| |
| |||||||
Mülltonne: Windows 10: bei allen Webseiten wird unbekannter Javascript ausgeführt.Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
26.06.2022, 21:15
| #1 |
 |  Windows 10: bei allen Webseiten wird unbekannter Javascript ausgeführt. Hallo, Bei mir in Firefox und EDGE(ganz selten benutzt) wird auf allen Seiten ein seltsamer Javascript ausgeführt. Ich habe schon Avast durchlafen lassen CCleaner und Malwarebytes. Es wurde zwar was gefunden (Bericht anbei) und einiges wurde gelöscht aber das Script wird immernoch ausführt. Hier des Javascript: Code:
ATTFilter <script type='text/javascript'>(function() {
'use strict';
function shuffle(arr) {
var ci = arr.length,tv,ri;
while (0 !== ci) {
ri = Math.floor(Math.random() * ci);
ci -= 1;
tv = arr[ci];
arr[ci]=arr[ri];
arr[ri]=tv;
}
return arr;
}
var oUA = window.navigator.userAgent;
Object.defineProperty(window.navigator, 'userAgent', {
get: function() {
return oUA + ' GLS/90.10.8929.30';
}
, configurable: true
}
);
var tPg = [];
if(window.navigator.plugins) {
if(window.navigator.plugins.length) {
var opgLength = window.navigator.plugins.length, nvPg = window.navigator.plugins;
Object.setPrototypeOf(nvPg, Array.prototype);
nvPg.length = opgLength;
nvPg.forEach(function(k,v) {
var plg = {
name: k.name, description: k.description, filename: k.filename, version: k.version, length: k.length,item: function(index) {
return this[index] ?? null;
}
, namedItem: function(name) {
return this[name] ?? null;
}
}
;
var tPgLength = k.length;
Object.setPrototypeOf(k, Array.prototype);
k.length = tPgLength;
k.forEach(function(a, b) {
plg[b] = plg[a.type] = a;
}
);
Object.setPrototypeOf (plg, Plugin.prototype);
tPg.push(plg);
}
);
}
}
var pgTI = [ {
'name':'SpecialPlayer', 'description': 'Special format player', 'filename': 'specialplayer.dll','0': {
'type': 'application/special', 'suffixes': 'special', 'description': 'Special format player'
}
}
, {
'name':'SpecialPlayer', 'description': 'Special format player', 'filename': 'specialplayer.dll','0': {
'type': 'application/special', 'suffixes': 'special', 'description': 'Special format player'
}
}
, {
'name':'RemoteTester', 'description': 'Remote access testing plugin', 'filename': 'remotetester.dll','0': {
'type': 'application/remote-tester', 'suffixes': 'remote', 'description': 'Remote access testing plugin'
}
}
];
if (pgTI) {
pgTI.forEach(function(k, v) {
var plg = {
name: k.name, description: k.description, filename: k.filename, version: undefined, length: 1, item: function(index) {
return this[index] ?? null;
}
,namedItem: function(name) {
return this[name] ?? null;
}
}
;
var plgMt = {
description: k[0].description, suffixes: k[0].suffixes, type: k[0].type, enabledPlugin: null
}
;
Object.setPrototypeOf(plgMt, MimeType.prototype);
plg[0] = plg[plgMt.type] = plgMt;
Object.setPrototypeOf(plg, Plugin.prototype);
tPg.push(plg);
}
);
}
var fPgI = {
length: tPg.length, item: function(index) {
return this[index] ?? null;
}
, namedItem: function(name) {
return this[name] ?? null;
}
, refresh: function() {
}
}
;
tPg = shuffle(tPg);
tPg.forEach(function(k,v) {
fPgI[v] = fPgI[k.name] = k;
}
);
Object.setPrototypeOf(fPgI, PluginArray.prototype);
Object.defineProperty(window.navigator, 'plugins', {
get: function() {
return fPgI;
}
, enumerable: true, configurable: true
}
);
}
)();
</script><meta http-equiv="content-type" content="text/html; charset=UTF-8" />
Hier mal die Berichte: Addition.txt: Augrund der größe musste ich es als Anhang machen. FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2022 01
durchgeführt von Ronny (Administrator) auf DESKTOP-KMEFEVF (26-06-2022 20:46:44)
Gestartet von C:\Users\Ronny\Desktop\Neuer Ordner (6)
Geladene Profile: Ronny & MariaDB
Plattform: Microsoft Windows 10 Pro Version 21H1 19043.1766 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe ->) (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(C:\Program Files (x86)\IObit\Classic Start\SMService.exe ->) (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(C:\Program Files (x86)\IObit\Classic Start\SMService.exe ->) (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(C:\Program Files (x86)\IObit\Classic Start\SMService.exe ->) (MPSOFTWARE) [Datei ist nicht signiert] C:\Program Files (x86)\phpDesigner 8\phpDesigner.exe
(C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe ->) (Malwarebytes Inc -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(C:\Program Files (x86)\seRapid\seRapid.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\seRapid\seRapid.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIPKE.EXE
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIYNE.EXE
(explorer.exe ->) (Tim Kosse -> FileZilla Project) C:\Program Files\FileZilla FTP Client\filezilla.exe
(Malwarebytes Inc -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <22>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(PrintCtrl.exe ->) (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe <2>
(services.exe ->) (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusUpdateCheck.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupSvc.exe
(services.exe ->) (IncrediBuild Software Ltd. -> IncrediBuild Software Ltd.) C:\Program Files (x86)\IncrediBuild\BuildService.exe
(services.exe ->) (IncrediBuild Software Ltd. -> IncrediBuild Software Ltd.) C:\Program Files (x86)\IncrediBuild\CoordService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_fc9ac11e55f51133\RstMwService.exe
(services.exe ->) (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(services.exe ->) (MariaDB Corporation Ab -> ) C:\Program Files\MariaDB 10.6\bin\mysqld.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_d5d5b9f929f4cb65\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Piriform Software Ltd -> ) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e8d71250669d562e\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e8d71250669d562e\RtkAudUService64.exe [1350240 2021-09-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [595080 2019-03-21] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212816 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [4134256 2022-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox) [Datei ist nicht signiert]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [406144 2020-10-01] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [117864 2021-04-30] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2476216 2022-02-11] (Malwarebytes Inc -> Malwarebytes Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero 2022\Nero BackItUp\BackItUp.exe [1343112 2022-02-21] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [DriveSpan] => C:\Program Files (x86)\Nero\Nero Apps\Transfer\Transfer.exe [686216 2022-02-21] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [IncrediBuild Agent Monitor] => C:\Program Files (x86)\IncrediBuild\BuildTrayIcon.exe [194312 2020-08-03] (IncrediBuild Software Ltd. -> IncrediBuild Software Ltd.)
HKLM\...\Policies\Explorer: [NoThumbnailCache] 1
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-421459142-3224663316-2082560211-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-421459142-3224663316-2082560211-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [68824 2022-04-21] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-421459142-3224663316-2082560211-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPKE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-421459142-3224663316-2082560211-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIYNE.EXE [485976 2020-09-11] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-421459142-3224663316-2082560211-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32637904 2022-06-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-421459142-3224663316-2082560211-1001\...\Run: [MicrosoftEdgeAutoLaunch_CFD318A3356F20AFEF22DDE9A271841E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-421459142-3224663316-2082560211-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-421459142-3224663316-2082560211-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-80-3070791953-3247979545-275873789-2352004973-969172767\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1969016 2021-04-22] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ActMaskR: C:\Windows\System32\spool\prtprocs\x64\ActPrint.dll [51848 2018-09-14] (ActMask Group Co., Ltd -> ActMask Co.,Ltd)
HKLM\...\Print\Monitors\EPSON ET-2850 Series 64MonitorBE: C:\Windows\system32\E_YLMBYNE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EPSON XP-830 Series 64MonitorBE: C:\Windows\system32\E_YLMBPKE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2022-06-08]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2021-10-24]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\J2534 Config App (KTS).lnk [2021-10-24]
ShortcutTarget: J2534 Config App (KTS).lnk -> C:\Program Files (x86)\Bosch\VTX-VCI\VCI Software (KTS)\J2534 Configuration\J2534ConfigApp.exe (Vetronix Corp) [Datei ist nicht signiert]
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-421459142-3224663316-2082560211-1001\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-421459142-3224663316-2082560211-1001\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00FDDA35-5392-4342-96A9-B93A47656243} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {010A679B-8F98-47CB-8EC0-B3ED949F7608} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115632 2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {06BCF72B-CA93-4C5E-B2A9-62A511325C79} - System32\Tasks\Opera scheduled Autoupdate 1609339856 => C:\Users\Ronny\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei)
Task: {0D363B3E-DFB6-44CE-96A5-B871C5112B27} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2022-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11E0A22C-81D0-4FB8-A4E7-1794AB26EB72} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {1F9E068F-A13E-4EB2-8AF3-A6A7269493B2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software)
Task: {262AE150-0F42-439C-9980-BF28C2ABDD6B} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [6692208 2022-05-18] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {3545CD8D-5B93-4E34-8769-84AD4040DF1D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864352 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CC3F768-D992-4FEA-91D7-CE9641860160} - System32\Tasks\CCleanerSkipUAC - Ronny => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {533C7BA1-A6AB-47A3-BBB1-F38177877739} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [72328 2020-11-24] (Oracle America, Inc. -> Oracle Corporation)
Task: {6464599B-8D2A-414E-842B-89596DDADD19} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1197392 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
Task: {68B8AF7E-964F-45E4-BAAC-AA0DD79E9A49} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4615504 2022-06-07] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid 0a6b7954-25a5-4bb3-b84e-c87fa75a20e0
Task: {6FA6675B-1058-4F90-B1A1-C3CAD27D2501} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2833272 2021-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {71A04171-5825-4D50-A734-E7ED4381F961} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {78ACEF26-3A10-4815-92EE-772993F37DA4} - System32\Tasks\Driver Booster SkipUAC (Ronny) => C:\Program Files (x86)\IObit\Driver Booster\8.4.0\DriverBooster.exe [8242200 2021-04-06] (IObit CO., LTD -> IObit)
Task: {83613948-BAB5-4FBC-A1B8-10D661D51EF2} - System32\Tasks\Abelssoft\AntiLogger_3 => C:\Program Files (x86)\AntiLogger\AbLauncher.exe [18736 2020-09-28] (Ascora GmbH -> )
Task: {84780472-0969-4464-B691-07578656CF52} - System32\Tasks\Avast Software\AvastAntiTrackPremiumStart => C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [803920 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
Task: {85464866-97A3-4788-BC72-2353AB80F475} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4925264 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
Task: {8FB649F2-0392-4716-B672-293339AB846E} - System32\Tasks\EPSON XP-830 Series Update {7D53F211-C413-46DF-8AA6-1F75FCFB9211} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPKE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {919A0C63-6450-4FA4-ABED-A522845F6FFD} - System32\Tasks\EPSON XP-830 Series Update {501C95D9-4DBB-401B-90C7-152FF51B0F95} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPKE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {925886B6-D2A9-4791-8C28-9645F713F354} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [4615024 2022-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --guid 933d463f-de78-49e1-ae6b-0e103d9f2d89
Task: {94F9B34B-4084-46E9-A62D-A6682ED96CD0} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6634776 2022-05-30] (Avast Software s.r.o. -> Avast Software)
Task: {9839E76E-1684-4324-99B0-5C02AE62EACE} - System32\Tasks\EPSON ET-2850 Series Update {BAF90819-35F8-4880-A7F0-C68E54C44978} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSYNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {9A328722-0DDB-4876-B6FD-9CA4A4BD4635} - System32\Tasks\PlitchSkipUAC => C:\Program Files\PLITCH\PLITCH.exe [146423576 2022-02-24] (MegaDev GmbH -> MegaDev GmbH)
Task: {9DB1EA23-11B0-46CF-827B-8C28FF753455} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A056F2DC-B82A-4CB4-8968-A1B49FEA8050} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A3DC1C02-B2EF-4EB6-8376-BD2321189432} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {A494C0D7-2F4D-40B5-B57A-5AE9E01EA13E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A698A558-37A5-4455-99D1-FF4D1C74B487} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {A71245BD-4376-43CE-A6A5-7C58D3B8E48E} - System32\Tasks\Driver Genius Scheduler => C:\Program Files (x86)\Driver-Soft\DriverGenius\DriverGenius.exe [2334848 2019-12-20] (Driver Information Technology Co., Ltd. -> Driver-Soft Inc.)
Task: {A902BD25-23EA-448C-8E43-11B01B8807FC} - System32\Tasks\Driver Genius Skip UAC => C:\Program Files (x86)\Driver-Soft\DriverGenius\DriverGenius.exe [2334848 2019-12-20] (Driver Information Technology Co., Ltd. -> Driver-Soft Inc.)
Task: {A9644320-A846-46CF-AE83-A390BB37FA81} - System32\Tasks\Online_KMS_Activation_Script-Renewal => %ProgramData%\Online_KMS_Activation\Activate.cmd Task
Task: {AEDD0246-F0AB-4AFF-AAD3-E0E6D6FD14AF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864352 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF3F1610-44AD-4F8F-B44E-F2B0CE24F8E1} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer.4b1f0565414a4f44aef21deeae46f612\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe (Keine Datei)
Task: {C6B0F88E-5F57-46F7-9966-988D9DD4A2A3} - System32\Tasks\EPSON XP-830 Series Update {9409445C-2605-4BDF-BEF1-C261605DD962} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPKE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {CE4C1797-6DB2-4614-9D47-CFD2A6EFC2FA} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D9E6673E-1732-4412-B22D-C6323BF8D43A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E6030030-F7D6-4C36-8836-734B7AF2D1D6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115632 2022-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {E8A51500-D38B-4503-BF37-25DDF4D211D1} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBBEFBFD-56DF-43C1-9555-4C3D00845D90} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [528656 2019-05-22] (IObit Information Technology -> IObit)
Task: {F0FA89E9-6FB0-4E56-8B0E-D3AD8EA1D394} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F4E7BDA3-8D6D-4FF6-ABA8-BABEF71FA540} - System32\Tasks\Opera scheduled assistant Autoupdate 1609339858 => C:\Users\Ronny\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Ronny\AppData\Local\Programs\Opera\assistant" $(Arg0)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\EPSON ET-2850 Series Update {BAF90819-35F8-4880-A7F0-C68E54C44978}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSYNE.EXE:/EXE:{BAF90819-35F8-4880-A7F0-C68E54C44978} /F:UpdateWORKGROUP\DESKTOP-KMEFEVF$ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-830 Series Update {9409445C-2605-4BDF-BEF1-C261605DD962}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPKE.EXE:/EXE:{9409445C-2605-4BDF-BEF1-C261605DD962} /F:UpdateWORKGROUP\DESKTOP-KMEFEVF$ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\StartMenu8_Start.job => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9 15 C:\Windows\SysWOW64\vsocklib.dll [44128 2020-08-11] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 16 C:\Windows\SysWOW64\vsocklib.dll [44128 2020-08-11] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [48224 2020-08-11] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [48224 2020-08-11] (VMware, Inc. -> VMware, Inc.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{0a1135b0-d58b-4972-9c42-72c7bf771641}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{17f0d20f-3893-472d-8e62-1e53e5dedf66}: [NameServer] 100.120.179.1
Tcpip\..\Interfaces\{89703acd-c103-4b9b-ba7a-005ef1a5e60f}: [DhcpNameServer] 192.168.178.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ronny\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-26]
Edge DownloadDir: Default -> C:\Users\Ronny\Downloads\clone
Edge HomePage: Default -> hxxp://www.google.de/
Edge StartupUrls: Default -> "hxxp://www.google.de/"
Edge Extension: (AHA Music - Song Finder für Browser) - C:\Users\Ronny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejfccgmelcclnoadalcepdmnpgcnglfc [2022-04-25]
FireFox:
========
FF DefaultProfile: 7eqkeml4.default
FF ProfilePath: C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\7eqkeml4.default [2020-11-20]
FF ProfilePath: C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release [2022-06-26]
FF Homepage: Mozilla\Firefox\Profiles\1qsr4clk.default-release -> about:blank
FF Session Restore: Mozilla\Firefox\Profiles\1qsr4clk.default-release -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\1qsr4clk.default-release -> hxxps://webinterface.nitrado.net; hxxps://www.b1gmail.eu
FF Extension: (Disconnect) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\2.0@disconnect.me.xpi [2020-11-20]
FF Extension: (AdBlocker Ultimate) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2022-05-25]
FF Extension: (Cookie AutoDelete) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\CookieAutoDelete@kennydo.com.xpi [2022-06-15]
FF Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\firefox@ghostery.com.xpi [2022-06-14]
FF Extension: (FoxyProxy Standard) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\foxyproxy@eric.h.jung.xpi [2020-11-20]
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-06-27] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (KeePassXC-Browser) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\keepassxc-browser@keepassxc.org.xpi [2022-06-24]
FF Extension: (Kein Name) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\KeeperFFStoreExtension@KeeperSecurityInc.xpi [2022-06-22]
FF Extension: (OpenLink Structured Data Sniffer) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\osds@openlinksw.com.xpi [2022-05-24]
FF Extension: (Avira Password Manager) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\passwordmanager@avira.com.xpi [2022-04-13]
FF Extension: (Download Manager (S3)) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\s3download@statusbar.xpi [2020-11-20]
FF Extension: (LastPass: Free Password Manager) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\support@lastpass.com.xpi [2022-06-10]
FF Extension: (WEB.DE MailCheck) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\toolbar@web.de.xpi [2022-05-21]
FF Extension: (uBlock Origin) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-06-15]
FF Extension: (Wappalyzer - Technology profiler) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\wappalyzer@crunchlabz.com.xpi [2022-06-08]
FF Extension: (Avast Online Security & Privacy) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\wrc@avast.com.xpi [2022-06-07]
FF Extension: (Gamer TIme) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\{3afd3680-7dda-4412-be2c-1494d8162531}.xpi [2021-12-24]
FF Extension: (JavaScript Toggle On and Off) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\{479f0278-2c34-4365-b9f0-1d328d0f0a40}.xpi [2021-04-13]
FF Extension: (Fairytale Of Nature) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\{6804879d-8801-473a-b13d-605b902a5e4f}.xpi [2021-06-05]
FF Extension: (Purpling bubbles) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\{69ab6730-1a1a-4d27-8aa4-f27a0e5f2de8}.xpi [2021-06-18]
FF Extension: (NoScript) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-05-30]
FF Extension: (Blue Firefox Theme) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\{9aa2a587-21c1-4dbc-a02f-ddf408d9e9e5}.xpi [2021-06-05]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-05-31]
FF Extension: (Buster: Captcha Solver for Humans) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\{e58d3966-3d76-4cd9-8552-1582fbc800c1}.xpi [2021-11-02]
FF Extension: (Sticky Password - sicherer Passwortmanager) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2021-11-19]
FF Extension: (Forest theme by grishiv) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\{ff3765dd-650e-4b21-bb5a-db0b3fa9b81d}.xpi [2021-06-05]
FF Extension: (Öffne Biet-O-Matic BE) - C:\Users\Ronny\AppData\Roaming\Mozilla\Firefox\Profiles\1qsr4clk.default-release\Extensions\{ffa25be1-b079-4bbc-92da-0e5594c99fb2}.xpi [2021-01-22]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-20] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [pkijdmeepjhpenmighhaodgfoogncnlk] - C:\Program Files (x86)\Offline Explorer Enterprise\mpoe.crx [2022-01-08]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2700648 2021-12-18] (HIGH MORALE DEVELOPMENTS LIMITED -> )
R2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [768408 2022-06-26] (ASUSTeK Computer Inc. -> )
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8432776 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576336 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1995600 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [576336 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 AvastAntiTrackSvc; C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe [1927960 2022-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-24] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8915368 2022-01-06] (BattlEye Innovations e.K. -> )
S2 Bosch Bluetooth USB Adapter Power Control; C:\Program Files (x86)\Bosch\Diagnostics\Tools\UsbPwrCtrl\UsbPwrCtrl.exe [35840 2018-02-21] (Robert Bosch GmbH) [Datei ist nicht signiert]
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [789744 2022-05-11] (Piriform Software Ltd -> )
R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [15710064 2022-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9191816 2022-04-01] (Microsoft Corporation -> Microsoft Corporation)
S4 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9824672 2019-10-17] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2019-10-16] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2021-06-21] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S4 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.062.0328.0001\FileSyncHelper.exe [2096512 2021-04-22] (Microsoft Corporation -> Microsoft Corporation)
R2 IncrediBuild_Agent; C:\Program Files (x86)\IncrediBuild\BuildService.exe [1411848 2020-08-03] (IncrediBuild Software Ltd. -> IncrediBuild Software Ltd.)
R2 IncrediBuild_Coordinator; C:\Program Files (x86)\IncrediBuild\CoordService.exe [3570952 2020-08-03] (IncrediBuild Software Ltd. -> IncrediBuild Software Ltd.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
S4 KTSVCIIdentService; C:\Program Files (x86)\Bosch\VTX-VCI\VCI Software (KTS)\VCI Identification Service\vci-ident.exe [2464256 2019-09-05] (Vetronix Corp.) [Datei ist nicht signiert]
S4 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [68736 2020-10-02] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
R2 MariaDB; C:\Program Files\MariaDB 10.6\bin\mysqld.exe [33672 2022-05-18] (MariaDB Corporation Ab -> )
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [147128 2022-02-11] (Malwarebytes Inc -> Malwarebytes Corporation)
S4 MsMpiLaunchSvc; C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe [27760 2016-06-13] (AzureEngBuildCodeSign -> ) [Datei ist nicht signiert]
S4 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S4 NeroBackItUpBackgroundService2023; C:\Program Files (x86)\Nero\Nero 2022\Nero BackItUp\NBService.exe [340616 2022-02-21] (Nero AG -> Nero AG)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [11605880 2021-09-26] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S4 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.062.0328.0001\OneDriveUpdaterService.exe [2517360 2021-04-22] (Microsoft Corporation -> Microsoft Corporation)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9762128 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254368 2022-06-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1162000 2019-05-28] (IObit Information Technology -> IObit)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S4 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15223552 2021-04-30] (VMware, Inc. -> )
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMIRegistrationService; C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe [538736 2021-09-09] (Intel Corporation -> Intel Corporation)
S3 asrrealtimesrv; C:\Program Files (x86)\Advanced System Repair Pro 1.9.8.3.0\asrrealtimesrv.exe [X]
S2 MySQL57; "C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe" --defaults-file="C:\ProgramData\MySQL\MySQL Server 5.7\my.ini" MySQL57
S2 MySQL571; "C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe" --defaults-file="C:\ProgramData\MySQL\MySQL Server 5.7\my.ini" MySQL571
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_d5d5b9f929f4cb65\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_d5d5b9f929f4cb65\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 A6210; C:\Windows\system32\DRIVERS\A6210.sys [2259016 2018-08-26] (NETGEAR TAIWAN CO., LTD -> MediaTek Inc.)
S3 ACE-BASE; C:\Windows\system32\drivers\ACE-BASE.sys [1868832 2022-01-07] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\Windows\system32\drivers\ACE-GAME.sys [772656 2022-01-07] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-07-20] (ASUSTeK Computer Inc. -> )
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [232648 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [382608 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [255136 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [102048 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [21936 2021-09-23] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [45072 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [271600 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [548968 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111056 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [86120 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [857488 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [662160 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218608 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [321928 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [65944 2022-06-07] (Avast Software s.r.o. -> Avast Software)
R3 aswWintun; C:\Windows\System32\drivers\aswWintun.sys [37104 2022-04-12] (Avast Software s.r.o. -> WireGuard LLC)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc. -> SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [160176 2022-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 netfilter2; C:\Windows\System32\drivers\netfilter2.sys [119984 2022-04-12] (Avast Software s.r.o. -> Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-10-31] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [94576 2021-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 VClone; C:\Windows\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R0 vmci; C:\Windows\System32\drivers\vmci.sys [104888 2021-11-30] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R1 vmkbd3; C:\Windows\system32\DRIVERS\vmkbd.sys [60344 2021-04-30] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [67072 2021-04-30] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [54592 2020-08-11] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2020-11-20] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429288 2020-11-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-20] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-06-26 20:20 - 2022-06-26 20:47 - 000000000 ____D C:\FRST
2022-06-26 09:27 - 2022-06-26 09:28 - 129308948 _____ C:\Users\Ronny\Downloads\KigoNetflix.rar
2022-06-25 09:39 - 2022-06-25 09:39 - 151319136 _____ C:\Users\Ronny\Downloads\YetiShare.zip
2022-06-24 17:33 - 2022-06-24 17:35 - 000000000 ____D C:\Users\Ronny\Downloads\bemusic_v2.5.2
2022-06-24 16:58 - 2022-06-24 17:18 - 068990395 _____ C:\Users\Ronny\Downloads\bemusic_v2.5.2.zip
2022-06-24 07:50 - 2022-06-24 07:50 - 000486048 _____ C:\Windows\system32\FNTCACHE.DAT
2022-06-22 15:45 - 2022-06-24 08:43 - 000000000 ____D C:\Export2
2022-06-22 15:36 - 2022-06-22 15:36 - 000001192 _____ C:\Users\Ronny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mailchecker.lnk
2022-06-22 15:36 - 2022-06-22 15:36 - 000000000 ____D C:\Users\Ronny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autostart
2022-06-22 15:36 - 2022-06-22 15:36 - 000000000 ____D C:\Program Files (x86)\Mailchecker
2022-06-20 22:50 - 2022-06-23 16:09 - 000009174 _____ C:\Users\Ronny\Documents\reg.php
2022-06-20 22:50 - 2022-06-20 22:50 - 000007153 _____ C:\Users\Ronny\Documents\reg-standart.php
2022-06-20 17:58 - 2022-06-20 18:10 - 000000625 _____ C:\Users\Ronny\Documents\test6.php
2022-06-20 11:40 - 2022-06-20 22:53 - 000002560 _____ C:\Users\Ronny\Documents\seCache.tmp
2022-06-18 22:44 - 2022-06-18 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\b1gMail Plugin-SDK
2022-06-18 22:44 - 2022-06-18 22:44 - 000000000 ____D C:\Program Files (x86)\B1G Software
2022-06-18 22:34 - 2022-06-18 22:57 - 000000000 ____D C:\Users\Ronny\Desktop\Neuer Ordner (7)
2022-06-18 21:50 - 2022-06-20 15:34 - 000007337 _____ C:\Users\Ronny\Documents\test5.php
2022-06-18 21:50 - 2022-06-20 15:28 - 000007336 _____ C:\Users\Ronny\Documents\test4.php
2022-06-18 21:50 - 2022-06-18 21:54 - 000036655 _____ C:\Users\Ronny\Documents\test3.php
2022-06-18 21:45 - 2022-06-18 21:45 - 000031898 _____ C:\Users\Ronny\editor_ie7.css
2022-06-18 21:37 - 2022-06-18 21:37 - 000010396 _____ C:\Users\Ronny\common.css
2022-06-18 21:20 - 2022-06-18 21:52 - 000036651 _____ C:\Users\Ronny\Documents\test2.php
2022-06-18 07:45 - 2022-06-18 07:45 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2022-06-18 07:45 - 2022-06-18 07:45 - 000479744 _____ C:\Windows\system32\AssignedAccessCsp.dll
2022-06-18 07:45 - 2022-06-18 07:45 - 000104448 _____ C:\Windows\system32\nettraceex.dll
2022-06-18 07:45 - 2022-06-18 07:45 - 000040960 _____ C:\Windows\system32\uwfservicingapi.dll
2022-06-18 07:45 - 2022-06-18 07:45 - 000011787 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-06-18 07:44 - 2022-06-18 07:44 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-06-18 07:44 - 2022-06-18 07:44 - 000232288 _____ C:\Windows\system32\containerdevicemanagement.dll
2022-06-18 07:39 - 2022-06-18 07:39 - 000000000 ___HD C:\$WinREAgent
2022-06-17 20:34 - 2022-06-17 20:34 - 000000000 ____D C:\Users\Ronny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firemail Tool
2022-06-17 20:34 - 2022-06-17 20:34 - 000000000 ____D C:\Users\Ronny\AppData\Local\BMToolbox-c3f5030a
2022-06-17 20:10 - 2022-06-18 08:04 - 000002362 _____ C:\Windows\system32\Tasks\Driver Genius Skip UAC
2022-06-17 13:33 - 2022-06-17 13:33 - 000000000 _____ C:\Users\Ronny\bootstrap-theme.css
2022-06-17 13:19 - 2022-06-18 19:10 - 000000000 ____D C:\Users\Ronny\Desktop\mail
2022-06-17 12:01 - 2022-06-26 18:28 - 000022617 _____ C:\Users\Ronny\Documents\test.php
2022-06-16 13:32 - 2022-06-17 14:56 - 000001454 _____ C:\Users\Ronny\info.php
2022-06-16 10:42 - 2022-06-16 12:04 - 000000000 ____D C:\Export1
2022-06-15 20:13 - 2022-06-26 20:46 - 000000000 ____D C:\Users\Ronny\Desktop\Neuer Ordner (6)
2022-06-14 22:39 - 2022-06-17 12:05 - 000000000 ____D C:\Users\Ronny\Desktop\freshtemp_1_0_0
2022-06-14 22:38 - 2022-06-14 22:39 - 001850021 _____ C:\Users\Ronny\Desktop\freshtemp_1_0_0.zip
2022-06-14 09:29 - 2022-06-14 09:29 - 000000000 ____D C:\Users\Ronny\Desktop\cryptocasino__1180
2022-06-14 07:51 - 2022-06-14 07:54 - 015878195 _____ C:\Users\Ronny\Desktop\cryptocasino__1180.rar
2022-06-14 07:46 - 2022-06-14 07:52 - 022806216 _____ C:\Users\Ronny\Desktop\CryptoCasino-1.15.1.rar
2022-06-12 23:07 - 2022-06-12 23:07 - 013189660 _____ C:\Users\Ronny\Desktop\BlizzCMS-1.0.7.8.zip
2022-06-12 18:23 - 2022-06-12 18:51 - 000000000 ____D C:\Users\Ronny\Desktop\DekkCore Donor Repack
2022-06-10 06:39 - 2022-06-10 08:09 - 000000000 ____D C:\Users\Ronny\Desktop\Shadowlands Minimal Client 9.1.5.41079
2022-06-09 09:12 - 2022-06-20 10:42 - 000001213 _____ C:\Users\Ronny\Desktop\Arctium WoW Launcher.exe.lnk
2022-06-08 22:15 - 2022-06-08 22:19 - 000000000 ____D C:\Users\Ronny\Desktop\rakumailer_pm
2022-06-08 19:36 - 2022-06-08 19:38 - 386018572 _____ C:\Users\Ronny\Desktop\KyrianCore-FREE-master.zip
2022-06-08 15:55 - 2022-06-10 06:38 - 000000000 ____D C:\Users\Ronny\Desktop\Neuer Ordner (5)
2022-06-08 09:41 - 2022-06-08 09:41 - 000000000 ____D C:\Users\Ronny\AppData\Roaming\Hulubulu
2022-06-08 09:41 - 2022-06-08 09:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Renamer
2022-06-08 09:41 - 2022-06-08 09:41 - 000000000 ____D C:\Program Files\Advanced Renamer
2022-06-07 14:56 - 2022-06-07 20:57 - 000000000 ____D C:\Users\Ronny\Desktop\rathena-master
2022-06-07 14:54 - 2022-06-07 14:54 - 021909567 _____ C:\Users\Ronny\Desktop\rathena-master.zip
2022-06-07 08:35 - 2022-06-07 08:35 - 000000000 ____D C:\Users\Ronny\AppData\Local\Xamarin
2022-06-07 08:34 - 2022-06-07 08:34 - 000000000 ____D C:\Users\Ronny\.nuget
2022-06-07 08:33 - 2022-06-07 08:33 - 000000000 ____D C:\Users\Ronny\AppData\Local\NuGet
2022-06-07 07:12 - 2022-06-07 07:12 - 000269136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2022-06-07 07:12 - 2022-06-07 07:12 - 000218608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2022-06-07 07:12 - 2022-06-07 07:12 - 000065944 _____ (Avast Software) C:\Windows\system32\Drivers\aswVpnRdr.sys
2022-06-06 16:42 - 2022-06-06 16:43 - 158863360 _____ C:\Users\Ronny\Documents\EpicInstaller-13.3.0.msi
2022-06-06 10:22 - 2022-06-06 10:22 - 000000000 ____D C:\Users\Ronny\AppData\Local\ServiceHub
2022-06-06 08:27 - 2022-06-06 08:27 - 000022080 _____ (Advanced System Repair Inc.) C:\Windows\system32\Drivers\asrscan.sys
2022-06-05 19:39 - 2022-06-05 12:13 - 000147462 _____ C:\worldserver.conf
2022-06-05 18:30 - 2022-06-05 14:27 - 000015714 _____ C:\bnetserver.conf
2022-06-05 10:38 - 2022-06-05 10:50 - 000000000 ____D C:\MySQL
2022-06-05 10:38 - 2022-06-05 10:43 - 000000000 ____D C:\Program Files\MySQL
2022-06-05 10:36 - 2022-06-05 10:43 - 000000000 ____D C:\Program Files (x86)\MySQL
2022-06-05 10:36 - 2022-06-05 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2022-06-04 17:32 - 2022-06-04 17:32 - 030537131 _____ C:\Users\Ronny\Desktop\webmail-pro-php.zip
2022-06-04 17:00 - 2022-06-04 17:00 - 002056944 _____ C:\Users\Ronny\Desktop\afterlogic-activeserver.zip
2022-06-04 16:52 - 2022-06-04 16:55 - 011091726 _____ C:\Users\Ronny\Desktop\aionevideodownloader25.rar
2022-06-04 09:16 - 2022-06-04 09:18 - 493506545 _____ C:\Users\Ronny\Downloads\TrinityCore-master.zip
2022-06-04 09:10 - 2022-06-04 09:13 - 000000000 ____D C:\Users\Ronny\Downloads\TrinityCore
2022-06-03 22:30 - 2022-06-03 22:30 - 001666080 _____ (O&O Software GmbH) C:\Users\Ronny\Desktop\OOS1431U10.exe
2022-06-03 21:43 - 2022-06-03 21:43 - 000013183 _____ C:\Users\Ronny\Downloads\nick25_elster_03.06.2022_21.39.pfx
2022-06-03 06:37 - 2022-06-04 10:22 - 003281100 _____ C:\Users\Ronny\Desktop\EvaMailer - 1.zip
2022-06-02 20:51 - 2022-06-02 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediBuild
2022-06-02 20:51 - 2022-06-02 20:51 - 000000000 ____D C:\ProgramData\IncrediBuild
2022-06-02 20:51 - 2022-06-02 20:51 - 000000000 ____D C:\Program Files (x86)\IncrediBuild
2022-06-02 20:50 - 2022-06-02 20:50 - 000001803 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019 (2).lnk
2022-06-02 20:47 - 2022-06-02 20:47 - 000001802 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019 (2).lnk
2022-06-02 12:41 - 2022-06-02 18:51 - 000000206 _____ C:\Users\Ronny\.gitconfig
2022-06-02 11:40 - 2022-06-02 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2022-06-02 11:39 - 2022-06-02 12:41 - 000000124 _____ C:\Users\Ronny\.gitconfig.backup
2022-06-02 11:37 - 2022-06-02 11:37 - 000000000 ____D C:\Users\Ronny\AppData\Roaming\Git Extensions
2022-06-02 11:36 - 2022-06-02 18:46 - 000002052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git Extensions.lnk
2022-06-02 11:36 - 2022-06-02 11:39 - 000000000 ____D C:\Users\Ronny\AppData\Local\GitExtensions
2022-06-02 11:36 - 2022-06-02 11:36 - 000000000 ____D C:\Users\Ronny\AppData\Roaming\GitExtensions
2022-06-02 11:35 - 2022-06-02 18:46 - 000000000 ____D C:\Program Files (x86)\GitExtensions
2022-06-02 09:16 - 2022-06-02 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CMake
2022-06-02 09:16 - 2022-06-02 09:16 - 000000000 ____D C:\Program Files\CMake
2022-06-02 09:05 - 2022-06-02 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MariaDB 10.6 (x64)
2022-06-02 09:05 - 2022-06-02 09:05 - 000000000 ____D C:\Program Files\MariaDB 10.6
2022-06-02 09:05 - 2022-06-02 09:05 - 000000000 ____D C:\MariaDB 10.6
2022-06-01 19:57 - 2022-06-23 08:35 - 000000000 ____D C:\Users\Ronny\AppData\Roaming\Telegram Desktop
2022-06-01 19:57 - 2022-06-01 19:57 - 000000000 ____D C:\Users\Ronny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2022-06-01 12:04 - 2022-06-06 10:25 - 000000000 ____D C:\TrinityCore
2022-06-01 10:53 - 2022-06-01 10:54 - 000000000 ____D C:\Users\Ronny\Desktop\Neuer Ordner (3)
2022-05-31 17:34 - 2022-05-31 17:34 - 000000000 ____D C:\Users\Ronny\Documents\test
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-06-26 20:13 - 2021-01-22 02:06 - 000000000 ____D C:\Program Files\CCleaner
2022-06-26 20:12 - 2020-11-20 17:02 - 000000000 ____D C:\Users\Ronny\AppData\LocalLow\Mozilla
2022-06-26 20:09 - 2020-12-26 19:26 - 000000000 ____D C:\Program Files (x86)\Steam
2022-06-26 20:00 - 2020-11-21 08:42 - 000000000 ____D C:\Program Files (x86)\phpDesigner 8
2022-06-26 19:48 - 2020-09-27 07:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-06-26 12:25 - 2021-04-27 21:02 - 000000000 ____D C:\ProgramData\NVIDIA
2022-06-26 09:50 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-26 09:39 - 2020-11-30 22:20 - 000000000 ____D C:\Users\Ronny\AppData\Roaming\FileZilla
2022-06-26 08:11 - 2020-11-20 13:52 - 001940628 _____ C:\Windows\system32\PerfStringBackup.INI
2022-06-26 08:11 - 2019-12-07 16:51 - 000824868 _____ C:\Windows\system32\perfh007.dat
2022-06-26 08:11 - 2019-12-07 16:51 - 000184938 _____ C:\Windows\system32\perfc007.dat
2022-06-26 08:11 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-06-26 08:06 - 2022-04-12 15:51 - 000000000 ____D C:\Users\Ronny\AppData\Local\AvastAntiTrackPremium
2022-06-26 08:05 - 2022-04-12 15:51 - 000004028 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2022-06-26 08:05 - 2021-09-23 12:33 - 000000000 ____D C:\ProgramData\VMware
2022-06-26 08:05 - 2021-04-27 09:41 - 000000000 ____D C:\ProgramData\AVG
2022-06-26 08:05 - 2021-02-19 22:36 - 000000000 ___SD C:\Users\Ronny\Documents\Sticky Passwords
2022-06-26 08:05 - 2020-11-30 22:53 - 000000000 ____D C:\ProgramData\Avast Software
2022-06-26 08:05 - 2020-11-20 14:14 - 000000000 ____D C:\Program Files (x86)\ASUS
2022-06-26 08:04 - 2020-11-20 19:48 - 000807280 _____ C:\Windows\system32\wpbbin.exe
2022-06-26 08:04 - 2020-11-20 19:48 - 000768408 _____ C:\Windows\system32\AsusUpdateCheck.exe
2022-06-26 08:04 - 2020-09-27 09:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-06-26 08:04 - 2020-09-27 07:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-25 22:49 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-06-25 22:48 - 2020-11-21 09:13 - 000028354 _____ C:\Users\Ronny\AppData\Roaming\phpdesigner.xml
2022-06-25 09:57 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-25 09:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-06-25 09:29 - 2020-09-27 09:36 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-24 22:24 - 2020-11-30 23:10 - 000000000 ____D C:\Users\Ronny\AppData\Roaming\Offline Explorer
2022-06-24 16:09 - 2020-11-21 08:37 - 000000000 ____D C:\ProgramData\Temp
2022-06-24 08:41 - 2021-02-27 16:53 - 000000000 ____D C:\download
2022-06-23 08:02 - 2021-10-07 20:41 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2022-06-22 15:52 - 2020-11-20 17:30 - 000000000 ____D C:\Users\Ronny\AppData\Local\D3DSCache
2022-06-22 15:40 - 2021-01-03 23:02 - 000000000 ___HD C:\avast! sandbox
2022-06-21 17:09 - 2021-05-25 14:09 - 000000000 ____D C:\Users\Ronny\AppData\Local\Avast Software
2022-06-21 07:16 - 2022-02-20 11:21 - 000000951 _____ C:\Windows\Tasks\EPSON ET-2850 Series Update {BAF90819-35F8-4880-A7F0-C68E54C44978}.job
2022-06-21 07:16 - 2022-01-02 17:14 - 000000951 _____ C:\Windows\Tasks\EPSON XP-830 Series Update {9409445C-2605-4BDF-BEF1-C261605DD962}.job
2022-06-21 07:16 - 2020-11-21 22:09 - 000000258 _____ C:\Windows\Tasks\StartMenu8_Start.job
2022-06-20 22:53 - 2020-11-30 23:02 - 000002246 ____H C:\Users\Ronny\Documents\Default.rdp
2022-06-20 10:59 - 2022-02-20 11:21 - 000003504 _____ C:\Windows\system32\Tasks\EPSON ET-2850 Series Update {BAF90819-35F8-4880-A7F0-C68E54C44978}
2022-06-20 10:59 - 2022-01-02 17:14 - 000003502 _____ C:\Windows\system32\Tasks\EPSON XP-830 Series Update {9409445C-2605-4BDF-BEF1-C261605DD962}
2022-06-20 10:59 - 2021-10-12 17:53 - 000002252 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Ronny
2022-06-20 10:59 - 2021-04-27 21:03 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-06-20 10:59 - 2021-04-27 21:02 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-06-20 10:59 - 2021-04-27 21:02 - 000003196 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-06-20 10:59 - 2021-01-22 02:06 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-06-20 10:59 - 2020-12-30 16:50 - 000003856 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1609339858
2022-06-20 10:59 - 2020-12-30 16:50 - 000003624 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1609339856
2022-06-20 10:59 - 2020-12-11 22:48 - 000004056 _____ C:\Windows\system32\Tasks\Online_KMS_Activation_Script-Renewal
2022-06-20 10:59 - 2020-11-30 22:54 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-06-20 10:59 - 2020-11-21 22:09 - 000002112 _____ C:\Windows\system32\Tasks\StartMenu8_Start
2022-06-20 10:59 - 2020-09-27 09:35 - 000003684 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-20 10:59 - 2020-09-27 09:35 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-06-20 10:55 - 2021-10-12 17:43 - 000003502 _____ C:\Windows\system32\Tasks\EPSON XP-830 Series Update {7D53F211-C413-46DF-8AA6-1F75FCFB9211}
2022-06-20 10:55 - 2020-12-10 10:34 - 000003502 _____ C:\Windows\system32\Tasks\EPSON XP-830 Series Update {501C95D9-4DBB-401B-90C7-152FF51B0F95}
2022-06-20 10:51 - 2021-01-02 23:11 - 000000000 ____D C:\Users\Ronny\AppData\Local\Battle.net
2022-06-20 08:59 - 2021-04-21 20:08 - 000000000 ____D C:\ProgramData\ProductData
2022-06-19 12:26 - 2020-11-20 14:09 - 000000000 ____D C:\Users\Ronny
2022-06-19 09:31 - 2021-03-12 16:34 - 000000000 ____D C:\Users\Ronny\Desktop\bitte decoden
2022-06-18 08:04 - 2021-04-27 20:55 - 000002640 _____ C:\Windows\system32\Tasks\Driver Genius Scheduler
2022-06-18 08:02 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-06-18 08:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-06-18 08:02 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2022-06-18 07:47 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-06-18 07:44 - 2020-09-27 09:35 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-06-18 07:39 - 2020-11-20 15:29 - 000000000 ____D C:\Windows\system32\MRT
2022-06-18 07:35 - 2021-01-20 10:02 - 000000000 ____D C:\Program Files (x86)\dotnet
2022-06-18 07:35 - 2020-11-20 15:29 - 145918784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-06-18 07:35 - 2020-11-20 14:20 - 000000000 ____D C:\ProgramData\Package Cache
2022-06-18 07:34 - 2021-10-05 12:42 - 000000000 ____D C:\Users\Default\.dotnet
2022-06-18 07:34 - 2021-01-20 10:02 - 000000000 ____D C:\Program Files\dotnet
2022-06-17 20:10 - 2021-04-27 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
2022-06-15 07:16 - 2020-11-30 23:01 - 000000000 ____D C:\Program Files (x86)\Offline Explorer Enterprise
2022-06-15 07:15 - 2020-11-30 23:01 - 000002202 _____ C:\Users\Ronny\Desktop\Offline Explorer Enterprise.lnk
2022-06-15 07:15 - 2020-11-30 23:01 - 000000000 ____D C:\Users\Ronny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaProducts Offline Explorer Enterprise
2022-06-15 06:41 - 2021-02-15 10:17 - 000011373 _____ C:\Users\Ronny\.bash_history
2022-06-15 06:07 - 2021-01-06 10:33 - 000000000 ____D C:\Users\Ronny\AppData\Local\CrashDumps
2022-06-15 06:07 - 2020-12-30 16:50 - 000000000 ____D C:\Users\Ronny\AppData\Local\JDownloader 2.0
2022-06-10 23:11 - 2020-12-26 19:33 - 000000000 ____D C:\Users\Ronny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-06-10 06:24 - 2021-10-12 16:47 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-06-10 06:24 - 2021-04-21 19:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-06-10 06:24 - 2020-11-20 17:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-06-08 21:47 - 2021-01-20 10:24 - 000000000 ____D C:\Users\Ronny\AppData\Local\.IdentityService
2022-06-07 07:12 - 2020-11-30 22:54 - 000857488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2022-06-07 07:12 - 2020-11-30 22:54 - 000662160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2022-06-07 07:12 - 2020-11-30 22:54 - 000548968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2022-06-07 07:12 - 2020-11-30 22:54 - 000382608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2022-06-07 07:12 - 2020-11-30 22:54 - 000321928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2022-06-07 07:12 - 2020-11-30 22:54 - 000271600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2022-06-07 07:12 - 2020-11-30 22:54 - 000255136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2022-06-07 07:12 - 2020-11-30 22:54 - 000232648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2022-06-07 07:12 - 2020-11-30 22:54 - 000111056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2022-06-07 07:12 - 2020-11-30 22:54 - 000102048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2022-06-07 07:12 - 2020-11-30 22:54 - 000086120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2022-06-07 07:12 - 2020-11-30 22:54 - 000045072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2022-06-07 07:12 - 2020-11-30 22:54 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-06-07 07:12 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-06-05 23:08 - 2021-01-03 23:02 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-06-05 10:42 - 2021-01-20 10:16 - 000000469 _____ C:\Windows\ODBCINST.INI
2022-06-05 10:38 - 2021-01-20 10:14 - 001968462 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2022-06-05 10:36 - 2021-01-20 10:13 - 000000000 ____D C:\ProgramData\MySQL
2022-06-03 06:33 - 2021-01-20 09:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2022-06-02 20:48 - 2021-01-20 10:02 - 000000000 ____D C:\Users\Ronny\.dotnet
2022-06-02 20:45 - 2021-01-20 09:59 - 000001429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2022-06-02 11:40 - 2021-01-20 09:57 - 000000000 ____D C:\Program Files\Git
2022-06-02 09:57 - 2021-01-20 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL
2022-06-02 09:57 - 2021-01-20 17:46 - 000000000 ____D C:\Program Files\OpenSSL-Win64
2022-06-02 09:57 - 2021-01-20 17:46 - 000000000 ____D C:\Program Files\Common Files\SSL
2022-06-02 09:05 - 2020-09-27 07:33 - 000000000 ____D C:\Windows\ServiceProfiles
2022-06-02 06:29 - 2020-11-20 17:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-05-31 17:34 - 2021-05-08 21:19 - 000000000 ____D C:\Users\Ronny\Documents\MEGAsync Downloads
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-11-21 09:13 - 2022-06-25 22:48 - 000028354 _____ () C:\Users\Ronny\AppData\Roaming\phpdesigner.xml
2021-06-07 16:36 - 2022-02-06 21:38 - 000017408 _____ () C:\Users\Ronny\AppData\Roaming\pushdata.sqlite
2022-04-06 12:21 - 2022-05-04 08:20 - 067552045 _____ () C:\Users\Ronny\AppData\Roaming\_encryptiondb.grf
==================== FLock ==============================
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 26.06.22
Scan-Zeit: 21:13
Protokolldatei: 203a1fd2-f584-11ec-8127-d45d64d0feb0.json
-Softwaredaten-
Version: 4.5.10.200
Komponentenversion: 1.0.1702
Version des Aktualisierungspakets: 1.0.56491
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19043.1766)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-KMEFEVF\Ronny
-Scan-Ãœbersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 601874
Erkannte Bedrohungen: 23
In die Quarantäne verschobene Bedrohungen: 9
Abgelaufene Zeit: 14 Min., 4 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 3
RiskWare.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online_KMS_Activation_Script-Renewal, Keine Aktion durch Benutzer, 897, 820454, , , , , ,
RiskWare.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A9644320-A846-46CF-AE83-A390BB37FA81}, In Quarantäne, 897, 820454, , , , , ,
RiskWare.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{A9644320-A846-46CF-AE83-A390BB37FA81}, In Quarantäne, 897, 820454, , , , , ,
Registrierungswert: 2
PUM.Optional.DisableMRT, HKLM\SOFTWARE\POLICIES\MICROSOFT\MRT|DONTREPORTINFECTIONINFORMATION, In Quarantäne, 6559, 676881, 1.0.56491, , ame, , ,
PUM.Optional.DisableMRT, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\MRT|DONTREPORTINFECTIONINFORMATION, In Quarantäne, 6559, 676881, 1.0.56491, , ame, , ,
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 18
RiskWare.KMS, C:\WINDOWS\SYSTEM32\TASKS\Online_KMS_Activation_Script-Renewal, Keine Aktion durch Benutzer, 897, 820454, 1.0.56491, , ame, , D19D3CF6CCF845C7895230F2E1B1A60E, 208F9612BD7FEC1BAA4D1E872BC19A0FDB4704D4840833DC1D884AFC417384CE
Malware.Heuristic.1001, C:\USERS\RONNY\DESKTOP\GERRO-MIDGARD\2021-11-17_RAGEXE_4THJOB.EXE, Keine Aktion durch Benutzer, 1000001, 0, 1.0.56491, 0000000000000000000003E9, dds, 01832704, F37B18F3C128EC6E78A70E67EEC97581, D59C331FFB02D80206418BD290FBDAE11EBA36C5D913C6AE70944984701E268D
Malware.Heuristic.1001, C:\USERS\RONNY\DESKTOP\GERRO-MIDGARD\ZMAIN.EXE, Keine Aktion durch Benutzer, 1000001, 0, 1.0.56491, 0000000000000000000003E9, dds, 01832704, 596B0388E99D434496716ACDE61EC019, 9D612EA0ED474FD22EFEAA2F07BD51784CFACD6CC00CC7B242176007B38BFC4F
Malware.Heuristic.1003, C:\USERS\RONNY\DESKTOP\MIDGARD RAGNAROK\MIDGARDRO.EXE, Keine Aktion durch Benutzer, 1000001, 0, 1.0.56491, 0000000000000000000003EB, dds, 01832704, 893D8248672E86376839758CF6FCF827, FFB11872F2D14746418B34297AB2FE8DB315754C1F10ED4873B7C4A7581E2A88
Malware.Heuristic.1001, C:\USERS\RONNY\DESKTOP\ONLINE_GAME_SCRIPT\RO_OFFLINE_2022\04_KRO - KOPIE\2021-11-17_RAGEXE_4THJOB.EXE, Keine Aktion durch Benutzer, 1000001, 0, 1.0.56491, 0000000000000000000003E9, dds, 01832704, F37B18F3C128EC6E78A70E67EEC97581, D59C331FFB02D80206418BD290FBDAE11EBA36C5D913C6AE70944984701E268D
Malware.Heuristic.1003, C:\USERS\RONNY\DESKTOP\NEUER ORDNER (7)\FTP\B1GSETUP\B1GSETUP-2.0.0-NODOTNET.EXE, Keine Aktion durch Benutzer, 1000001, 0, 1.0.56491, 0000000000000000000003EB, dds, 01832704, 5C011A0791D05A9A54F8279A948CDBE9, C15D01B6EF7522A2BB45768C926E850B38652D84056624AF2114583000119B20
Malware.Heuristic.1003, C:\USERS\RONNY\DESKTOP\NEUER ORDNER (7)\FTP\B1GSETUP\B1GSETUP-2.0.0-DOTNET.EXE, Keine Aktion durch Benutzer, 1000001, 0, 1.0.56491, 0000000000000000000003EB, dds, 01832704, A5AE1C27F7E52909C4914825F3514C46, 2FE5E6A012B4B80C197090610C769A7D72BE7B164EC02AE35CD8CC40E730E85C
Malware.Heuristic.1003, C:\USERS\RONNY\DESKTOP\NEUER ORDNER (7)\FTP\MAILCHECKER\MAILCHECKER-WINDOWS.EXE, Keine Aktion durch Benutzer, 1000001, 0, 1.0.56491, 0000000000000000000003EB, dds, 01832704, 5A8158849D795C5A43BCF116FC6784EC, 29D563ADB454B5061455D049A2D72025C049B3D10007DD2CF110E481EB95FCE7
HackTool.FilePatch, C:\PROGRAM FILES\CCLEANER\PATCH.EXE, Keine Aktion durch Benutzer, 7156, 281135, 1.0.56491, , ame, , F3F183BA8A3C43DFCBEF0396AD5D917B, 849D56EBCFDC2CB97C4A7AB9C961C3B7B80700D43963B7DB2B6934609DE6104D
Malware.Heuristic.1003, C:\USERS\RONNY\DESKTOP\NEUER ORDNER (7)\FTP\B1GSETUP\B1GSETUP-2.1.0-NODOTNET.EXE, Keine Aktion durch Benutzer, 1000001, 0, 1.0.56491, 0000000000000000000003EB, dds, 01832704, 329D24C6E4F2DF50A310AC48DC6D0793, 33E386177DD19D2B87DCC7C3B77D786787326406B229F064DD4C17C3DDBE3373
Malware.Heuristic.1003, C:\USERS\RONNY\DESKTOP\NEUER ORDNER (7)\FTP\B1GSETUP\B1GSETUP-2.1.0-DOTNET.EXE, Keine Aktion durch Benutzer, 1000001, 0, 1.0.56491, 0000000000000000000003EB, dds, 01832704, 3C02B365004088B8C25A3B633E7D930B, 3161F9BA40F5B72AC0240D4F25CA0FFF71D1753DBD8800A76F35663BA38251E8
Malware.Heuristic.1001, C:\USERS\RONNY\DESKTOP\ONLINE_GAME_SCRIPT\RO_OFFLINE_2022\04_KRO - KOPIE\PARADISERO - EDEN SMR.EXE, Keine Aktion durch Benutzer, 1000001, 0, 1.0.56491, 0000000000000000000003E9, dds, 01832704, 41A31E63DCB99A355BE15BCC1598AAE5, EDC9D902EE704CCA01BE6F413B472ABE88623A15BA7D6161ABE4AD400054DA18
Malware.AI.4240459836, C:\USERS\RONNY\DESKTOP\PASSFAB.FOR.RAR.9.5.1.4\PASSFAB.FOR.RAR.9.5.1.4.MSSTDFMT\FIX\REGISTER.DLL, In Quarantäne, 1000000, -54507460, 1.0.56491, 79B49D177FCB0615FCC0483C, dds, 01832704, 465999CF24E0493B20E9668C7397295E, A5D931DA8B693CD002E749267BBD8EE85BA61080337EB7C8E7F737C3FBF05506
Malware.AI.1640811531, C:\USERS\RONNY\DESKTOP\PHONE401\CRACK\ELKE PATCH.EXE, In Quarantäne, 1000000, 1640811531, 1.0.56491, 949E5E234C3D3AF361CCCC0B, dds, 01832704, 92DFFEDD253584F401B82CFF50E08C39, F918848299CD4333CC7459144079BA85BE6AB038382ED84879C8C128C3879EFF
Malware.Heuristic.1001, C:\USERS\RONNY\DESKTOP\PARADISEROFULL-01-01-2022\PARADISERO FULLCLIENT\PARADISERO - EDEN SMR.EXE, In Quarantäne, 1000001, 0, 1.0.56491, 0000000000000000000003E9, dds, 01832704, 41A31E63DCB99A355BE15BCC1598AAE5, EDC9D902EE704CCA01BE6F413B472ABE88623A15BA7D6161ABE4AD400054DA18
HackTool.FilePatch, C:\PROGRAM FILES (X86)\OFFLINE EXPLORER ENTERPRISE\PATCH.EXE, In Quarantäne, 7156, 281135, 1.0.56491, , ame, , BF8932C696DB1598F7BA8505BC33B087, C427B248557B6C2999082721F7040E42DAD9A0A51451C8E32E5214BA8D1AA76C
HackTool.FilePatch, C:\PROGRAM FILES (X86)\DRIVER-SOFT\DRIVERGENIUS\DRIVER GENIUS PRO V18 PATCH.EXE, In Quarantäne, 7156, 281135, 1.0.56491, , ame, , 38FC165F2424B24278ABA3018D5D3CCD, 453577A44B6AE7059691F67FD51EB229B3C1492A34B4CA168DC89C45C33FA673
Malware.Heuristic.1001, C:\USERS\RONNY\DESKTOP\ONLINE_GAME_SCRIPT\RO_OFFLINE_2022\04_KRO\2021-11-17_RAGEXE_4THJOB.EXE, Keine Aktion durch Benutzer, 1000001, 0, 1.0.56491, 0000000000000000000003E9, dds, 01832704, F37B18F3C128EC6E78A70E67EEC97581, D59C331FFB02D80206418BD290FBDAE11EBA36C5D913C6AE70944984701E268D
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
27.06.2022, 12:08
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 10: bei allen Webseiten wird unbekannter Javascript ausgeführt.Zitat:
Da du ein gecracktes Windows hast, wird das hier nicht supportet/bereinigt. Besorge dir ein legales Windows, dann gehts mit Neuinstallation des Rechners weiter.
__________________ |
|
27.06.2022, 17:53
| #3 |
| | Windows 10: bei allen Webseiten wird unbekannter Javascript ausgeführt. Das Windows ist original. Das Online_KMS_Activation_Script ist für MS Office 2021
__________________ |
|
27.06.2022, 18:59
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: bei allen Webseiten wird unbekannter Javascript ausgeführt. Solche Fälle bereinigen wir nicht.
__________________ Logfiles bitte immer in CODE-Tags posten  |
| Themen zu Windows 10: bei allen Webseiten wird unbekannter Javascript ausgeführt. |
| avast, avg, avira, computer, defender, firefox, format, ftp, google, homepage, internet, monitor, mozilla, netgear, nvcontainer, nvcontainer.exe, prozesse, realtek, registry, rundll, scan, seiten, server, svchost.exe, system, updates, windows |
Linear-Darstellung
