-01] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-06-01] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46993264 2019-06-27] (Google LLC -> )
HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\...\Run: [DriverMax_RESTART] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [7730776 2018-05-22] (Innovative Solutions Grup SRL -> Innovative Solutions)
HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10203648 2019-01-30] (FreeDownloadManager.org) [Datei ist nicht signiert]
HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2018-06-04] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\...\Run: [Kaspersky Software Updater] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe [1565008 2018-04-23] (Kaspersky Lab -> AO Kaspersky Lab)
HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\...\Run: [PicPick Start] => C:\Program Files (x86)\PicPick\picpick.exe [23851880 2018-06-24] (NGWIN Software Co. -> NGWIN)
HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 7\CyberGhost.exe [1001680 2019-06-05] (CYBERGHOST S.A. -> CyberGhost S.A.)
HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [5650384 2019-02-15] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMDE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMDE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.87\Installer\chrmstp.exe [2019-07-31] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Duplicati.lnk [2017-10-11]
ShortcutTarget: Duplicati.lnk -> C:\Program Files\Duplicati\Duplicati.exe (HexaD) [Datei ist nicht signiert]
GroupPolicy: Beschränkung ? <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0419C8EB-E5CC-41B9-89D3-BDEA4D2F2EDB} - System32\Tasks\OO DiskImage {66313e45-45e6-4a46-803f-6737acf7284c} => C:\Program Files\OO Software\DiskImage\oodiag.exe [8151104 2017-11-03] (O&O Software GmbH -> O&O Software GmbH)
Task: {0B443D68-EC4F-484A-B26D-DB393D86F04A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0C5C0950-D79F-49BB-A527-89AA2D38BD34} - System32\Tasks\OO DiskImage {d1dad3a0-e381-4569-9ae1-a6feb1612ec7} => C:\Program Files\OO Software\DiskImage\oodiag.exe [8151104 2017-11-03] (O&O Software GmbH -> O&O Software GmbH)
Task: {1C2A3DFB-E6C9-4AEE-9DD2-B8BA71346901} - \cFos\Registration Tasks\Open Browser -> Keine Datei <==== ACHTUNG
Task: {1F7CDEF2-8471-4114-9093-E671F903353F} - System32\Tasks\OO DiskImage {cd0bfece-0456-4214-8291-156baf6a8059} => C:\Program Files\OO Software\DiskImage\oodiag.exe [8151104 2017-11-03] (O&O Software GmbH -> O&O Software GmbH)
Task: {259A0635-212C-4014-AE53-0CD5914C11ED} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [688128 2019-01-30] (FreeDownloadManager.org) [Datei ist nicht signiert]
Task: {2E3D545F-7010-4448-8D0E-03F40D63D001} - System32\Tasks\OO DiskImage {e4e98e06-1611-4eec-8200-b5bbc07582fa} => C:\Program Files\OO Software\DiskImage\oodiag.exe [8151104 2017-11-03] (O&O Software GmbH -> O&O Software GmbH)
Task: {3038A37C-AF16-4ADD-919A-B0A0CB29F588} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {32F99A9E-F320-482D-9DB5-59FDC14B23DC} - System32\Tasks\OO DiskImage {8062383b-d2bf-4c93-be73-f27600e1847c} => C:\Program Files\OO Software\DiskImage\oodiag.exe [8151104 2017-11-03] (O&O Software GmbH -> O&O Software GmbH)
Task: {352250BA-4C07-468D-BF1E-01DBD4AA572E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3C2D343B-2B2D-4E1B-A0E4-459807FDA596} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {44DBD535-67F9-496D-9E05-6463FCC951C3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4748D348-2E10-47C3-96E1-08D783545094} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {48C9D896-2A97-4D3C-8EE2-DF213F2CF9CE} - System32\Tasks\EPSON WF-2630 Series Update {358B3B07-5BE7-4AC3-93EA-B03EC2A62FA3} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {510FE817-8586-4962-9E7C-C0FF871D2423} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {53B5F0B3-E8A7-4CE7-8E54-C3750FE9A03D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C533424-62DB-4F01-8AB2-4544ED59B97D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-08-02] (Google Inc -> Google Inc.)
Task: {5CF903EF-A0FF-4C07-A7C9-AC4C78F88239} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {60393590-E94F-4AFF-B988-6ED42728288D} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1138320 2018-01-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {6285E957-FF15-4F0E-96E5-C5184A924D7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {642408E7-E77A-43DD-82BD-1AF09B340019} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [135120 2018-06-04] (Glarysoft LTD -> Glarysoft Ltd)
Task: {6534F9F3-3BEB-4541-BD11-D1C94F456007} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [491832 2019-06-13] (Bitdefender SRL -> Bitdefender)
Task: {6E4E3155-AC15-4B10-AEE6-BCF66A033BF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {802F7705-9E4B-4BB8-9A8D-1EF3F88F507C} - System32\Tasks\Abelssoft\UpdateYeti scan => C:\Program Files (x86)\UpdateYeti\UpdateYeti.exe [2433048 2017-11-27] (Ascora GmbH -> Abelssoft)
Task: {81032C50-C1FF-4490-8E32-CA8FBFBB674B} - System32\Tasks\DriverMaxWelcome => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [7730776 2018-05-22] (Innovative Solutions Grup SRL -> Innovative Solutions)
Task: {848FC5BE-DF99-43BA-9702-19AECDBD6085} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-10] (Adobe Inc. -> Adobe)
Task: {8A054BEE-F39A-49DA-A189-C07D0BA52ADE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {8B042858-E0E6-4E07-A111-787F725F4731} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {969F4677-23CF-456D-AE2C-FF8BCD1704DB} - System32\Tasks\{993A3E80-A253-49E0-9EE2-7B4DAF241147} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\SAMSUNG\USB Drivers\Uninstall.exe"
Task: {992BB560-3904-4E93-9A36-0FAF2CBCE118} - System32\Tasks\Opera scheduled Autoupdate 1511799561 => C:\Program Files\Opera\launcher.exe [1519640 2019-07-24] (Opera Software AS -> Opera Software)
Task: {99B0DE5E-EBFF-4F2B-99C8-3A0DE4CFBFBC} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [914896 2018-06-04] (Glarysoft LTD -> Glarysoft Ltd)
Task: {9F85B689-DF2B-4E24-A757-A73F794D1F32} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe
Task: {A0E04011-357C-47EF-AF22-040D5FF7D497} - System32\Tasks\OO DiskImage {1592ee0b-1043-48e8-b5b2-9aa36f759fce} => C:\Program Files\OO Software\DiskImage\oodiag.exe [8151104 2017-11-03] (O&O Software GmbH -> O&O Software GmbH)
Task: {A4AF09DA-D8F1-4C0D-8A38-67306531806B} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2015-11-20] (Intel(R) Software -> Intel Corporation)
Task: {AF5642E4-5E12-4FCE-AD64-EC3389E72525} - \ASC10_SkipUac_ht -> Keine Datei <==== ACHTUNG
Task: {B0072E11-5871-4CF2-A393-94FC02600FF0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B293E8FA-0382-4301-B937-4DDC68687E6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-08-02] (Google Inc -> Google Inc.)
Task: {B688A986-72A4-45EF-9FF4-370AA7B260BB} - System32\Tasks\OO DiskImage {203728d2-834d-4eb8-8b48-fe079b27b059} => C:\Program Files\OO Software\DiskImage\oodiag.exe [8151104 2017-11-03] (O&O Software GmbH -> O&O Software GmbH)
Task: {BE95BA5F-44B0-45DF-9422-FA7444DDC4FA} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3F0AEA3-25C8-4E5B-84F0-E36452211DFB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-11] (Adobe Inc. -> Adobe)
Task: {D58D246F-F245-4FA8-91CB-6474A2FDB5AD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7E75076-F422-48AC-A201-ADEDAEA916AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DC8FC3A8-2700-4B9A-B705-92EA857D87F3} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E031DB69-4BB0-4785-83E7-512C0B98A236} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [7730776 2018-05-22] (Innovative Solutions Grup SRL -> Innovative Solutions)
Task: {E7BB5CCD-DFFF-4F84-9AD6-A3503794E81C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-11] (Adobe Inc. -> Adobe)
Task: {EF7B528B-9EF7-423E-9D02-5217A9763953} - System32\Tasks\DriverMax Notification => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [7730776 2018-05-22] (Innovative Solutions Grup SRL -> Innovative Solutions)
Task: {F2E46F3B-6AFC-4334-BC29-6E6E13591903} - System32\Tasks\EPSON WF-2630 Series Update {7A90FFF5-97C1-4372-B525-2D42FFCE8246} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {FAC10DC5-D2C3-45D4-9FFB-295648F5B08D} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe [1078360 2018-05-22] (Innovative Solutions Grup SRL -> Innovative Solutions)
Task: {FB544C04-B052-485A-BA60-93A8A480C980} - System32\Tasks\WinSysCleanUAC => C:\Program Files\WinSysClean X8 PRO\WinSysClean.exe [22887200 2017-05-03] (Ultimate Systems -> Ultimate Systems, SRL)
Task: {FDAC3B97-432F-48BC-86C4-872A18814518} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON WF-2630 Series Update {358B3B07-5BE7-4AC3-93EA-B03EC2A62FA3}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE:/EXE:{358B3B07-5BE7-4AC3-93EA-B03EC2A62FA3} /F:UpdateHEIMNETZGRUPPE\DESKTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-2630 Series Update {7A90FFF5-97C1-4372-B525-2D42FFCE8246}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE:/EXE:{7A90FFF5-97C1-4372-B525-2D42FFCE8246} /F:UpdateHEIMNETZGRUPPE\DESKTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-2630 Series Update {7E51856D-4D1D-444E-BA5A-9FD722CBFC52}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE:/EXE:{7E51856D-4D1D-444E-BA5A-9FD722CBFC52} /F:UpdateHEIMNETZGRUPPE\DESKTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\OO DiskImage {1592ee0b-1043-48e8-b5b2-9aa36f759fce}.job => C:\Program Files\OO Software\DiskImage\oodiag.exe,/run {1592ee0b-1043-48e8-b5b2-9aa36f759fce}O&O DiskImage C:\ProgramData\OO Software\DiskImage\Aufgaben\Aufgabe20190328.xml
Task: C:\WINDOWS\Tasks\OO DiskImage {203728d2-834d-4eb8-8b48-fe079b27b059}.job => C:\Program Files\OO Software\DiskImage\oodiag.exe,/run {203728d2-834d-4eb8-8b48-fe079b27b059}O&O DiskImage C:\ProgramData\OO Software\DiskImage\Aufgaben\Aufgabe20180530.xml
Task: C:\WINDOWS\Tasks\OO DiskImage {66313e45-45e6-4a46-803f-6737acf7284c}.job => C:\Program Files\OO Software\DiskImage\oodiag.exe,/run {66313e45-45e6-4a46-803f-6737acf7284c}O&O DiskImage C:\ProgramData\OO Software\DiskImage\Aufgaben\Aufgabe20180907.xml
Task: C:\WINDOWS\Tasks\OO DiskImage {cd0bfece-0456-4214-8291-156baf6a8059}.job => C:\Program Files\OO Software\DiskImage\oodiag.exe,/run {cd0bfece-0456-4214-8291-156baf6a8059}O&O DiskImage C:\ProgramData\OO Software\DiskImage\Aufgaben\Aufgabe20180410.xml
Task: C:\WINDOWS\Tasks\OO DiskImage {d1dad3a0-e381-4569-9ae1-a6feb1612ec7}.job => C:\Program Files\OO Software\DiskImage\oodiag.exe,/run {d1dad3a0-e381-4569-9ae1-a6feb1612ec7}O&O DiskImage C:\ProgramData\OO Software\DiskImage\Aufgaben\Aufgabe20180407.xml
Task: C:\WINDOWS\Tasks\OO DiskImage {e4e98e06-1611-4eec-8200-b5bbc07582fa}.job => C:\Program Files\OO Software\DiskImage\oodiag.exe,/run {e4e98e06-1611-4eec-8200-b5bbc07582fa}O&O DiskImage C:\ProgramData\OO Software\DiskImage\Aufgaben\Aufgabe20180523.xml
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{0a45d09f-5d7a-4eb9-9b67-c3c378c9951f}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{40fb6ba7-6169-41e6-a943-f051bf62aefe}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ada81cf9-13f0-46d9-8145-5786d1f67ad9}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Kein Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Keine Datei
BHO-x32: Kein Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-04-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-28] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: x56l07sf.default
FF DefaultProfile: pxeovy8c.default
FF DefaultProfile: h52ruwfi.default
FF ProfilePath: C:\Users\ht\AppData\Roaming\Nvu\Profiles\xppo7pam.default [2018-01-12]
FF ProfilePath: C:\Users\ht\AppData\Roaming\Mozilla\SeaMonkey\Profiles\x56l07sf.default [2019-07-22]
FF ProfilePath: C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\pxeovy8c.default [2019-08-01]
FF Extension: (Avira Browserschutz) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\pxeovy8c.default\Extensions\abs@avira.com.xpi [2019-07-25]
FF Extension: (Ghostery – datenschutzorientierter Werbeblocker) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\pxeovy8c.default\Extensions\firefox@ghostery.com.xpi [2019-07-25]
FF Extension: (Dashlane) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\pxeovy8c.default\Extensions\jetpack-extension@dashlane.com.xpi [2019-07-25] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (AdBlock) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\pxeovy8c.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2019-07-25]
FF Extension: (Wappalyzer) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\pxeovy8c.default\Extensions\wappalyzer@crunchlabz.com.xpi [2019-07-25]
FF Extension: (CoinBlock) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\pxeovy8c.default\Extensions\{2a5ad6d9-fec6-4807-ad08-6fc68d7036c9}.xpi [2018-02-04]
FF Extension: (NoScript) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\pxeovy8c.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2019-07-29]
FF Extension: (block-miners) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\pxeovy8c.default\Extensions\{74b0af75-8791-44e2-95a6-7f0ab94143ec}.xpi [2019-07-25]
FF ProfilePath: C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default [2019-07-22]
FF Homepage: Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default -> about:blank
FF NetworkProxy: Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default -> backup.ftp", "127.0.0.1"
FF Extension: (ADB Helper) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\adbhelper@mozilla.org [2017-10-29] [Legacy]
FF Extension: (Best Proxy Switcher) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2017-10-29]
FF Extension: (Valence) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\fxdevtools-adapters@mozilla.org [2017-10-29] [Legacy]
FF Extension: (HTTPS Everywhere) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\https-everywhere@eff.org.xpi [2017-12-14]
FF Extension: (Dashlane) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\jetpack-extension@dashlane.com.xpi [2017-01-05] [Legacy]
FF Extension: (modifyheadervalue) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\jid0-oEwF5ZcskGhjFv4Kk4lYc@jetpack.xpi [2017-10-29]
FF Extension: (Firefox Lightbeam) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2017-10-29]
FF Extension: (DuckDuckGo Plus) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2017-11-05]
FF Extension: (Wappalyzer) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\wappalyzer@crunchlabz.com.xpi [2017-11-15]
FF Extension: (NoScript) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-14] [Legacy]
FF Extension: (User-Agent Switcher) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2017-11-06]
FF Extension: (Live HTTP headers) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2016-11-13] [Legacy]
FF Extension: (Web of Trust) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2017-10-29]
FF Extension: (Cookies Manager+) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2016-11-13] [Legacy]
FF Extension: (Web Developer) - C:\Users\ht\AppData\Roaming\Mozilla\Firefox\Profiles\z3pefkjv.dev-edition-default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2016-09-05] [Legacy]
FF ProfilePath: C:\Users\ht\AppData\Roaming\kompozer.net\KompoZer\Profiles\f51z6hey.default [2018-02-21]
FF ProfilePath: C:\Users\ht\AppData\Roaming\KompoZer\Profiles\nh1rvigp.default [2017-12-14]
FF ProfilePath: C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default [2018-02-18]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-cs@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-de@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (English (US) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Español (España) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Finnish Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-fi@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Français Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-fr@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Galego (España) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-gl@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-he@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-hu@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-it@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Japanese Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-ja@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Korean (KR) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-ko@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-nl@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Polski Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-pl@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Russian (RU) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-ru@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-sl@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (српски (sr) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-sr@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\ht\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h52ruwfi.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2018-02-18] [Legacy] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: Firefox-CA9422711AE1A81C - C:\Program Files\Firefox Developer Edition\firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default [2019-08-04]
CHR Extension: (Präsentationen) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Free Download Manager) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2019-01-14]
CHR Extension: (No-Script Suite Lite) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnanjpbkghcdgmlchbcfoiefnifjeni [2019-07-08]
CHR Extension: (Docs) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Google Drive) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-07]
CHR Extension: (YouTube) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-07]
CHR Extension: (Last Tabs) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdbaonmnanalnmmlkgdnkkcdlppjhhc [2018-02-11]
CHR Extension: (Tabellen) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Avira Browserschutz) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-07-10]
CHR Extension: (Google Docs Offline) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (Click&Clean) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2019-07-23]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-02-26]
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2018-08-17]
CHR Extension: (No Mining - Block coin mining websites | FREE) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoafonbifbfcbhdconhnmcphpnplaekb [2018-04-17]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2019-06-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-11-07]
CHR Extension: (Flashcontrol) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe [2018-03-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (uMatrix) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2019-01-24]
CHR Extension: (Google Mail) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\ht\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-31]
CHR Profile: C:\Users\ht\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-01-30]
CHR Profile: C:\Users\ht\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2074597068-2358739745-2271998537-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [4380176 2018-12-04] (Acronis International GmbH -> Acronis International GmbH)
R2 ARPApplicationService; C:\Program Files (x86)\Acronis\Ransomware Protection\Service\arp-cloudusage.exe [25104 2018-12-14] (Acronis International GmbH -> )
S4 ASDM_Service; C:\Program Files (x86)\AutoShutdownManager\Services\AutoShutdownManager_Service.exe [48640 2016-04-21] (EnviProt - The Power Saving Company) [Datei ist nicht signiert]
S4 ASDM_UpdateService; C:\Program Files (x86)\AutoShutdownManager\Services\ASDM_Helperservice.exe [20992 2016-04-21] (EnviProt - The Power Saving Company) [Datei ist nicht signiert]
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2017-09-04] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost SRL -> CyberGhost S.A.)
R2 CG7Service; C:\Program Files\CyberGhost 7\CyberGhost.Service.exe [93904 2019-06-05] (CYBERGHOST S.A. -> CyberGhost S.A.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-02-16] (Digital Wave Ltd -> Digital Wave Ltd.)
R2 DiskBoss Service; C:\Program Files\DiskBoss\bin\diskbsa.exe [382464 2018-04-30] () [Datei ist nicht signiert]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 Everything; C:\Program Files\Everything\Everything.exe [2197608 2017-06-07] (David Carpenter -> )
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (FUTUREMARK INC -> Futuremark)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [4461520 2019-02-15] (GlassWire -> SecureMix LLC)
S3 HgClientService; C:\WINDOWS\system32\hgclientservice.dll [150528 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
R3 hns; C:\WINDOWS\System32\HostNetSvc.dll [3380224 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
S4 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2012-02-01] (Intel Corporation) [Datei ist nicht signiert]
S4 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R3 ksu; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe [1565008 2018-04-23] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R3 nvagent; C:\WINDOWS\System32\NvAgent.dll [41992 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [8151104 2017-11-03] (O&O Software GmbH -> O&O Software GmbH)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [433288 2017-12-18] (Geek Software GmbH -> Geek Software GmbH)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2018-03-29] (Even Balance, Inc. -> )
R2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [92672 2017-05-09] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1294448 2019-05-14] (Bitdefender SRL -> Bitdefender)
R2 RealtekCU; C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [Datei ist nicht signiert]
R2 RebootBlockerService; C:\Program Files (x86)\RebootBlocker\RebootBlockerService.exe [571616 2017-07-30] (Ulrich Decker -> RebootBlocker)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-09-08] (CyberLink Corp. -> CyberLink)
R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [28768 2017-11-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S4 Selfhost DynDns Updater; C:\Program Files (x86)\selfhost\service.exe [92160 2015-08-25] (Gerald Güttler privat) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5773384 2019-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [692992 2019-05-13] (Oracle Corporation -> Oracle Corporation)
S3 Virtual Router; C:\Program Files\Virtual Router\VirtualRouterService.exe [12288 2015-03-06] (Chris Pietschmann (hxxp://pietschsoft.com)) [Datei ist nicht signiert]
R3 vmcompute; C:\WINDOWS\system32\vmcompute.exe [3488568 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [442472 2017-11-13] (Windscribe Limited -> Windscribe Limited)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-06-13] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2016-12-23] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AxtuDrv; C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [21768 2016-08-02] (ASROCK Incorporation -> RW-Everything)
R3 Ch64USB; C:\WINDOWS\System32\drivers\Ch64USB.sys [150656 2014-10-10] (Microsoft Windows Hardware Compatibility Publisher -> ZF Friedrichshafen AG, Electronic Systems)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-14] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [34240 2019-03-26] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Datei ist nicht signiert]
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [667144 2019-01-17] (Acronis International GmbH -> Acronis International GmbH)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28424 2018-04-21] (Glarysoft LTD -> Glarysoft Ltd)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
R3 hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [36368 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2016-12-21] (Martin Malik - REALiX -> REALiX(tm))
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [29264 2016-06-09] (Intel(R) Extreme Tuning Utility -> Intel Corporation)
S3 l2bridge; C:\WINDOWS\System32\drivers\l2bridge.sys [58384 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-07-23] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-08-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-08-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-08-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-08-03] (Malwarebytes Corporation -> Malwarebytes)
R1 networx; C:\WINDOWS\System32\drivers\networx.sys [98232 2018-01-20] (SOFTPERFECT PTY. LTD. -> Windows (R) Win 7 DDK provider)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2016-03-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_547eeefb57db4499\nvlddmkm.sys [21858904 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R0 oodisr; C:\WINDOWS\System32\DRIVERS\oodisr.sys [116888 2017-11-03] (O&O Software GmbH -> O&O Software GmbH)
R0 oodisrh; C:\WINDOWS\System32\DRIVERS\oodisrh.sys [41112 2017-11-03] (O&O Software GmbH -> O&O Software GmbH)
R0 oodivd; C:\WINDOWS\System32\DRIVERS\oodivd.sys [272376 2017-11-03] (O&O Software GmbH -> O&O Software GmbH)
R0 oodivdh; C:\WINDOWS\System32\DRIVERS\oodivdh.sys [60920 2017-11-03] (O&O Software GmbH -> O&O Software GmbH)
S3 pcip; C:\WINDOWS\System32\drivers\pcip.sys [62264 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [41368 2016-11-17] (Christian Gulden -> )
R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [42392 2016-11-17] (Christian Gulden -> Christian Gulden)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 ramparser; C:\WINDOWS\System32\drivers\ramparser.sys [41784 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [41576 2016-05-10] (iolo technologies, LLC -> EldoS Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1122200 2018-08-30] (Realtek Semiconductor Corp. -> Realtek )
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [287360 2017-11-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [119424 2017-11-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 SLEE_19_DRIVER; C:\WINDOWS\Sleen1964.sys [117848 2014-10-24] (Softwareentwicklung Patric Remus - ArchiCrypt - (Patric W.Remus) -> Softwareentwicklung Remus - ArchiCrypt - )
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [48992 2019-01-23] (Synaptics Incorporated -> Synaptics Incorporated)
R3 Synth3dVsp; C:\WINDOWS\System32\drivers\synth3dvsp.sys [107520 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2017-09-13] (Windscribe Limited -> The OpenVPN Project)
R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo Uninstaller 2017\IFS64.sys [31320 2015-12-07] (Ashampoo GmbH & Co. KG -> )
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [108856 2017-04-11] (Paragon Software GmbH -> Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [44848 2017-04-11] (Paragon Software GmbH -> Paragon Software GmbH)
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-26] (Paragon Software GmbH -> )
R3 USBPcap; C:\WINDOWS\system32\DRIVERS\USBPcap.sys [40376 2017-05-11] (Tomasz Moń -> USBPcap)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [236352 2019-05-13] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [247736 2019-05-13] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [144632 2018-01-15] (Oracle Corporation -> Oracle Corporation)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [631200 2017-11-07] (IDRIX -> IDRIX)
R1 VfpExt; C:\WINDOWS\System32\drivers\vfpext.sys [1409024 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39952 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
R3 VMSNPXYMP; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39952 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
S3 VSScanner; C:\WINDOWS\System32\DRIVERS\vsscanner.sys [29808 2016-08-18] (Microsoft Windows Hardware Compatibility Publisher -> VoodooSoft, LLC)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-07-26] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
NETSVC: nvagent -> C:\Windows\System32\NvAgent.dll (Microsoft Corporation)
NETSVC: HgClientService -> C:\Windows\system32\hgclientservice.dll (Microsoft Corporation)
NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation)
==================== Ein Monat (erstellte) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2019-08-04 18:39 - 2019-08-04 18:41 - 000067643 _____ C:\Users\ht\Desktop\FRST.txt
2019-08-04 18:32 - 2019-08-04 18:32 - 000002747 _____ C:\Users\ht\Desktop\Malwarebytes-Bericht.txt
2019-08-04 14:08 - 2019-08-04 14:08 - 002096640 _____ (Farbar) C:\Users\ht\Desktop\FRST64.exe
2019-08-03 23:28 - 2019-08-04 18:39 - 000000000 ____D C:\FRST
2019-08-03 13:20 - 2019-08-03 13:20 - 000003546 _____ C:\WINDOWS\System32\Tasks\OO DiskImage {8062383b-d2bf-4c93-be73-f27600e1847c}
2019-08-03 12:45 - 2019-08-03 12:45 - 000000000 ___HD C:\OneDriveTemp
2019-08-03 12:44 - 2019-08-03 12:44 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-08-03 12:44 - 2019-08-03 12:44 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-08-03 12:44 - 2019-08-03 12:44 - 000116112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-08-03 12:44 - 2019-08-03 12:44 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-08-02 14:29 - 2019-08-02 14:30 - 000000000 ____D C:\Users\ht\Pavark
2019-08-02 14:28 - 2007-07-24 10:27 - 000744853 _____ C:\Users\ht\Downloads\PAVARK.exe
2019-08-01 19:39 - 2019-08-01 19:39 - 000001331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Microsoft Virtual Machine Converter 3.1.lnk
2019-08-01 19:39 - 2019-08-01 19:39 - 000000000 ____D C:\Program Files\Microsoft Virtual Machine Converter
2019-08-01 15:56 - 2019-08-01 15:56 - 000001470 _____ C:\Users\ht\AppData\Local\RecConfig.xml
2019-07-31 15:39 - 2019-07-31 15:39 - 000013064 _____ C:\Users\ht\Documents\Jedermann Inkasso_4.odt
2019-07-29 22:47 - 2019-07-29 22:47 - 000140056 _____ C:\Users\ht\Documents\WT_Anderson_ArbG_2019_07_29_Vergleichsvorschlag_ENTWURF[4046].pdf
2019-07-28 16:37 - 2019-07-28 16:37 - 000000000 ____D C:\Users\ht\AppData\Roaming\Epson
2019-07-28 15:30 - 2019-07-28 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2019-07-28 13:46 - 2019-07-28 13:46 - 000001153 _____ C:\Users\Public\Desktop\LibreOffice 6.2.lnk
2019-07-28 13:46 - 2019-07-28 13:46 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2
2019-07-28 13:45 - 2019-07-28 13:45 - 000000000 ____D C:\Program Files\LibreOffice
2019-07-26 19:21 - 2019-07-26 19:21 - 000035244 _____ C:\Users\ht\Documents\Noctamid_FI.odt
2019-07-25 14:09 - 2019-07-25 14:09 - 000000000 ____D C:\ProgramData\Mozilla
2019-07-23 16:34 - 2019-07-23 16:34 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-07-23 16:34 - 2019-07-23 16:34 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-23 16:34 - 2019-07-23 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-23 16:34 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-07-23 16:33 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-07-23 16:30 - 2019-07-23 16:30 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-07-23 16:29 - 2019-07-18 21:15 - 001006800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-07-23 16:29 - 2019-07-18 21:15 - 001006800 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-07-23 16:29 - 2019-07-18 21:15 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-07-23 16:29 - 2019-07-18 21:15 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-07-23 16:29 - 2019-07-18 21:15 - 000552144 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-07-23 16:29 - 2019-07-18 21:15 - 000456912 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-07-23 16:29 - 2019-07-18 21:15 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-07-23 16:29 - 2019-07-18 21:15 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-07-23 16:29 - 2019-07-18 21:15 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-07-23 16:29 - 2019-07-18 21:15 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
|
| Themen zu Mehrere Virenfunde mit Malwarebytes / Windows 10 Pro |
| appdata, bedrohungen, build, bösartige, c:\windows, code, defender, desktop, downloads, funde, gestartet, interne, malwarebytes, neue, node.js, quarantäne, services, system, system32, testversion, tool, tools, version, videos, viren, virtualbox, windows, windowsapps |
Baum-Darstellung