| |
| |||||||
Log-Analyse und Auswertung: Benutzer-OOBE erstellt einen erhöhten Objekt ServerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
08.01.2023, 17:29
| #1 |
| |  Benutzer-OOBE erstellt einen erhöhten Objekt Server Hallo bei der Erstellung von einem neuen Benutzer bekomme ich die Meldung nachdem ich mit dem Benutzer anmelde "Benutzer-OOBE erstellt einen erhöhten Objekt Server", was ich akzeptieren muss weil es danach nicht weiter geht. Bei der Recherche im Internet soll es von Microsoft sein aber warum ? Wieso muss ich einen erhöhten Objekt Server auf meinem Laptop erstellen? Mein Laptop benutze ich schon länger und denke dass da mal was drauf sein könnte. Wenn ich mal meinen Ordner von appdata anschaue sehe ich so alte programme die ich schon seit längerem deinstalliert habe und immernoch dort zugemüllt ist. Ich sehe auch im logfile Additon.txt programme drin stehen wie: figma, pycharm64, intellij, teams, und so viele weitere welche ich schon vor ca 1 Jahr gelöscht habe. Warum windows, diese nicht entfernt obwohl ich da immer beim löschen auswähle dass alles gelöscht werden soll. Ich füge hier mal meine Logfiles wie ihr das beschrieben habt und noch weitere von meinem virenscanner ein. Diese sind: FRST.txt Addition.txt AdwCleaner[S00].txt (von adwcleaner) AdwCleaner[C00].txt (von adwcleaner) Ich schätze eure Hilfe sehr. Braucht ihr noch welche Logfiles? Vielen Dank. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
durchgeführt von Lenovo (Administrator) auf ON (LENOVO 20FAS4L000) (08-01-2023 16:48:27)
Gestartet von C:\benutzerdaten\board,security,trojanerboard\software
Geladene Profile: Lenovo
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.2364 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\tpnumlkd.exe
(DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\tposd.exe
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) C:\Program Files (x86)\Maxthon5\Bin\MxService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\BTErgoMouseNotificationService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Sierra Wireless, Inc -> Sierra Wireless, Inc.) C:\Windows\Sierra Wireless Inc\bin\SwiService.exe
(services.exe ->) (Sirrix AG) [Datei ist nicht signiert] C:\Program Files (x86)\1Sirrix AG\BitBox\bin\BitBoxService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKU\S-1-5-21-668386076-219626189-2103062149-1001\...\Run: [Epic Privacy Browser Installer] => "C:\Users\Lenovo\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe" /c (Keine Datei)
HKU\S-1-5-21-668386076-219626189-2103062149-1001\...\Run: [Discord] => C:\Users\Lenovo\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-668386076-219626189-2103062149-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\Lenovo\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-668386076-219626189-2103062149-1001\...\Run: [ScreenRec] => C:\Users\Lenovo\AppData\Local\StreamingVideoProvider\ScreenRec_app\screenrec.exe (Keine Datei)
HKU\S-1-5-21-668386076-219626189-2103062149-1001\...\Run: [ConnectDetector] => "C:\Users\Lenovo\AppData\Roaming\Adobe\Connect\connectdetector.exe" (Keine Datei)
HKU\S-1-5-21-668386076-219626189-2103062149-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [1391464 2022-12-26] (Digital Wave Ltd -> Digital Wave Ltd)
HKU\S-1-5-21-668386076-219626189-2103062149-1001\...\Run: [Opera Browser Assistant] => C:\Users\Lenovo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3916232 2022-12-20] (Opera Norway AS -> Opera Software)
HKLM\...\Print\Monitors\HP D911 Status Monitor: C:\Windows\system32\hpinkstsD911LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\108.1.46.153\Installer\chrmstp.exe [2023-01-07] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-01-07]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0042CF89-E552-4D1A-9568-6FB026D3E943} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (Keine Datei)
Task: {0301CA73-2A2B-4BBF-BB9F-A1828AC9585D} - System32\Tasks\Opera scheduled assistant Autoupdate 1605300784 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe [2607560 2022-12-20] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Lenovo\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {117A9E60-9CC9-41AA-B50D-175236DB230B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {15445B7E-A7ED-4E80-9A61-C481464EADBE} - System32\Tasks\Intel\Intel® Management and Security Status => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [232536 2020-10-29] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
Task: {18887150-E8EF-4AA0-B5CB-5999CE05300F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-668386076-219626189-2103062149-1013 => C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Keine Datei)
Task: {1AF2BB57-BCA2-4A76-A30F-4263C690D684} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1E4E1654-7857-441E-89C0-F50BF3B11FC0} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1614966476 => C:\Users\Lenovo\AppData\Local\Programs\Opera GX\launcher.exe [2566600 2022-12-20] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Lenovo\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {21C38B8D-B5E6-48F9-A6DE-42382F7CA740} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {29C958B9-6CE7-4141-834A-F18ABD62150E} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-668386076-219626189-2103062149-1001 => C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2022-12-09] (Mega Limited -> )
Task: {31A5B542-D567-4FA7-A934-7007BAEF521F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {34F0740E-4710-451B-B136-55A24EE6769E} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe [170784 2021-02-24] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
Task: {3E27D714-4434-46C7-8685-186F99EDBD9E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-668386076-219626189-2103062149-1028 => C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Keine Datei)
Task: {416C5E5E-D3B5-403F-BDC5-ACD39E489B91} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-668386076-219626189-2103062149-1003 => C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Keine Datei)
Task: {442FB95E-A239-4A3F-BF9D-7AEC252D4651} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-05] (Google LLC -> Google LLC)
Task: {4E705D96-635F-4CD9-B5AE-865C22CD7139} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-668386076-219626189-2103062149-1027 => C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Keine Datei)
Task: {5D46A230-3036-472E-BC52-E1256341D525} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618912 2022-05-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {681857A1-9A7B-4E4E-BA92-C61C704AE57D} - System32\Tasks\Opera GX scheduled Autoupdate 1610120397 => C:\Users\Lenovo\AppData\Local\Programs\Opera GX\launcher.exe [2566600 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {83241393-A73C-4EB9-A570-17C773734C16} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8338D102-EAEA-465F-BEAE-0EF8CB522321} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-05] (Google LLC -> Google LLC)
Task: {83DEEB22-C95A-4CB3-8964-015CDEE85429} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-668386076-219626189-2103062149-1027 => C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Keine Datei)
Task: {83ED8E55-A98D-42FC-B310-2E2775F681C4} - System32\Tasks\VivaldiUpdateCheck-f618af6583e3be72 => C:\Users\Lenovo\AppData\Local\Vivaldi\Application\update_notifier.exe [3426152 2022-12-20] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
Task: {8D1C0EF0-66CA-4FA7-803D-E7B0165DEB4F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-668386076-219626189-2103062149-1013 => C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Keine Datei)
Task: {917BDFC0-7904-4E35-A645-5D528A0DE8F7} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-668386076-219626189-2103062149-1028 => C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Keine Datei)
Task: {95C5060A-6DBB-4F40-A808-9445DCC4D853} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-13] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {97A0AA71-AA3E-443C-827B-2E23994EDF07} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618912 2022-05-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {A5EC9CD0-6F5E-41EE-9875-A40C7C66DC2C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-668386076-219626189-2103062149-1011 => C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Keine Datei)
Task: {C8D3DA3F-FD6A-471B-8C6F-B4907FB33E19} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-13] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {D41B04CE-F46E-4DC2-8536-4543D4704065} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (Keine Datei)
Task: {E03E9E41-ED4E-4916-AE50-4ADC4A62D440} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (Keine Datei)
Task: {E61C7FC0-A623-406D-9790-0BB1C394B5A0} - System32\Tasks\Opera scheduled Autoupdate 1605300782 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe [2607560 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {E7B96A77-7A35-4933-B6AF-6AEE90E776C7} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {F10506BC-D045-499B-8679-6FE2B24ABAAD} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-668386076-219626189-2103062149-1003 => C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Keine Datei)
Task: {FF9854D8-44FC-45FE-8F08-E5B34AE0F758} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 172.16.163.194 172.16.163.196
Tcpip\..\Interfaces\{391202b9-c8de-4832-a3ff-2b35ec8eccda}: [DhcpNameServer] 172.16.163.194 172.16.163.196
Tcpip\..\Interfaces\{6b212f9d-8cd6-42db-b656-c4900cdd9e07}: [DhcpNameServer] 141.60.110.103 141.60.120.105
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-05]
Edge Session Restore: Default -> ist aktiviert.
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 70n0ck8d.default
FF DefaultProfile: xhp31vum.default
FF DefaultProfile: ozlh1ds5.default
FF DefaultProfile: 7srzylzz.default
FF DefaultProfile: 42jrbgav.default
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Waterfox\Profiles\70n0ck8d.default [2021-02-21]
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Waterfox\Profiles\hph8518u.68-edition-default [2023-01-08]
FF Session Restore: Waterfox\Profiles\hph8518u.68-edition-default -> ist aktiviert.
FF Extension: (FoxyTab) - C:\Users\Lenovo\AppData\Roaming\Waterfox\Profiles\hph8518u.68-edition-default\Extensions\foxytab@eros.man.xpi [2021-02-21]
FF Extension: (uBlock Origin) - C:\Users\Lenovo\AppData\Roaming\Waterfox\Profiles\hph8518u.68-edition-default\Extensions\uBlock0@raymondhill.net.xpi [2021-06-06]
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\xhp31vum.default [2020-11-05]
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release [2023-01-08]
FF Session Restore: Mozilla\Firefox\Profiles\qdkgddzv.default-release -> ist aktiviert.
FF Extension: (Dark Reader) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release\Extensions\addon@darkreader.org.xpi [2023-01-04]
FF Extension: (Default Bookmark Folder) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release\Extensions\default-bookmark-folder@gustiaux.com.xpi [2022-04-07]
FF Extension: (OneTab) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release\Extensions\extension@one-tab.com.xpi [2022-05-10]
FF Extension: (HTTPS Everywhere) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release\Extensions\https-everywhere@eff.org.xpi [2021-08-01]
FF Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2022-03-02]
FF Extension: (I don't care about cookies) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2022-12-14]
FF Extension: (Bildschirm recorder) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release\Extensions\screen-recorder@freebusinessapps.xpi [2022-03-02]
FF Extension: (WEB.DE MailCheck) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release\Extensions\toolbar@web.de.xpi [2022-11-06]
FF Extension: (uBlock Origin) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-12-26]
FF Extension: (User-Agent Switcher) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release\Extensions\user-agent-switcher@ninetailed.ninja.xpi [2021-05-02]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-12-14]
FF Extension: (focustube) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release\Extensions\{ae4801b4-de43-4cea-8dcd-07155bcc739e}.xpi [2022-06-06]
FF Extension: (Video DownloadHelper) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdkgddzv.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-12-09]
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\ozlh1ds5.default [2022-04-28]
FF Extension: (Dark Moon) - C:\Users\Lenovo\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\ozlh1ds5.default\Extensions\darkmoon@lootyhoof-pm.xpi [2022-04-28] [] [ist nicht signiert]
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\7srzylzz.default [2022-04-05]
FF Session Restore: Moonchild Productions\Basilisk\Profiles\7srzylzz.default -> ist aktiviert.
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\librewolf\Profiles\42jrbgav.default [2022-04-05]
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\librewolf\Profiles\gwps2lzj.default-default [2022-11-06]
FF Homepage: librewolf\Profiles\gwps2lzj.default-default -> hxxps://www.google.de/
FF Session Restore: librewolf\Profiles\gwps2lzj.default-default -> ist aktiviert.
FF Extension: (uBlock Origin) - C:\Users\Lenovo\AppData\Roaming\librewolf\Profiles\gwps2lzj.default-default\Extensions\uBlock0@raymondhill.net.xpi [2022-10-08]
FF Extension: (Bookmark Manager and Viewer) - C:\Users\Lenovo\AppData\Roaming\librewolf\Profiles\gwps2lzj.default-default\Extensions\{beb1b1c0-32b9-47d8-bbd1-f65bed4e7c22}.xpi [2022-04-07]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-668386076-219626189-2103062149-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Lenovo\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-668386076-219626189-2103062149-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Lenovo\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [Keine Datei]
Chrome:
=======
CHR DefaultProfile: Profile 15
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2022-08-04]
CHR NewTab: Default -> Not-active:"chrome-extension://feeleilgbmkkpapllljmclmbeddcdeeh/index.html"
CHR DefaultSearchURL: Default -> hxxps://untap.in/static/untap-44.png
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Night Eye - Dunkel-Modus) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\alncdjedloppbablonallfbkeiknmkdi [2022-08-04]
CHR Extension: (JSON Formatter) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjindcccaagfpapjjmafapmmgkkhgoa [2022-06-06]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2022-05-07]
CHR Extension: (Nimbus Screenshot & Bildschirm-Videorecorder) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2022-08-04]
CHR Extension: (OneTab) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2022-06-09]
CHR Extension: (uBlock Origin) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-08-04]
CHR Extension: (Page Screenshot) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmfafpdndfffjajdeighkfliamddbjfk [2021-03-15]
CHR Extension: (Dark Reader) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2022-08-04]
CHR Extension: (BNTP: Bookmarks in New Tab Page) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeleilgbmkkpapllljmclmbeddcdeeh [2020-11-08]
CHR Extension: (HTTPS Everywhere) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-06-09]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-04]
CHR Extension: (ScriptBlock) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcdjknjpbnhdoabbngpmfekaecnpajba [2021-02-27]
CHR Extension: (Screen Recorder - Bildschirm recorder) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniebljpgcogalllopnjokppmgbhaden [2021-05-24]
CHR Extension: (Untap.in) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjcnefmgapeolgapcdogfeehcgajoec [2021-03-28]
CHR Extension: (SaveFrom.net Helfer) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfedlgnabjompjngkpddclhgcmeklana [2020-12-27]
CHR Extension: (Nehmen Sie vollständige Webseiten auf - FireShot) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2022-08-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Bitwarden - Kostenloser Passwortmanager) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2022-08-04]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-12-18]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-06-09]
CHR Session Restore: Profile 1 -> ist aktiviert.
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-06]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-12]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 15 [2023-01-07]
CHR Session Restore: Profile 15 -> ist aktiviert.
CHR Extension: (I don't care about cookies) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-12-31]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-31]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-10]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 18 [2022-12-31]
CHR Session Restore: Profile 18 -> ist aktiviert.
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-18]
CHR Extension: (Screen Recorder - Bildschirm recorder) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\hniebljpgcogalllopnjokppmgbhaden [2022-12-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-18]
CHR Extension: (Helium 10) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\njmehopjdpcckochcggncklnlmikcbnb [2022-12-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-18]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-12-31]
CHR Session Restore: Profile 2 -> ist aktiviert.
CHR Extension: (OneTab) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2022-11-23]
CHR Extension: (uBlock Origin) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-11-23]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-11-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-17]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-02-13]
CHR Session Restore: Profile 3 -> ist aktiviert.
CHR Extension: (Präsentationen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-12]
CHR Extension: (Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-12]
CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-12]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-12]
CHR Extension: (Tabellen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-12]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-11]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-12]
CHR Extension: (Google Mail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-12]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-04-25]
CHR Session Restore: Profile 4 -> ist aktiviert.
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-13]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-02-11]
CHR Session Restore: Profile 5 -> ist aktiviert.
CHR Extension: (Präsentationen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-19]
CHR Extension: (Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-19]
CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-19]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-19]
CHR Extension: (Tabellen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-19]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-19]
CHR Extension: (Google Mail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-19]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-12-07]
CHR Session Restore: Profile 6 -> ist aktiviert.
CHR Extension: (OneTab) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2022-05-17]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-07]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-11-17]
CHR Extension: (Loom – Screen Recorder & Screen Capture) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2022-11-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-21]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 7 [2022-03-03]
CHR Session Restore: Profile 7 -> ist aktiviert.
CHR Extension: (Präsentationen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-23]
CHR Extension: (Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-23]
CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-23]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-23]
CHR Extension: (Tabellen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-23]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-03-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-23]
CHR Extension: (Google Mail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-23]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 8 [2022-12-31]
CHR Notifications: Profile 8 -> hxxps://meet.google.com
CHR Session Restore: Profile 8 -> ist aktiviert.
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-31]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-10]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\System Profile [2022-12-31]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable [2023-01-08]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-25]
OPR Extension: (Opera Wallet) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-25]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-04]
StartMenuInternet: (HKU\S-1-5-21-668386076-219626189-2103062149-1001) Opera GXStable - "C:\Users\Lenovo\AppData\Local\Programs\Opera GX\Launcher.exe"
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-04-28]
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (OneTab) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2020-12-13]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-12-13]
BRA Profile: C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1 [2020-12-13]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-12-13]
BRA Profile: C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\System Profile [2020-12-13]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-04-04]
BRA Extension: (Brave NTP background images) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-01-19]
BRA Extension: (Brave Ads Resources) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\bbefpembgddgdihpkcidgdgiojjlchji [2022-01-19]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-01-19]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-04-04]
BRA Extension: (Brave User Model Installer) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\eclclcmhpefndfimkgjknaenojpdffjp [2020-12-13]
BRA Extension: (Brave Ad Block Updater (EasyList Germany)) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\faknfgalcghekhfggcdikddilkpjbonh [2022-04-04]
BRA Extension: (Brave Ads Resources) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\jcncoheihebhhiemmbmpfhkceomfipbj [2022-01-19]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-04-04]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2022-04-04]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Lenovo\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-04-04]
Vivaldi:
=======
VIV Profile: C:\Users\Lenovo\AppData\Local\Vivaldi\User Data\Default [2022-05-17]
VIV Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Local\Vivaldi\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-05-17]
VIV Profile: C:\Users\Lenovo\AppData\Local\Vivaldi\User Data\System Profile [2020-12-13]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 BitBoxService; C:\Program Files (x86)\1Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2018-11-14] (Sirrix AG) [Datei ist nicht signiert]
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-13] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-13] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 BTErgoMouseNotificationService; C:\Windows\system32\BTErgoMouseNotificationService.exe [1059144 2020-12-15] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-30] (HP Inc. -> HP Inc.)
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8892256 2022-12-24] (Malwarebytes Inc. -> Malwarebytes)
R2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [178456 2021-02-24] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SwiService; C:\Windows\Sierra Wireless Inc\bin\SwiService.exe [1801720 2020-08-18] (Sierra Wireless, Inc -> Sierra Wireless, Inc.)
S2 SynaHlp; C:\Windows\System32\SynaHelperService.exe [254920 2022-01-18] (Synaptics Incorporated -> Synaptics Incorporated.)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\TPHKLOAD.exe [465200 2020-12-28] (Lenovo -> Lenovo Group Limited)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746728 2021-07-28] (Oracle Corporation -> Oracle Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\108.1.46.153\elevation_service.exe" [X]
S2 Lenovo Instant On; "C:\Windows\SysWOW64\Lenovo\PowerMgr\EasyResume.exe" [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-04-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsldfd06a82; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{76C5AD28-B2F0-4F34-A8CB-3D93561E63FF}\MpKslDrv.sys [214280 2023-01-08] (Microsoft Windows -> Microsoft Corporation)
R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R3 swmbbser01; C:\Windows\system32\DRIVERS\swmbbser01.sys [297176 2020-08-18] (Sierra Wireless, Inc -> Sierra Wireless Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239664 2021-07-28] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249568 2021-07-28] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2022-12-17] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473376 2022-12-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-17] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-01-08 16:27 - 2023-01-08 16:27 - 000000000 ____D C:\Program Files\Webex
2023-01-08 16:17 - 2023-01-08 16:49 - 000000000 ____D C:\FRST
2023-01-08 15:48 - 2023-01-08 15:52 - 000000000 ____D C:\AdwCleaner
2023-01-08 15:40 - 2023-01-08 15:40 - 000000000 ____D C:\Users\browser\AppData\Local\D3DSCache
2023-01-08 15:33 - 2023-01-08 15:33 - 000002387 _____ C:\Users\browser\Desktop\Brave.lnk
2023-01-08 15:33 - 2023-01-08 15:33 - 000002346 _____ C:\Users\browser\Desktop\Microsoft Edge.lnk
2023-01-08 15:33 - 2023-01-08 15:33 - 000002270 _____ C:\Users\browser\Desktop\Google Chrome.lnk
2023-01-08 15:33 - 2023-01-08 15:33 - 000000000 ____D C:\Users\browser\AppData\Local\Publishers
2023-01-08 15:33 - 2023-01-08 15:33 - 000000000 ____D C:\Users\browser\AppData\Local\Lenovo
2023-01-08 15:33 - 2023-01-08 15:33 - 000000000 ____D C:\Users\browser\AppData\Local\BraveSoftware
2023-01-08 15:32 - 2023-01-08 15:40 - 000000000 ____D C:\Users\browser\AppData\Local\Packages
2023-01-08 15:32 - 2023-01-08 15:33 - 000000000 ____D C:\Users\browser\AppData\Local\ConnectedDevicesPlatform
2023-01-08 15:32 - 2023-01-08 15:32 - 000000020 ___SH C:\Users\browser\ntuser.ini
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 _SHDL C:\Users\browser\Vorlagen
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 _SHDL C:\Users\browser\Startmenü
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 _SHDL C:\Users\browser\Netzwerkumgebung
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 _SHDL C:\Users\browser\Lokale Einstellungen
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 _SHDL C:\Users\browser\Eigene Dateien
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 _SHDL C:\Users\browser\Druckumgebung
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 _SHDL C:\Users\browser\Documents\Eigene Videos
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 _SHDL C:\Users\browser\Documents\Eigene Musik
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 _SHDL C:\Users\browser\Documents\Eigene Bilder
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 _SHDL C:\Users\browser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 _SHDL C:\Users\browser\AppData\Local\Verlauf
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 _SHDL C:\Users\browser\AppData\Local\Anwendungsdaten
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 _SHDL C:\Users\browser\Anwendungsdaten
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 __SHD C:\Users\browser\IntelGraphicsProfiles
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 ___RD C:\Users\browser\3D Objects
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 ____D C:\Users\browser\AppData\Roaming\Adobe
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 ____D C:\Users\browser\AppData\LocalLow\Intel
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 ____D C:\Users\browser\AppData\Local\VirtualStore
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 ____D C:\Users\browser\AppData\Local\Google
2023-01-08 15:32 - 2023-01-08 15:32 - 000000000 ____D C:\Users\browser
2023-01-08 00:52 - 2023-01-08 00:52 - 000000000 ____D C:\Users\Lenovo\AppData\Local\FreeYouTubeToMP3Converter
2023-01-06 16:56 - 2023-01-06 16:56 - 000001471 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2023-01-06 16:56 - 2023-01-06 16:56 - 000001408 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2023-01-06 16:56 - 2023-01-06 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2023-01-06 16:56 - 2023-01-06 16:56 - 000000000 ____D C:\Program Files (x86)\DVDVideoSoft
2023-01-06 16:53 - 2023-01-06 16:59 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\DVDVideoSoft
2023-01-06 16:52 - 2023-01-06 16:53 - 073723360 _____ (Digital Wave Ltd ) C:\Users\Lenovo\Downloads\FreeYouTubeToMP3Converter_4.3.84.1226_d_6ba5e009-82ae-4aab-95a0-ae382bf8e34a.exe
2023-01-06 15:59 - 2023-01-06 16:06 - 000000000 ____D C:\Users\Lenovo\Documents\adulteducation
2023-01-05 17:18 - 2023-01-08 16:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-25 22:46 - 2022-12-25 22:46 - 007431534 _____ C:\Users\Lenovo\Downloads\When the Zyzz Music Kicks In.mp4
2022-12-23 17:33 - 2022-12-23 17:33 - 000000000 ____D C:\Users\Lenovo\Documents\weltraum
2022-12-19 17:53 - 2022-12-19 17:53 - 122235197 _____ C:\Users\Lenovo\Downloads\DON'T DO THIS IN THE GYM Hilarious Gym Fails With Eddie Hall.mp4
2022-12-18 16:17 - 2022-12-18 16:17 - 001840248 _____ (Movavi) C:\Users\Lenovo\Downloads\MovaviScreenRecorderSetupF_W8kwkbo_.exe
2022-12-18 16:09 - 2023-01-05 17:55 - 000000000 ____D C:\Program Files\Common Files\WebM Project
2022-12-18 16:09 - 2022-12-18 16:37 - 000000000 ____D C:\Program Files (x86)\Icecream Screen Recorder 7
2022-12-18 16:09 - 2022-12-18 16:09 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Icecream
2022-12-18 16:09 - 2022-12-18 16:09 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashRpt
2022-12-18 16:09 - 2022-12-18 16:09 - 000000000 ____D C:\Users\Lenovo\.Icecream Screen Recorder
2022-12-18 16:07 - 2022-12-18 16:08 - 029235168 _____ (Icecream Apps ) C:\Users\Lenovo\Downloads\screen_recorder_setup.exe
2022-12-18 16:04 - 2022-12-18 16:04 - 001840248 _____ (Movavi) C:\Users\Lenovo\Downloads\MovaviScreenRecorderSetupF_Wt8a6pa_.exe
2022-12-17 19:17 - 2022-12-17 19:18 - 563603638 _____ C:\Users\Lenovo\Downloads\otis klöber,inx_superzyklus_info_webinar_2022_06_17 (1080p).mp4
2022-12-17 18:30 - 2022-12-17 18:30 - 000000000 ___HD C:\$WinREAgent
2022-12-13 19:28 - 2023-01-08 16:28 - 000000000 ____D C:\Users\Lenovo\AppData\Local\WebEx
2022-12-12 19:07 - 2022-12-12 19:08 - 000000000 ____D C:\Users\Lenovo\.cache
2022-12-12 19:05 - 2023-01-08 16:31 - 000000000 ____D C:\Program Files (x86)\Digiarty
2022-12-12 19:05 - 2022-12-12 19:10 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\WinX YouTube Downloader
2022-12-12 19:05 - 2022-12-12 19:05 - 000000000 ____D C:\Users\Lenovo\Documents\WinX YouTube Downloader
2022-12-12 19:04 - 2022-12-12 19:05 - 000000000 ____D C:\Users\Lenovo\Documents\softwares
2022-12-12 19:04 - 2022-12-12 19:04 - 035688112 _____ (Digiarty, Inc.) C:\Users\Lenovo\Downloads\winx-youtube-downloader-5-7-0-0.exe
2022-12-12 19:01 - 2022-12-12 19:01 - 000870160 _____ (Open Media LLC) C:\Users\Lenovo\Downloads\4kvideodownloader_4.22.2_x64_online.exe
2022-12-09 17:08 - 2022-12-09 17:08 - 000000000 _____ C:\Users\Lenovo\Downloads\i0yAoO4u.htm
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-01-08 16:48 - 2022-02-11 14:46 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-08 16:48 - 2020-11-05 19:27 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-08 16:47 - 2020-12-07 22:23 - 000000000 ____D C:\benutzerdaten
2023-01-08 16:47 - 2020-11-05 19:34 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2023-01-08 16:47 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-08 16:46 - 2020-11-06 19:15 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2023-01-08 16:46 - 2020-09-17 19:09 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2023-01-08 16:46 - 2020-09-17 19:09 - 000000000 ____D C:\Intel
2023-01-08 16:46 - 2020-09-17 17:48 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-01-08 16:46 - 2020-09-17 17:47 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-08 16:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-01-08 16:46 - 2019-12-07 10:03 - 001572864 _____ C:\Windows\system32\config\BBI
2023-01-08 16:43 - 2021-05-02 13:30 - 000000000 ____D C:\Program Files\paint.net
2023-01-08 16:36 - 2020-11-05 21:07 - 000000000 ____D C:\ProgramData\VirtualBox
2023-01-08 15:52 - 2022-10-21 10:22 - 000000000 ____D C:\Program Files (x86)\Lenovo
2023-01-08 15:52 - 2020-11-08 20:12 - 000000000 ____D C:\Program Files\Lenovo
2023-01-08 15:52 - 2020-09-17 19:12 - 000000000 ____D C:\Windows\SysWOW64\Lenovo
2023-01-08 15:52 - 2020-09-17 19:12 - 000000000 ____D C:\Windows\system32\Lenovo
2023-01-08 15:52 - 2020-09-17 19:12 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Lenovo
2023-01-08 15:51 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-01-08 15:33 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-01-08 15:32 - 2020-09-17 17:58 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-01-08 15:30 - 2021-02-21 00:22 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Waterfox
2023-01-08 01:59 - 2020-09-17 17:48 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-01-07 23:23 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-07 23:20 - 2022-12-02 13:32 - 000000000 ____D C:\Users\Lenovo\AppData\Local\ElevatedDiagnostics
2023-01-07 22:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-01-07 22:18 - 2022-01-07 16:11 - 000000000 ___RD C:\Users\Lenovo\Documents\MEGAsync
2023-01-07 21:55 - 2020-12-13 01:34 - 000002356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-01-07 16:52 - 2020-09-17 17:50 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-06 16:37 - 2020-09-17 17:50 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-06 16:37 - 2020-09-17 17:50 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-05 18:19 - 2020-09-17 17:54 - 001722792 _____ C:\Windows\system32\PerfStringBackup.INI
2023-01-05 18:19 - 2019-12-07 15:51 - 000744968 _____ C:\Windows\system32\perfh007.dat
2023-01-05 18:19 - 2019-12-07 15:51 - 000150354 _____ C:\Windows\system32\perfc007.dat
2023-01-05 18:19 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-01-05 17:55 - 2020-11-05 19:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-01-05 17:28 - 2021-07-26 15:41 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-01-05 17:28 - 2020-11-05 19:34 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-01-05 17:13 - 2021-12-30 15:26 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\WhatsApp
2022-12-31 22:53 - 2021-03-20 20:01 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Battle.net
2022-12-31 22:52 - 2021-03-31 20:23 - 000000000 ____D C:\Program Files (x86)\Warcraft III
2022-12-25 01:14 - 2021-12-19 20:02 - 000000860 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\characterdesign.lnk
2022-12-24 20:20 - 2021-03-20 20:01 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-12-24 14:04 - 2021-05-29 21:24 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Telegram Desktop
2022-12-23 13:48 - 2020-11-13 21:53 - 000004158 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1605300782
2022-12-23 13:48 - 2020-11-13 21:53 - 000001408 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2022-12-22 17:58 - 2021-01-08 16:40 - 000004170 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1610120397
2022-12-22 17:58 - 2021-01-08 16:39 - 000001437 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2022-12-20 21:04 - 2022-12-07 14:44 - 000000183 _____ C:\Users\Lenovo\Desktop\router.txt
2022-12-20 21:04 - 2020-11-08 21:13 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
2022-12-20 19:59 - 2020-12-03 23:32 - 000002382 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2022-12-20 19:59 - 2020-12-03 23:32 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Vivaldi
2022-12-20 19:09 - 2020-11-13 21:53 - 000004392 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1605300784
2022-12-18 16:35 - 2021-02-17 20:39 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\vlc
2022-12-18 16:09 - 2020-09-17 17:57 - 000000000 ____D C:\Users\Lenovo
2022-12-17 20:44 - 2020-09-17 17:47 - 000630072 _____ C:\Windows\system32\FNTCACHE.DAT
2022-12-17 20:43 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemApps
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-12-17 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-17 18:45 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-12-17 18:40 - 2020-09-17 17:51 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-12-17 18:29 - 2020-11-05 19:34 - 000000000 ____D C:\Windows\system32\MRT
2022-12-17 17:48 - 2020-11-05 19:34 - 148633544 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-12-17 17:47 - 2020-09-17 17:48 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-12-16 18:20 - 2021-12-30 15:26 - 000000000 ____D C:\Users\Lenovo\AppData\Local\WhatsApp
2022-12-16 16:43 - 2021-02-21 19:36 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\discord
2022-12-16 16:43 - 2021-02-21 19:36 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Discord
2022-12-16 11:53 - 2020-11-05 19:27 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-09 15:42 - 2022-01-07 16:10 - 000000000 ____D C:\Users\Lenovo\AppData\Local\MEGAsync
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-01-02 14:16 - 2021-01-02 14:32 - 000000078 _____ () C:\Users\Lenovo\AppData\Roaming\.flutter
2021-01-02 14:15 - 2021-01-02 14:16 - 000000060 _____ () C:\Users\Lenovo\AppData\Roaming\.flutter_tool_state
2022-03-13 00:07 - 2022-03-13 00:07 - 000000218 _____ () C:\Users\Lenovo\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu Benutzer-OOBE erstellt einen erhöhten Objekt Server |
| administrator, adobe, bildschirm, defender, desktop, firefox, format, google, homepage, internet, internet explorer, logfile, mozilla, opera, prozesse, realtek, registry, scan, security, server, services.exe, svchost.exe, system, updates, windows |
Baum-Darstellung