| |
| |||||||
Log-Analyse und Auswertung: Windows 10: Infektion mit Wurm Mofksys - System nun sauber?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
11.07.2021, 20:36
| #1 |
 |  Windows 10: Infektion mit Wurm Mofksys - System nun sauber? Hallo Zusammen, ich habe mir durch eigene Blödheit (Android Tablet kaputt -> Möglichkeit zum neu flashen der Firmware -> Vielversprechendes, selbst erstelltes Tool eines Youtubers mit massig How-To-Videos) den Wurm Win32/Mofksys.R!MTB eingefangen. Schritte, die ich bisher unternommen habe: Windows Defender (der arge Probleme beim Bereinigen hatte), Scan mit ESET Online, Scan mit RogueKiller und eine Systemwiederherstellung auf 2 Tage vor der Infektion. Da ich nun im Netz zu diesem Schädling gelesen habe, dass dieser wohl einige Registry-Einträge ändert, eine Aufgabe im Task-Scheduler anlegt und sich wohl selbst äußerst gut verstecken und sogar reproduzieren kann, bin ich mir nun unsicher, ob mein System tatsächlich sauber ist. RogueKiller und Eset finden zumindest keine schädlichen Einträge mehr. Und für die Neugierigen habe ich via Hybrid Analysis die Installationsdatei des verseuchten Tools auswerten lassen: h**ps://www.hybrid-analysis.com/sample/6e8b6fc8823f25560bcd1005ad183c36c9e5836d582bc366967c1aa264e686a6/60e8a5bdfce5914bc55664f3 Vielen lieben Dank euch schon mal  Anbei die Logfiles von FRST: FRST.txt: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-07-2021
durchgeführt von Cybot (Administrator) auf DESKTOP-LUNARIS (ASUSTeK COMPUTER INC. GL502VS) (11-07-2021 21:10:20)
Gestartet von C:\Users\Cybot\OneDrive\Desktop\Analysetools\FRST
Geladene Profile: Cybot
Platform: Windows 10 Home Version 21H1 19043.1083 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\21.119.0613.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21061.10121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\SysWOW64\UMonit64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_e1c005a6713cc50a\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [UMonit] => C:\Windows\SysWOW64\UMonit64.exe [53832 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe [106801552 2021-06-09] (GN AUDIO A/S -> GN Audio A/S)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-1925304147-3306375938-1739808556-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2112888 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1925304147-3306375938-1739808556-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4109032 2021-06-09] (Valve -> Valve Corporation)
HKU\S-1-5-21-1925304147-3306375938-1739808556-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10517160 2021-03-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1925304147-3306375938-1739808556-1001\...\MountPoints2: {8304a6c2-e0e3-11eb-9bc2-704d7b349f1f} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1925304147-3306375938-1739808556-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2112888 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1925304147-3306375938-1739808556-1002\...\Run: [EpicGamesLauncher] => "D:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKLM\...\Windows x64\Print Processors\Canon TS6100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDP.DLL [482816 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS6100 series: C:\Windows\system32\CNMLMDP.DLL [1302016 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-11] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NIHardwareAccessibilityHelper.exe.lnk [2021-07-02]
ShortcutTarget: NIHardwareAccessibilityHelper.exe.lnk -> C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe (Native Instruments GmbH -> Native Instruments GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NTKDaemon.lnk [2021-07-02]
ShortcutTarget: NTKDaemon.lnk -> C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe (Native Instruments GmbH -> Native Instruments GmbH)
Startup: C:\Users\Cybot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2021-06-01]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Cybot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RtkNGUI64.exe - Verknüpfung.lnk [2021-07-02]
ShortcutTarget: RtkNGUI64.exe - Verknüpfung.lnk -> C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {16AEF536-C229-4F70-97CA-719B3FF22A5C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23180168 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E5ED51D-707C-4752-934B-FB390AE20CEF} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {21225F15-6965-4943-B46B-CAF3745A80D4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {21976632-41F4-4EC1-8569-DEE9420AFD4A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {22BE28CB-675F-4753-BD44-D0050931135E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {2F588765-D0AB-4B3D-9A0E-5379E1A62BBF} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B14F34C-3E7A-4999-B289-9E8F18EDE64F} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {50794732-B8DB-44A5-9181-0056F9E4CF04} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50BE518E-81A2-45FA-9077-795E1C532F1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-20] (Google LLC -> Google LLC)
Task: {649C098A-9624-4B81-A5B7-22A936376A13} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7AAA11DA-2FE9-44F6-892E-4C8CBA693E19} - System32\Tasks\CorelUpdateHelperTask-43438B5BEAE9E2596F0A6173C06AA38D => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe
Task: {9D98D68F-BE97-4D21-AA11-33FF4409193B} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {A106B641-8C39-4413-B517-07914927C4D5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A737FE48-2B68-4B22-B72B-209BC8142974} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A9480904-5852-4B2D-94A5-1DB4EE765329} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4535672 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A984C5BE-8A18-405B-89FC-D0E8B97ABADA} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {AEDA07B2-C160-4780-A575-F86ABB4F6ABC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23180168 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9417B8F-8D26-4AE1-90CF-B15BA0ACED41} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-20] (Google LLC -> Google LLC)
Task: {C1839A9F-C826-44BE-A746-4BA7D889E554} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C5B1EB1E-7C58-40BF-B48B-891409CA38D2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D555B319-FB03-4BFD-8B59-EA2360059994} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4D07519-34EB-4DB3-917F-751DDFC1B642} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E6F7F131-1371-4444-BD54-CB5AE5BCA0FA} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [146424 2021-03-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {EA184087-3410-49D6-8A12-2F253C3B088E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F73266F1-33C5-416A-8AE3-47723FC6302B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FEEC9B92-7F33-40AB-B255-1BF3C3A571DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9921c1ee-7923-4199-9112-8c82f4876364}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{b8bb32e6-2824-4a4c-aebe-e46e7c5cc2d2}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Cybot\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-11]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [Datei ist nicht signiert]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Cybot\AppData\Local\Google\Chrome\User Data\Default [2021-07-11]
CHR DownloadDir: C:\Users\Cybot\Downloads
CHR HomePage: Default -> hxxp://youandme.telekom.de/
CHR StartupUrls: Default -> "hxxp://youandme.telekom.de/"
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Google Übersetzer) - C:\Users\Cybot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-05-20]
CHR Extension: (Präsentationen) - C:\Users\Cybot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-20]
CHR Extension: (Docs) - C:\Users\Cybot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-20]
CHR Extension: (Google Drive) - C:\Users\Cybot\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-20]
CHR Extension: (YouTube) - C:\Users\Cybot\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-05-20]
CHR Extension: (uBlock Origin) - C:\Users\Cybot\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-07-09]
CHR Extension: (Tabellen) - C:\Users\Cybot\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-20]
CHR Extension: (Google Docs Offline) - C:\Users\Cybot\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-26]
CHR Extension: (DarkCloud) - C:\Users\Cybot\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjicdmidmifkppilbbcanmnljpffmfmh [2021-05-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Cybot\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-20]
CHR Extension: (Google Mail) - C:\Users\Cybot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-20]
CHR Extension: (Chrome Media Router) - C:\Users\Cybot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-27]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AsHidService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [127864 2017-07-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9056656 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [810928 2021-05-29] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.119.0613.0001\FileSyncHelper.exe [3091832 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
R2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [18849168 2021-06-21] (Native Instruments GmbH -> Native Instruments GmbH)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.119.0613.0001\OneDriveUpdaterService.exe [3695480 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13921616 2021-07-09] (Adlice -> )
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_e1c005a6713cc50a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_e1c005a6713cc50a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [107008 2016-08-31] (ASUSTeK Computer Inc. -> ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 bomebus; C:\Windows\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
S3 bsitf; C:\Windows\system32\DRIVERS\bsitf.sys [37208 2021-06-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [161288 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 GeneStor; C:\Windows\system32\DRIVERS\GeneStor.sys [115704 2015-07-15] (GENESYS LOGIC, INC. -> GenesysLogic)
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 nimc3audio; C:\Windows\System32\Drivers\nimc3audio.sys [374296 2017-08-16] (Native Instruments GmbH -> Native Instruments GmbH)
S3 nimc3usb; C:\Windows\System32\drivers\nimc3usb.sys [91088 2017-08-16] (Native Instruments GmbH -> Native Instruments GmbH)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49560 2021-07-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [425192 2021-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-07-11 20:01 - 2021-07-11 20:01 - 000004122 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{35A16696-CE91-41DD-B6E1-09399B34844E}
2021-07-11 17:10 - 2021-07-11 17:10 - 000011351 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-07-11 16:43 - 2021-07-11 16:43 - 000002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-07-11 15:51 - 2021-07-11 16:01 - 000000000 ____D C:\ProgramData\RogueKiller
2021-07-11 15:51 - 2021-07-11 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-07-11 15:51 - 2021-07-11 15:51 - 000000000 ____D C:\Program Files\RogueKiller
2021-07-10 00:08 - 2021-07-10 00:08 - 000000000 ____D C:\Users\Cybot\AppData\Local\ESET
2021-07-09 22:54 - 2015-07-15 12:54 - 005632512 _____ (Genesys) C:\Windows\system32\GeneIcon.dll
2021-07-09 22:54 - 2015-07-15 12:54 - 000053832 _____ () C:\Windows\SysWOW64\UMonit64.exe
2021-07-09 22:02 - 2021-07-09 23:08 - 000000000 ____D C:\Users\Cybot\OneDrive\Dokumente\SigmaKey
2021-07-09 20:09 - 2021-07-11 21:03 - 150732800 _____ C:\Windows\system32\config\SOFTWARE
2021-07-09 20:05 - 2021-07-09 20:09 - 000000000 ____D C:\Windows\Microsoft Antimalware
2021-07-09 18:16 - 2021-07-09 18:16 - 000000000 ____D C:\Users\Cybot\OneDrive\Dokumente\HiSuite
2021-07-09 07:32 - 2021-07-09 07:34 - 4200647964 _____ C:\Users\Cybot\Downloads\Huawei MediaPad M5 SHT-AL09 hw ru Schubert-AL09A 9.1.0.325(C10E5R1P5T8) Firmware 9.0.0 r3 EMUI9.0.0 05014YQA.zip
2021-07-09 07:00 - 2021-07-09 07:00 - 000000000 ____D C:\Users\Cybot\.gradle
2021-07-09 06:54 - 2021-07-09 06:54 - 000000000 ____D C:\Users\Cybot\AppData\Local\Android
2021-07-09 06:32 - 2021-07-09 06:34 - 000000000 ____D C:\Users\Cybot\AppData\Roaming\Code
2021-07-09 06:32 - 2021-07-09 06:32 - 000000000 ____D C:\Users\Cybot\.vscode
2021-07-09 05:51 - 2021-07-09 05:51 - 438245444 _____ C:\Users\Cybot\Downloads\OS_Acer_AV051.B1-710.1.098.00.WW.GEN1_A41J_A.zip
2021-07-08 21:54 - 2021-07-08 21:55 - 3383171552 _____ C:\Users\Cybot\Downloads\CMR-AL19 8.0.0.151(C432)_ministryofsolutions.com.zip
2021-07-08 21:21 - 2021-07-08 21:21 - 000000000 ____D C:\Windows\SysWOW64\sda
2021-07-08 20:34 - 2021-07-08 20:34 - 000013183 _____ C:\Users\nikew\Downloads\NicoHolz_elster_08.07.2021_20.33.pfx
2021-07-08 20:23 - 2021-07-09 19:34 - 000000000 ____D C:\Users\nikew\AppData\Roaming\vlc
2021-07-08 20:22 - 2021-07-08 20:22 - 000000000 ____D C:\Users\nikew\AppData\Roaming\Intel
2021-07-07 22:54 - 2021-07-07 22:54 - 000000000 ____D C:\Users\Cybot\OneDrive\Dokumente\Elder Scrolls Online
2021-07-07 22:54 - 2021-07-07 22:54 - 000000000 ____D C:\ProgramData\Elder Scrolls Online
2021-07-07 22:35 - 2021-07-07 22:36 - 000000000 ___HD C:\Program Files (x86)\Zero G Registry
2021-07-07 22:34 - 2021-07-07 22:34 - 000000000 ____D C:\Users\Cybot\.InstallAnywhere
2021-07-07 22:34 - 2021-07-07 22:34 - 000000000 ____D C:\ProgramData\Oracle
2021-07-05 16:54 - 2021-07-05 16:54 - 000782959 _____ C:\Users\Cybot\Downloads\selftix.pdf
2021-07-02 20:16 - 2021-07-02 20:16 - 000000000 ____D C:\Users\Cybot\AppData\Local\WhyNotWin11
2021-07-02 17:49 - 2021-07-02 17:49 - 000000000 __HDC C:\ProgramData\{DFA03E80-206A-47CA-85A8-C8A8AA63A778}
2021-07-02 17:48 - 2021-07-02 17:48 - 000000000 __HDC C:\ProgramData\{E07620DE-8970-4567-9242-0C4C6ADE146F}
2021-07-02 17:48 - 2021-07-02 17:48 - 000000000 __HDC C:\ProgramData\{6945C421-BC7D-4621-AED5-084E11AE3726}
2021-07-02 17:48 - 2021-07-02 17:48 - 000000000 ____D C:\Program Files\Common Files\Steinberg
2021-07-02 17:47 - 2021-07-02 17:47 - 000000000 __HDC C:\ProgramData\{4938857D-54DB-4BDA-8E99-5E6238E20FC7}
2021-07-02 17:46 - 2021-07-02 17:46 - 000000000 __HDC C:\ProgramData\{1A8DFBC8-5979-44D5-AA1E-3C9289A90407}
2021-07-01 21:16 - 2021-07-11 17:18 - 000001575 _____ C:\Windows\system32\config\VSMIDK
2021-07-01 20:23 - 2021-07-01 20:23 - 000003656 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-07-01 20:22 - 2021-07-01 20:22 - 000000189 _____ C:\Users\Cybot\iconcache.bat
2021-07-01 19:22 - 2021-07-01 19:22 - 000000000 ____D C:\Users\Cybot\OneDrive\Dokumente\SideSync
2021-07-01 19:22 - 2021-07-01 19:22 - 000000000 ____D C:\Users\Cybot\AppData\Roaming\Samsung
2021-07-01 19:20 - 2021-07-01 19:20 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk
2021-07-01 19:20 - 2021-07-01 19:20 - 000001163 _____ C:\Users\Public\Desktop\Samsung DeX.lnk
2021-07-01 19:20 - 2021-07-01 19:20 - 000000000 ____D C:\Program Files\Samsung
2021-07-01 19:20 - 2021-07-01 19:20 - 000000000 ____D C:\Program Files (x86)\Samsung
2021-07-01 19:20 - 2020-12-09 10:06 - 000168968 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2021-07-01 19:20 - 2020-12-09 10:06 - 000161288 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2021-07-01 19:20 - 2020-12-09 10:06 - 000045064 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ss_conn_usb_driver2.sys
2021-07-01 19:05 - 2021-07-01 19:20 - 000000000 ____D C:\ProgramData\Samsung
2021-07-01 19:05 - 2021-07-01 19:05 - 000000000 ____D C:\Windows\system32\Samsung
2021-07-01 18:36 - 2021-07-01 18:36 - 000000000 __HDC C:\ProgramData\{EAD96DF2-4553-4D47-A0E7-87DC4641E5C8}
2021-07-01 18:36 - 2021-07-01 18:36 - 000000000 __HDC C:\ProgramData\{D55C37DA-371C-462E-A490-FC7B49AD6DCD}
2021-07-01 18:35 - 2021-07-01 18:35 - 000000000 __HDC C:\ProgramData\{9AC37FA8-2DC7-42DA-BC53-92E47D40C9E4}
2021-07-01 18:33 - 2021-07-01 18:33 - 000000000 __HDC C:\ProgramData\{515580D0-E05A-4796-B6FE-8EC092FD8630}
2021-07-01 18:31 - 2021-07-01 18:31 - 000000000 __HDC C:\ProgramData\{270C8424-1755-40B9-B7B4-E3E9E48C33D1}
2021-07-01 18:21 - 2021-07-01 18:21 - 000000000 __HDC C:\ProgramData\{BF222329-BBFD-430B-9402-6FC51D7DC5DD}
2021-07-01 18:20 - 2021-07-01 18:20 - 000000000 __HDC C:\ProgramData\{24A58BFA-EF91-4F9C-8251-FDF65479CEDF}
2021-07-01 18:19 - 2021-07-01 18:19 - 000000000 __HDC C:\ProgramData\{962E5B55-7B86-4D4C-9DD6-EE05AF99C815}
2021-06-29 11:52 - 2021-06-29 11:52 - 000617011 _____ C:\Users\Cybot\Downloads\RWE_IUB_Ballerine.pdf
2021-06-28 22:57 - 2021-06-28 22:57 - 000037208 _____ (ASUSTek Computer Inc.) C:\Windows\system32\Drivers\bsitf.sys
2021-06-28 22:51 - 2021-07-02 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-06-28 22:48 - 2021-07-09 19:34 - 000000000 ___HD C:\Windows\system32\WLANProfiles
2021-06-28 22:48 - 2021-06-28 22:48 - 000000000 ____D C:\Users\Cybot\AppData\Roaming\Intel
2021-06-28 22:48 - 2021-06-28 22:48 - 000000000 ____D C:\Program Files\Common Files\Intel
2021-06-28 22:48 - 2021-06-28 22:48 - 000000000 ____D C:\Program Files (x86)\Cisco
2021-06-28 22:45 - 2021-06-28 22:45 - 000000000 ____D C:\Program Files (x86)\Genesyslogic
2021-06-28 22:45 - 2015-07-16 09:49 - 000000771 _____ C:\Windows\SysWOW64\ProductName.ini
2021-06-28 22:45 - 2015-07-15 12:54 - 000128016 _____ (Genesys Logic) C:\Windows\system32\GSCoinst.dll
2021-06-28 22:45 - 2015-07-15 12:54 - 000115704 _____ (GenesysLogic) C:\Windows\system32\Drivers\GeneStor.sys
2021-06-28 22:45 - 2014-04-14 13:43 - 000172097 _____ C:\Windows\SysWOW64\NoMSGuninstall.exe
2021-06-28 22:44 - 2021-06-28 22:44 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-06-28 22:40 - 2021-06-28 22:40 - 000000000 ____D C:\Windows\Log
2021-06-28 22:31 - 2021-06-28 22:31 - 000000451 _____ C:\Users\Cybot\Downloads\processor_performance_boost_mode.zip
2021-06-28 22:24 - 2021-06-28 22:26 - 4200321057 _____ C:\Users\Cybot\Downloads\GL502VS_WIN10_64_V2.00.zip
2021-06-28 22:20 - 2021-06-28 22:34 - 000000000 ____D C:\eSupport
2021-06-28 21:03 - 2021-06-28 21:37 - 000001349 _____ C:\Users\Cybot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-06-28 21:03 - 2021-06-28 21:37 - 000000000 ____D C:\Users\Cybot\AppData\Local\PCHealthCheck
2021-06-26 21:13 - 2021-06-26 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-06-26 21:13 - 2021-06-26 21:13 - 000000000 ____D C:\Program Files\CPUID
2021-06-26 00:15 - 2015-11-09 16:10 - 001392792 _____ (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
2021-06-25 23:37 - 2021-06-25 23:37 - 002371072 _____ C:\Windows\system32\rdpnano.dll
2021-06-25 23:37 - 2021-06-25 23:37 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-06-25 23:37 - 2021-06-25 23:37 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-06-25 23:37 - 2021-06-25 23:37 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-06-25 23:37 - 2021-06-25 23:37 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-06-25 23:37 - 2021-06-25 23:37 - 000570880 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-06-25 23:37 - 2021-06-25 23:37 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-06-25 23:37 - 2021-06-25 23:37 - 000097792 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-06-25 23:37 - 2021-06-25 23:37 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-06-25 23:37 - 2021-06-25 23:37 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-06-25 23:37 - 2021-06-25 23:37 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-06-25 20:53 - 2021-06-25 20:53 - 000922031 _____ C:\Users\Cybot\Downloads\MAG321CURV_322CQRVv1.0_German.pdf
2021-06-25 19:16 - 2021-06-25 19:16 - 000000039 _____ C:\Users\Cybot\AppData\Local\kritadisplayrc
2021-06-25 19:14 - 2021-06-25 19:09 - 000848270 _____ C:\Users\Cybot\OneDrive\Dokumente\gutschein.jpg~
2021-06-25 18:52 - 2021-06-25 18:52 - 000000353 _____ C:\Users\Cybot\AppData\Local\karboncalligraphyrc
2021-06-25 18:37 - 2021-06-25 19:16 - 000000000 ____D C:\Users\Cybot\AppData\Roaming\easy_photoprint_editor
2021-06-25 18:27 - 2021-06-25 18:33 - 000000000 ___HD C:\ProgramData\CanonIJMIG
2021-06-25 18:25 - 2021-06-25 18:25 - 000000000 ___HD C:\ProgramData\CanonIJQuickMenu
2021-06-25 18:19 - 2021-06-25 18:19 - 000000000 ____D C:\Users\Cybot\AppData\LocalLow\Canon Easy-WebPrint EX2
2021-06-25 18:19 - 2021-06-25 18:19 - 000000000 ____D C:\Users\Cybot\AppData\LocalLow\Canon Easy-WebPrint EX
2021-06-25 18:19 - 2021-06-25 18:19 - 000000000 ____D C:\ProgramData\CanonIJWSpt
2021-06-25 18:18 - 2021-06-25 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon TS6100 series On-Screen-Handbuch
2021-06-25 18:13 - 2021-06-25 18:37 - 000000000 ____D C:\Users\Cybot\AppData\Roaming\Canon
2021-06-25 18:13 - 2021-06-25 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2021-06-25 18:13 - 2021-06-25 18:19 - 000000000 ____D C:\Program Files\Canon
2021-06-25 18:13 - 2017-02-27 09:14 - 000347136 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_DPL.dll
2021-06-25 18:13 - 2016-11-17 16:55 - 000097280 _____ C:\Windows\SysWOW64\CNC1822D.TBL
2021-06-25 18:13 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2021-06-25 18:12 - 2021-06-25 18:12 - 000000000 ___HD C:\ProgramData\CanonBJ
2021-06-25 18:12 - 2017-12-18 05:00 - 001302016 _____ (CANON INC.) C:\Windows\system32\CNMLMDP.DLL
2021-06-25 18:11 - 2021-06-25 18:12 - 000000000 ___HD C:\Program Files\CanonBJ
2021-06-25 18:10 - 2021-07-05 16:56 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-06-25 18:10 - 2021-06-25 18:34 - 000000000 ____D C:\Program Files (x86)\Canon
2021-06-25 18:10 - 2021-06-25 18:10 - 000000000 ____D C:\ProgramData\Canon
2021-06-24 07:45 - 2021-06-22 03:25 - 001858680 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-24 07:45 - 2021-06-22 03:25 - 001858680 _____ C:\Windows\system32\vulkaninfo.exe
2021-06-24 07:45 - 2021-06-22 03:25 - 001474336 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-06-24 07:45 - 2021-06-22 03:25 - 001438824 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-24 07:45 - 2021-06-22 03:25 - 001438824 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-06-24 07:45 - 2021-06-22 03:25 - 001212192 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-06-24 07:45 - 2021-06-22 03:25 - 001097832 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-06-24 07:45 - 2021-06-22 03:25 - 001097832 _____ C:\Windows\system32\vulkan-1.dll
2021-06-24 07:45 - 2021-06-22 03:25 - 000951912 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-24 07:45 - 2021-06-22 03:25 - 000951912 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-06-24 07:45 - 2021-06-22 03:21 - 001519384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-06-24 07:45 - 2021-06-22 03:21 - 001170224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-06-24 07:45 - 2021-06-22 03:21 - 000715568 _____ C:\Windows\system32\nvofapi64.dll
2021-06-24 07:45 - 2021-06-22 03:21 - 000675088 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-06-24 07:45 - 2021-06-22 03:21 - 000641328 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2021-06-24 07:45 - 2021-06-22 03:21 - 000575792 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-06-24 07:45 - 2021-06-22 03:21 - 000563992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-06-24 07:45 - 2021-06-22 03:20 - 002111264 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-06-24 07:45 - 2021-06-22 03:20 - 001594656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-06-24 07:45 - 2021-06-22 03:20 - 000917280 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-06-24 07:45 - 2021-06-22 03:20 - 000748832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-06-24 07:45 - 2021-06-22 03:20 - 000704792 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2021-06-24 07:45 - 2021-06-22 03:19 - 008852760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-06-24 07:45 - 2021-06-22 03:19 - 007918872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-06-24 07:45 - 2021-06-22 03:19 - 004986648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-06-24 07:45 - 2021-06-22 03:19 - 002924304 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-06-24 07:45 - 2021-06-22 03:19 - 000446744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2021-06-24 07:45 - 2021-06-22 03:18 - 000848672 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2021-06-24 07:45 - 2021-06-22 03:17 - 006215312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-06-24 07:45 - 2021-06-21 10:43 - 000082968 _____ C:\Windows\system32\nvinfo.pb
2021-06-23 20:13 - 2021-06-23 20:13 - 000000000 ____D C:\Program Files (x86)\FFmpeg for Audacity
2021-06-21 14:07 - 2021-06-21 14:07 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-06-18 22:56 - 2021-06-18 22:56 - 000000000 ____D C:\Users\Cybot\AppData\Local\DBG
2021-06-18 22:56 - 2021-06-18 22:56 - 000000000 ____D C:\Users\Cybot\AppData\Local\CrashReportClient
2021-06-18 17:20 - 2021-07-01 21:53 - 000000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2021-06-18 17:20 - 2021-07-01 21:53 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2021-06-18 17:20 - 2021-06-18 17:20 - 000000000 ____D C:\Users\Cybot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2021-06-18 07:34 - 2021-06-18 07:34 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime
2021-06-18 07:34 - 2021-06-18 07:34 - 000000000 ____D C:\Users\Cybot\AppData\Local\AAR
2021-06-18 05:48 - 2021-07-10 00:20 - 000007664 _____ C:\Users\Cybot\AppData\Local\resmon.resmoncfg
2021-06-18 05:21 - 2021-06-23 20:14 - 000000000 ____D C:\Users\Cybot\AppData\Roaming\audacity
2021-06-18 05:21 - 2021-06-18 05:21 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-06-18 05:21 - 2021-06-18 05:21 - 000001080 _____ C:\Users\Public\Desktop\Audacity.lnk
2021-06-18 05:21 - 2021-06-18 05:21 - 000000000 ____D C:\Users\Cybot\AppData\Local\Audacity
2021-06-18 05:21 - 2021-06-18 05:21 - 000000000 ____D C:\Program Files (x86)\Audacity
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\VC 76
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\VC 2A
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\VC 160
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\Vari Comp
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\Transient Master
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\Supercharger GT
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\Supercharger
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\Solid EQ
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\Solid Dynamics
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\Solid Bus Comp
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\RC 48
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\RC 24
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\Passive EQ
2021-06-18 04:50 - 2021-06-18 04:50 - 000000000 ____D C:\Users\Cybot\AppData\Local\Enhanced EQ
2021-06-18 04:49 - 2021-06-18 04:49 - 000000000 ____D C:\Users\Cybot\AppData\Local\Driver
2021-06-18 04:46 - 2021-06-18 04:46 - 000000000 __HDC C:\ProgramData\{1214B4CE-8C85-4681-AE47-ED00025B8101}
2021-06-18 04:45 - 2021-06-18 04:45 - 000000000 __HDC C:\ProgramData\{EC728313-79BE-49FA-A207-1F4A9F6EEA35}
2021-06-18 04:45 - 2021-06-18 04:45 - 000000000 __HDC C:\ProgramData\{25C0288B-72FD-4676-BA88-E536580BA182}
2021-06-18 04:45 - 2021-06-18 04:45 - 000000000 __HDC C:\ProgramData\{171A9DCD-B60F-41FE-B062-B9A0CB7A294E}
2021-06-18 04:44 - 2021-06-18 04:44 - 000000000 __HDC C:\ProgramData\{E2A6D848-909C-4699-9060-DB387A1A1C8E}
2021-06-18 04:44 - 2021-06-18 04:44 - 000000000 __HDC C:\ProgramData\{5984682A-6801-493C-AE8E-BA179880D6C4}
2021-06-18 04:44 - 2021-06-18 04:44 - 000000000 __HDC C:\ProgramData\{529CCDB2-B7A5-45FD-8225-FD139995DB68}
2021-06-18 04:43 - 2021-06-18 04:43 - 000000000 __HDC C:\ProgramData\{F6163904-56FE-4C32-883E-511A630BB208}
2021-06-18 04:43 - 2021-06-18 04:43 - 000000000 __HDC C:\ProgramData\{E9325788-FB8D-4922-9021-1D3AB002E203}
2021-06-18 04:43 - 2021-06-18 04:43 - 000000000 __HDC C:\ProgramData\{A5D15E37-A244-4BED-9E32-7E918C60A4FE}
2021-06-18 04:43 - 2021-06-18 04:43 - 000000000 __HDC C:\ProgramData\{4F5A8AF7-548F-455D-8324-4BF6E080EFE3}
2021-06-18 04:42 - 2021-06-18 04:42 - 000000000 __HDC C:\ProgramData\{C6F564B8-5993-42AE-A667-9768D54DB90C}
2021-06-18 04:42 - 2021-06-18 04:42 - 000000000 __HDC C:\ProgramData\{735EE903-03A1-451A-8FFF-9A380D359262}
2021-06-18 04:42 - 2021-06-18 04:42 - 000000000 __HDC C:\ProgramData\{5F02322B-7C5D-42DD-ADA4-6714023586FD}
2021-06-18 04:41 - 2021-06-18 04:41 - 000000000 __HDC C:\ProgramData\{415AFD15-76E3-4CE7-A07C-FBD191A08472}
2021-06-18 03:42 - 2021-06-18 03:42 - 000000000 ____D C:\Users\Cybot\OneDrive\Dokumente\Benutzerdefinierte Office-Vorlagen
2021-06-18 00:57 - 2021-06-18 00:57 - 000000000 ____D C:\Users\Cybot\OneDrive\Dokumente\Scans
2021-06-18 00:57 - 2021-04-22 11:29 - 003549478 _____ C:\Users\Cybot\OneDrive\Dokumente\Frauenarzt Dokumente.pdf
2021-06-18 00:57 - 2021-04-22 11:25 - 000695905 _____ C:\Users\Cybot\OneDrive\Dokumente\Frauenärztin Dokumente.pdf
2021-06-17 17:28 - 2021-06-28 21:07 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-06-15 10:48 - 2021-06-15 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jabra
2021-06-11 16:22 - 2021-06-09 05:58 - 000136472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2021-06-11 16:22 - 2021-06-09 05:58 - 000037664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2021-06-11 07:55 - 2021-06-11 07:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-07-11 21:11 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-07-11 21:10 - 2021-06-10 21:17 - 000000000 ____D C:\FRST
2021-07-11 21:04 - 2021-06-04 21:06 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-11 21:04 - 2021-05-20 18:56 - 000000000 ____D C:\Program Files (x86)\Steam
2021-07-11 21:04 - 2021-05-20 17:39 - 000000000 ___RD C:\Users\Cybot\OneDrive
2021-07-11 21:03 - 2021-06-02 16:36 - 000000000 ____D C:\Users\Cybot\AppData\Roaming\WTablet
2021-07-11 21:03 - 2021-05-20 17:28 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-11 21:03 - 2021-05-20 17:28 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-07-11 21:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2021-07-11 21:03 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-11 21:03 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI
2021-07-11 20:13 - 2021-05-20 17:35 - 001632020 _____ C:\Windows\system32\PerfStringBackup.INI
2021-07-11 20:13 - 2019-12-07 16:50 - 000708572 _____ C:\Windows\system32\perfh007.dat
2021-07-11 20:13 - 2019-12-07 16:50 - 000142814 _____ C:\Windows\system32\perfc007.dat
2021-07-11 20:12 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-07-11 20:02 - 2021-05-20 17:38 - 000000000 ____D C:\Users\Cybot\AppData\Local\D3DSCache
2021-07-11 20:01 - 2021-06-02 16:55 - 000000000 ____D C:\ProgramData\Corel
2021-07-11 19:46 - 2021-05-30 09:27 - 000000000 ____D C:\Users\Cybot\AppData\Local\CrashDumps
2021-07-11 19:45 - 2021-05-20 17:28 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-07-11 18:10 - 2021-06-02 18:48 - 000003336 _____ C:\Windows\system32\Tasks\CorelUpdateHelperTask-43438B5BEAE9E2596F0A6173C06AA38D
2021-07-11 17:17 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-07-11 16:48 - 2021-05-22 11:13 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-07-11 16:48 - 2021-05-22 11:13 - 000000865 _____ C:\Users\Public\Desktop\Notepad++.lnk
2021-07-11 16:48 - 2021-05-22 11:13 - 000000000 ____D C:\Users\Cybot\AppData\Roaming\Notepad++
2021-07-11 16:48 - 2021-05-22 11:13 - 000000000 ____D C:\Program Files\Notepad++
2021-07-11 16:43 - 2021-05-20 18:13 - 000002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-11 15:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-07-09 23:35 - 2021-05-20 17:28 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-07-09 23:25 - 2021-05-20 17:40 - 000000000 ____D C:\Users\Cybot\AppData\Local\PlaceholderTileLogoFolder
2021-07-09 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2021-07-09 19:47 - 2021-06-01 19:09 - 000000000 ____D C:\Users\Cybot\OneDrive\Dokumente\Outlook-Dateien
2021-07-09 19:41 - 2021-05-20 17:28 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-09 19:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-09 19:36 - 2021-05-20 17:36 - 000000000 ____D C:\Users\Cybot
2021-07-09 19:35 - 2021-05-23 12:59 - 000000000 ____D C:\Users\nikew
2021-07-09 19:35 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Portable Devices
2021-07-09 19:35 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-07-09 19:35 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2021-07-09 19:35 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2021-07-09 19:35 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-07-09 19:35 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2021-07-09 19:35 - 2019-12-07 16:51 - 000000000 ____D C:\Windows\system32\OpenSSH
2021-07-09 19:35 - 2019-12-07 16:50 - 000000000 ____D C:\Windows\SysWOW64\de
2021-07-09 19:35 - 2019-12-07 16:50 - 000000000 ____D C:\Windows\system32\de
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\F12
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\dsc
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\downlevel
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Sysprep
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Keywords
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\downlevel
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Com
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\IME
2021-07-09 19:35 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-09 19:35 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-07-09 19:34 - 2021-06-02 16:56 - 000000000 ____D C:\ProgramData\Protexis64
2021-07-09 19:34 - 2021-05-20 18:19 - 000000000 ____D C:\Users\Cybot\AppData\Roaming\vlc
2021-07-09 19:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Containers
2021-07-09 19:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\registration
2021-07-09 19:23 - 2021-06-07 04:17 - 000000000 ____D C:\Users\nikew\AppData\Local\NVIDIA
2021-07-09 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Resources
2021-07-09 19:18 - 2021-05-21 13:52 - 000000000 ____D C:\Users\Cybot\AppData\LocalLow\Mozilla
2021-07-09 18:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-07-09 06:59 - 2021-06-03 22:14 - 000000000 ____D C:\Users\Cybot\IdeaProjects
2021-07-08 21:14 - 2021-05-23 13:00 - 000000000 ____D C:\Users\nikew\AppData\Local\D3DSCache
2021-07-08 21:13 - 2021-06-07 04:17 - 000000000 ____D C:\Users\nikew\AppData\Roaming\WTablet
2021-07-08 20:41 - 2021-05-23 15:00 - 000000000 ____D C:\Users\nikew\AppData\Local\PlaceholderTileLogoFolder
2021-07-08 20:41 - 2021-05-23 13:00 - 000000000 ____D C:\Users\nikew\AppData\Local\Packages
2021-07-08 20:39 - 2021-05-23 13:17 - 000000000 ____D C:\Users\nikew\AppData\Local\Comms
2021-07-08 20:23 - 2021-05-23 13:02 - 000000000 ___RD C:\Users\nikew\OneDrive
2021-07-08 20:23 - 2021-05-23 13:02 - 000000000 ____D C:\Users\nikew\AppData\Local\CrashDumps
2021-07-07 10:58 - 2021-06-01 09:05 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-02 17:49 - 2021-05-21 15:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2021-07-02 17:49 - 2021-05-21 15:42 - 000000000 ____D C:\Program Files\Native Instruments
2021-07-02 17:49 - 2021-05-20 20:13 - 000000000 ____D C:\Program Files\Common Files\Native Instruments
2021-07-02 00:04 - 2021-06-04 21:20 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-07-01 22:40 - 2021-05-20 17:28 - 000003700 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-01 22:40 - 2021-05-20 17:28 - 000003576 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-01 22:14 - 2021-05-20 17:38 - 000000000 ____D C:\Users\Cybot\AppData\Local\Packages
2021-07-01 19:22 - 2021-05-20 17:38 - 000000000 ____D C:\Users\Cybot\AppData\Local\Publishers
2021-07-01 19:19 - 2021-05-20 20:13 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-28 22:48 - 2021-06-04 21:29 - 000000000 ____D C:\Program Files\Intel
2021-06-28 22:48 - 2021-06-04 21:27 - 000000000 ____D C:\ProgramData\Intel
2021-06-28 22:48 - 2021-05-20 17:59 - 000000000 ____D C:\Program Files (x86)\Intel
2021-06-28 22:45 - 2021-05-21 15:34 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-06-28 21:01 - 2021-06-01 09:08 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-06-28 21:01 - 2021-06-01 09:08 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-25 23:41 - 2021-05-20 17:28 - 000439216 _____ C:\Windows\system32\FNTCACHE.DAT
2021-06-25 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-06-25 22:51 - 2021-05-22 12:01 - 000000000 ____D C:\Users\Cybot\AppData\Roaming\Jabra Direct
2021-06-25 19:40 - 2021-05-20 18:18 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-06-25 19:16 - 2021-05-29 12:55 - 000023339 _____ C:\Users\Cybot\AppData\Local\kritarc
2021-06-25 19:04 - 2021-05-29 12:55 - 000000000 ____D C:\Users\Cybot\AppData\Roaming\krita
2021-06-25 18:13 - 2019-12-07 11:14 - 000000000 __RSD C:\Windows\Media
2021-06-25 17:46 - 2021-06-04 21:09 - 000000000 ____D C:\Users\Cybot\AppData\Local\NVIDIA
2021-06-24 07:46 - 2021-06-04 21:09 - 000000000 ____D C:\Users\Cybot\AppData\Local\NVIDIA Corporation
2021-06-24 07:44 - 2021-06-04 21:06 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-06-24 07:44 - 2021-05-21 08:40 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-24 07:44 - 2021-05-21 08:40 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-24 07:44 - 2021-05-21 08:40 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-24 07:44 - 2021-05-21 08:40 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-24 07:44 - 2021-05-21 08:40 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-24 07:44 - 2021-05-21 08:40 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-24 07:44 - 2021-05-21 08:40 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-24 07:44 - 2021-05-21 08:40 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-24 07:44 - 2021-05-21 08:40 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-24 07:44 - 2021-05-21 08:40 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-24 07:44 - 2021-05-20 17:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-06-24 07:44 - 2021-05-20 17:34 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-06-23 17:32 - 2021-05-22 11:07 - 000000000 ____D C:\Users\Cybot\AppData\Local\ElevatedDiagnostics
2021-06-22 03:17 - 2021-06-04 21:04 - 007279232 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-06-18 06:33 - 2021-05-22 15:21 - 000000000 ____D C:\Users\Cybot\AppData\Local\REDEngine
2021-06-18 05:15 - 2021-05-21 16:09 - 000000000 __HDC C:\ProgramData\{76B82259-F6E4-4B8E-A06B-9D5D5FEA4FE8}
2021-06-18 04:49 - 2021-05-22 10:54 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-06-18 04:46 - 2021-05-20 20:13 - 000000000 ____D C:\Program Files\Common Files\VST3
2021-06-15 10:48 - 2021-05-22 11:59 - 000000000 ____D C:\Program Files (x86)\Jabra
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-07-01 20:22 - 2021-07-01 20:22 - 000000189 _____ () C:\Users\Cybot\iconcache.bat
2021-06-25 18:52 - 2021-06-25 18:52 - 000000353 _____ () C:\Users\Cybot\AppData\Local\karboncalligraphyrc
2021-05-29 12:55 - 2021-06-25 18:42 - 000002696 _____ () C:\Users\Cybot\AppData\Local\krita-sysinfo.log
2021-05-29 12:55 - 2021-06-25 19:16 - 000007764 _____ () C:\Users\Cybot\AppData\Local\krita.log
2021-06-25 19:16 - 2021-06-25 19:16 - 000000039 _____ () C:\Users\Cybot\AppData\Local\kritadisplayrc
2021-05-29 12:55 - 2021-06-25 19:16 - 000023339 _____ () C:\Users\Cybot\AppData\Local\kritarc
2021-05-22 11:34 - 2021-05-22 11:34 - 000000818 _____ () C:\Users\Cybot\AppData\Local\recently-used.xbel
2021-06-18 05:48 - 2021-07-10 00:20 - 000007664 _____ () C:\Users\Cybot\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Geändert von Silverdragon_w (11.07.2021 um 21:06 Uhr) |
| Themen zu Windows 10: Infektion mit Wurm Mofksys - System nun sauber? |
| administrator, asus, auswerten, canon, computer, defender, geforce, google, home, homepage, internet, kaputt, nvcontainer, nvcontainer.exe, nvidia, performance, prozesse, realtek, rundll, scan, schädling, software, system, temp, updates, usb, windows, wurm |
Baum-Darstellung