| |
| |||||||
Log-Analyse und Auswertung: Windows 10: Powershell-Trojaner wird nie restlos entferntWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
09.09.2023, 13:02
| #1 |
| |  Windows 10: Powershell-Trojaner wird nie restlos entfernt Guten Tag, Nach Anmeldung wird ein leeres Powershell-Fenster geöffnet. Dies wird dann zügig von Avast One blockiert. Es kommen meist zwei Meldungen: "Wir haben Powershell.exe:PE blockiert, da es mit Win32:MalwareX-gen [Trj] infiziert war" Daraufhin schicke ich den Trojaner jedes mal aufs Neue in die Quarantäne. Zweite Meldung kommt, ohne Ausnahme, bei jedem Start-Up: "Wir haben powershell.exe blockiert, da es mit IDP.AMSI.38 Befehlszeilenerkennung infiziert war." Habe mit Avast und Malwarebytes gescannt und nichts gefunden. Außerdem füge ich noch einen MSERT Log ganz unten ein. Ich muss die Logs aufteilen. Vielen Dank für die Hilfe schon mal! FSRT-Log: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-09-2023
durchgeführt von Jonas (Administrator) auf DESKTOP-2GOE7L1 (09-09-2023 13:12:56)
Gestartet von C:\Users\Jonas\Downloads\Problembehandlung\FRST64.exe
Geladene Profile: Jonas
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3393 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(D:\Games\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(Discord Inc. -> Discord Inc.) C:\Users\Jonas\AppData\Local\Discord\app-1.0.9017\Discord.exe <6>
(DriverStore\FileRepository\u0395045.inf_amd64_cb9a543331727801\B394905\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0395045.inf_amd64_cb9a543331727801\B394905\atieclxx.exe
(explorer.exe ->) (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.) C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Games\Steam\steam.exe
(explorer.exe ->) (Voyetra Turtle Beach, Inc. -> ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0395045.inf_amd64_cb9a543331727801\B394905\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(services.exe ->) (Focusrite Audio Engineering Ltd.) [Datei ist nicht signiert] C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2305.4.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Voyetra Turtle Beach, Inc. -> ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_dev_service.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [352712 2020-05-07] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe [767552 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [256408 2023-08-28] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-06-11] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-2064130578-1377530923-905107086-1001\...\Run: [Steam] => D:\Games\Steam\steam.exe [4374376 2023-07-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2064130578-1377530923-905107086-1001\...\Run: [Discord] => C:\Users\Jonas\AppData\Local\Discord\Update.exe [1512040 2021-03-18] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2064130578-1377530923-905107086-1001\...\Run: [EpicGamesLauncher] => D:\Games\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37050832 2023-07-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2064130578-1377530923-905107086-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Jonas\AppData\Local\WebEx\WebexHost.exe [8040032 2023-02-22] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-2064130578-1377530923-905107086-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3562248 2023-07-25] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2064130578-1377530923-905107086-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [1649768 2023-03-31] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3562248 2023-07-25] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\Canon TS5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFO.DLL [529408 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5300 series: C:\WINDOWS\SYSTEM32\CNMLMFO.DLL [959488 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\116.0.5845.180\Installer\chrmstp.exe [2023-09-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ASUS\Bluetooth Software\BtwCP.dll [2012-12-30] (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2020-12-03]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ASUS\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm Monitor.lnk [2021-11-28]
ShortcutTarget: ROCCAT Swarm Monitor.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (Voyetra Turtle Beach, Inc. -> ROCCAT)
Startup: C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2020-03-03]
ShortcutTarget: Telegram.lnk -> C:\Users\Jonas\Downloads\tportable.1.9.3\Telegram\Telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {BEF17CDC-26C3-4893-84F7-B6C4ECB7D511} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [665848 2019-06-27] (Advanced Micro Devices INC. -> )
Task: {9AB30319-1735-4781-903A-D1CE980041CA} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-08-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {7B822609-9ED5-4316-A235-8293A6B0DA5F} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-08-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {A86579E0-2F0B-4862-A849-5A419107C76C} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183736 2023-08-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {94FC109B-0D5C-4BDB-9F5C-AFCE110C2EE7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4947352 2023-08-28] (Avast Software s.r.o. -> AVAST Software)
Task: {75EA772B-288C-4649-84C9-1BC10A6B8983} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1294744 2023-09-07] (Avast Software s.r.o. -> AVAST Software)
Task: {667A209F-9F34-4ED7-A02E-207A2B54CFA1} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4758936 2023-08-28] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (Der Dateneintrag hat 70 mehr Zeichen).
Task: {72A679E6-26AC-4D25-9361-7A08A5CB83A7} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7212952 2023-07-18] (Avast Software s.r.o. -> Avast Software)
Task: {188E0D15-3D18-4028-9BCB-87744ABB64B2} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4758936 2023-08-28] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (Der Dateneintrag hat 99 mehr Zeichen).
Task: {E7856239-9C24-4351-BE68-D73D43C5CB48} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7212952 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {6886AECA-63F6-48A8-BBC0-56E1B4F35CE9} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4762520 2023-09-07] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (Der Dateneintrag hat 80 mehr Zeichen).
Task: {754409C7-FD47-4890-A076-88836C99E530} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-08-25] (Avast Software s.r.o. -> Avast Software)
Task: {9B23F750-828F-4B82-9D2D-CB00995CAAFD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-28] (Avast Software s.r.o. -> Avast Software)
Task: {ABF041AE-85AC-466D-9310-566518273FE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-31] (Google Inc -> Google LLC)
Task: {3747995A-EDB3-4FD0-A957-5A52D24D02C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-31] (Google Inc -> Google LLC)
Task: {ABCD6E78-202D-4760-AFF7-6CED5A9DB7AA} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-08-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {F1A547D1-A228-49C4-A63F-F6B753BA28F0} - System32\Tasks\OneDrive Reporting Task-182071600548 => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [486400 2023-08-23] (Microsoft Windows -> Microsoft Corporation) -> -WindowStyle Hidden -Command "& C:\Windows\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe C:\Users\Jonas\.steam\steam_182071600548.csproj /t:182071600548" <==== ACHTUNG
Task: {2A2C705A-FDE8-4000-8D0F-AC96DA574D9B} - System32\Tasks\ROCCAT DEVICE SERVICE => C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_dev_service.exe [459672 2023-08-29] (Voyetra Turtle Beach, Inc. -> ROCCAT)
Task: {AD8F8F1F-2469-49BA-84DD-25814B12DCB3} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60344 2023-08-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {768038BE-85EF-463A-B034-EA016823DC01} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324024 2023-08-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8ee46960-f9e6-409e-a1f7-ecf340108a54}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge Notifications: HKU\S-1-5-21-2064130578-1377530923-905107086-1001 -> hxxps://aternos.org
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\Jonas\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-07]
Edge HomePage: Default -> hxxp://www.google.com
Edge Extension: (Edge relevant text changes) - C:\Users\Jonas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-08]
Edge Extension: (AdGuard Werbeblocker) - C:\Users\Jonas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2023-08-08]
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default [2023-09-09]
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.youtube.com/user/PietSmittie/videos"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (BetterTTV) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-07-26]
CHR Extension: (AdGuard Werbeblocker) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2023-07-21]
CHR Extension: (DuckDuckGo) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2023-09-06]
CHR Extension: (Watch2Gether) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2023-06-20]
CHR Extension: (Dark Reader) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-08-13]
CHR Extension: (Auto HD/4k/8k für YouTube™ - YouTube™ Auto HD) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjdmkanbdloodhegphphhklnjfngoffa [2020-12-11]
CHR Extension: (Google Docs Offline) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8904088 2023-08-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [587672 2023-08-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2104216 2023-08-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [588184 2023-08-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-08-28] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2022-11-24] (BattlEye Innovations e.K. -> )
S4 btwdins; C:\Program Files\ASUS\Bluetooth Software\btwdins.exe [960368 2012-12-30] (Broadcom Corporation -> Broadcom Corporation.)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [17765272 2023-08-28] (Avast Software s.r.o. -> AVAST Software)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-06-11] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [56872 2020-06-11] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [9697688 2023-08-28] (Avast Software s.r.o. -> AVAST Software)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [10456168 2023-03-31] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-08-19] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-08-19] (Epic Games Inc. -> Epic Games, Inc.)
R2 Focusrite Control Server; C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [1449472 2022-05-26] (Focusrite Audio Engineering Ltd.) [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [446360 2022-04-27] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287960 2023-09-09] (Malwarebytes Inc. -> Malwarebytes)
S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.1.1\ProtonVPNService.exe [472168 2023-08-23] (Proton Technologies AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.1.1\ProtonVPN.WireGuardService.exe [471656 2023-08-23] (Proton Technologies AG -> ProtonVPN)
S2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2121640 2023-07-12] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [510896 2023-07-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [297736 2023-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2023-05-17] (Razer USA Ltd. -> Razer Inc.)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [11017624 2023-09-07] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-08-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9854248 2020-05-07] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25584 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [27256 2022-01-27] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R2 AMDRyzenMasterDriverV20; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [48328 2023-08-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys [113088 2023-04-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0395045.inf_amd64_cb9a543331727801\B394905\amdkmdag.sys [99745312 2023-08-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238496 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [392880 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297880 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-08-28] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [272576 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559184 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [946160 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [705480 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212680 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319568 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [76568 2023-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 aswWireGuard; C:\WINDOWS\System32\drivers\aswWireguard.sys [184544 2023-08-28] (Avast Software s.r.o. -> Avast Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 FocusritePCIeSwRoot; C:\WINDOWS\System32\drivers\FocusritePCIeSwRoot.sys [105192 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsb; C:\WINDOWS\System32\drivers\FocusriteUsb.sys [197280 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbAudio; C:\WINDOWS\System32\drivers\FocusriteUsbAudio.sys [97952 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbMidi; C:\WINDOWS\System32\drivers\FocusriteUsbMidi.sys [53392 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbSwRoot; C:\WINDOWS\System32\drivers\FocusriteUsbSwRoot.sys [110864 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-09-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2023-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2023-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181984 2023-09-09] (Malwarebytes Inc. -> Malwarebytes)
S3 MpKsla26f2ce3; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [137464 2022-06-15] (Microsoft Windows -> Microsoft Corporation)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.1.1\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0084; C:\WINDOWS\System32\drivers\RzDev_0084.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [3347920 2020-05-07] (Riot Games, Inc. -> Riot Games, Inc.)
R3 VirtualHID; C:\WINDOWS\System32\drivers\VirtualHID.sys [26768 2020-10-26] (Voyetra Turtle Beach, Inc. -> TurtleBeach)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55704 2023-08-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [572656 2023-08-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-09] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2023-05-20] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-07-23] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-09-09 13:12 - 2023-09-09 13:12 - 000000000 ___HD C:\avast! sandbox
2023-09-09 12:48 - 2023-09-09 12:48 - 000181984 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-09-09 12:40 - 2023-09-09 13:12 - 000000000 ____D C:\Users\Jonas\Downloads\Problembehandlung
2023-09-09 12:19 - 2023-09-09 13:13 - 000000000 ____D C:\FRST
2023-09-09 11:54 - 2023-09-09 12:11 - 000385238 _____ C:\WINDOWS\ntbtlog.txt
2023-09-09 11:54 - 2023-09-09 11:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2023-09-08 15:59 - 2023-09-08 16:02 - 000000128 _____ C:\Users\Jonas\AppData\Local\Support.ini
2023-09-08 15:59 - 2023-09-08 15:59 - 000000000 ____D C:\Users\Jonas\AppData\Local\AvastSupport
2023-09-07 13:34 - 2023-08-28 12:17 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-09-07 13:09 - 2023-09-09 12:12 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2023-09-07 12:26 - 2023-09-07 12:26 - 000002208 _____ C:\Users\Jonas\Desktop\Malwarebytes scan 1.txt
2023-09-07 12:22 - 2023-09-09 12:49 - 000000000 ____D C:\Users\Jonas\AppData\Local\Malwarebytes
2023-09-07 12:22 - 2023-09-07 12:22 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-09-07 12:22 - 2023-09-07 12:22 - 000000000 ____D C:\Users\Jonas\AppData\Local\mbam
2023-09-07 12:22 - 2023-09-07 12:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-07 12:22 - 2023-09-07 12:22 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-04 18:38 - 2023-09-04 18:38 - 000268896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-04 18:38 - 2023-09-04 18:38 - 000000000 ____D C:\WINDOWS\Panther
2023-08-28 16:12 - 2023-08-28 16:12 - 000000000 ____D C:\Users\Jonas\AppData\Local\Backup
2023-08-28 12:51 - 2023-08-28 12:51 - 000000000 ___HD C:\$AV_ASW
2023-08-28 12:26 - 2023-09-09 12:12 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2023-08-28 12:26 - 2023-08-28 12:26 - 000003484 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2023-08-28 12:26 - 2023-08-28 12:26 - 000002620 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2023-08-28 12:26 - 2023-08-28 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2023-08-28 12:26 - 2023-08-28 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2023-08-28 12:25 - 2023-08-28 12:26 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2023-08-28 12:23 - 2023-08-19 08:11 - 000832952 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-08-28 12:23 - 2023-08-19 08:11 - 000832952 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-08-28 12:23 - 2023-08-19 08:11 - 000721336 _____ C:\WINDOWS\system32\hiprt0200064.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000715296 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-08-28 12:23 - 2023-08-19 08:11 - 000715296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-08-28 12:23 - 2023-08-19 08:11 - 000668696 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000668696 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000653240 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000653240 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000596512 _____ C:\WINDOWS\system32\GameManager64.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000539168 _____ C:\WINDOWS\system32\libsmi_guest.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000532000 _____ C:\WINDOWS\system32\libsmi_host.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000492576 _____ C:\WINDOWS\system32\EEURestart.exe
2023-08-28 12:23 - 2023-08-19 08:11 - 000217120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000197152 _____ C:\WINDOWS\system32\mantle64.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000186400 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000176160 _____ C:\WINDOWS\system32\mantleaxl64.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000174008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000153632 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000137760 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2023-08-28 12:23 - 2023-08-19 08:11 - 000137248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 011746816 _____ C:\WINDOWS\system32\amdsmi.exe
2023-08-28 12:23 - 2023-08-19 08:10 - 002176440 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 001592864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 001592864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 001305120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 001029664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 000949792 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2023-08-28 12:23 - 2023-08-19 08:10 - 000933816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 000761376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 000558616 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 000525856 _____ C:\WINDOWS\system32\atieah64.exe
2023-08-28 12:23 - 2023-08-19 08:10 - 000463392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 000394784 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2023-08-28 12:23 - 2023-08-19 08:10 - 000256544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 000200528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 000163424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 000128544 _____ C:\WINDOWS\system32\amdxc64.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 000103968 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2023-08-28 12:23 - 2023-08-19 08:10 - 000065056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 105775136 _____ C:\WINDOWS\system32\amd_comgr.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 089135648 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 016633888 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 004375584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 004180000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 001701144 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 001378456 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000791584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000668704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000553392 _____ C:\WINDOWS\system32\amdmiracast.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000532512 _____ C:\WINDOWS\system32\dgtrayicon.exe
2023-08-28 12:23 - 2023-08-19 08:09 - 000514592 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000461344 _____ C:\WINDOWS\system32\amdlogum.exe
2023-08-28 12:23 - 2023-08-19 08:09 - 000422432 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000379936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000351264 _____ C:\WINDOWS\system32\clinfo.exe
2023-08-28 12:23 - 2023-08-19 08:09 - 000166944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000156080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000156080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000145656 _____ C:\WINDOWS\system32\atidxx64.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000135712 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000125840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000125840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000119064 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000041504 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2023-08-28 12:23 - 2023-08-19 08:09 - 000038432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2023-08-28 12:23 - 2023-08-19 08:08 - 000165928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2023-08-28 12:23 - 2023-08-19 08:08 - 000140360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2023-08-28 12:23 - 2023-08-19 07:18 - 103988216 _____ C:\WINDOWS\system32\amdxc64.so
2023-08-28 12:19 - 2023-08-28 12:19 - 000000000 ____D C:\Users\Jonas\AppData\Local\Avast Software
2023-08-28 12:18 - 2023-09-07 13:35 - 000002078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast One.lnk
2023-08-28 12:18 - 2023-09-07 13:35 - 000002066 _____ C:\Users\Public\Desktop\Avast One.lnk
2023-08-28 12:18 - 2023-08-28 12:18 - 000000000 ____D C:\Users\Jonas\AppData\Roaming\Avast Software
2023-08-28 12:17 - 2023-09-09 12:12 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-08-28 12:17 - 2023-09-07 13:34 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-08-28 12:17 - 2023-08-28 12:17 - 000184544 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswWireguard.sys
2023-08-28 12:17 - 2023-08-28 12:17 - 000040344 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2023-08-28 12:17 - 2023-08-28 12:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-08-28 12:17 - 2023-08-28 12:17 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-08-28 12:17 - 2023-08-28 12:17 - 000000000 ____D C:\Program Files\Avast Software
2023-08-28 12:15 - 2023-08-28 12:16 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2023-08-28 12:14 - 2023-09-09 12:12 - 000000000 ____D C:\ProgramData\Avast Software
2023-08-28 10:41 - 2023-09-09 12:11 - 107216896 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-08-28 10:37 - 2023-08-28 10:41 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-08-27 16:42 - 2023-08-27 16:42 - 000647440 _____ C:\Users\Jonas\AppData\Roaming\ProfessionalSingleLanguage.dat
2023-08-27 16:42 - 2023-08-27 16:42 - 000003668 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-182071600548
2023-08-27 16:42 - 2023-08-27 16:42 - 000000000 ____D C:\Users\Jonas\AppData\Local\Yandex
2023-08-27 16:42 - 2023-08-27 16:42 - 000000000 ____D C:\Users\Jonas\.steam
2023-08-27 16:41 - 2023-08-27 16:41 - 000000000 ____D C:\ProgramData\Caphyon
2023-08-24 12:42 - 2023-08-24 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tokyo Dawn Labs
2023-08-24 12:42 - 2023-08-24 12:42 - 000000000 ____D C:\Program Files\Tokyo Dawn Labs
2023-08-24 12:42 - 2023-08-24 12:42 - 000000000 ____D C:\Program Files (x86)\Steinberg
2023-08-23 13:03 - 2023-08-23 13:03 - 000000000 ___HD C:\$WinREAgent
2023-08-14 22:35 - 2023-08-14 22:35 - 000856504 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Device.dll
2023-08-14 22:35 - 2023-08-14 22:35 - 000061368 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Platform.dll
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-09-09 13:12 - 2021-05-17 18:15 - 000000000 ____D C:\Users\Jonas\AppData\Local\Discord
2023-09-09 12:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-09 12:42 - 2021-12-17 20:45 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-09 12:42 - 2019-10-29 11:41 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-09 12:19 - 2021-01-27 23:28 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-09 12:19 - 2019-12-07 16:51 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat
2023-09-09 12:19 - 2019-12-07 16:51 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat
2023-09-09 12:19 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-09-09 12:14 - 2019-10-29 11:54 - 000000000 ____D C:\Users\Jonas\AppData\Local\D3DSCache
2023-09-09 12:12 - 2021-01-27 23:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-09 12:12 - 2021-01-27 23:25 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-09 12:12 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-09 12:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-09 12:12 - 2019-10-31 12:04 - 000000000 ____D C:\Users\Jonas\AppData\Roaming\Discord
2023-09-09 12:11 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-09-09 11:49 - 2021-01-27 23:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-09 10:59 - 2021-12-13 18:16 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2064130578-1377530923-905107086-1001
2023-09-09 10:59 - 2021-01-27 23:29 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2064130578-1377530923-905107086-1001
2023-09-09 10:59 - 2021-01-27 23:25 - 000002395 _____ C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-09 10:59 - 2020-07-06 16:54 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-08 16:00 - 2019-10-31 22:33 - 000002337 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-07 16:44 - 2021-11-28 20:06 - 000003694 _____ C:\WINDOWS\system32\Tasks\ROCCAT DEVICE SERVICE
2023-09-07 13:34 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-07 13:13 - 2022-07-23 15:24 - 000000000 ____D C:\Users\Jonas\AppData\Local\ProtonVPN
2023-09-07 12:28 - 2020-08-22 14:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-07 10:45 - 2019-10-29 14:12 - 000000000 ____D C:\Program Files\Core Temp
2023-09-04 20:13 - 2023-06-19 18:55 - 000000981 _____ C:\Users\Public\Desktop\Proton VPN.lnk
2023-09-04 20:13 - 2023-05-02 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2023-08-29 14:21 - 2019-11-14 16:11 - 000000000 ____D C:\Users\Jonas\Downloads\Telegram Desktop
2023-08-29 14:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2023-08-28 12:57 - 2022-11-27 19:47 - 000000000 ____D C:\Users\Jonas\AppData\Roaming\Microsoft\HTML Help
2023-08-28 12:57 - 2022-09-06 18:35 - 000000000 ____D C:\Users\Jonas\AppData\Local\CrashDumps
2023-08-28 12:57 - 2022-06-15 17:53 - 000000000 ____D C:\WINDOWS\Minidump
2023-08-28 12:57 - 2021-09-25 10:51 - 000000000 ____D C:\Users\Jonas\AppData\Roaming\WhatsApp
2023-08-28 12:57 - 2020-07-29 10:19 - 000000000 ____D C:\Users\Jonas\AppData\Roaming\Zoom
2023-08-28 12:57 - 2020-05-21 16:09 - 000000000 ____D C:\Users\Jonas\Documents\The Witcher 3
2023-08-28 12:57 - 2020-05-06 21:27 - 000000000 ____D C:\Users\Jonas\AppData\Local\The Lord of the Rings Online
2023-08-28 12:57 - 2020-02-26 11:34 - 000000000 ____D C:\Users\Jonas\AppData\Roaming\EasyAntiCheat
2023-08-28 12:57 - 2020-02-13 20:07 - 000000000 ____D C:\Users\Jonas\AppData\Roaming\dvdcss
2023-08-28 12:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-08-28 12:57 - 2019-10-31 12:04 - 000000000 ____D C:\Users\Jonas\AppData\Local\SquirrelTemp
2023-08-28 12:57 - 2019-10-29 11:20 - 000000000 ____D C:\Users\Jonas\AppData\Roaming\Microsoft\MMC
2023-08-28 12:55 - 2022-01-02 12:48 - 000000000 ____D C:\Users\Jonas\AppData\Local\AMD_Common
2023-08-28 12:55 - 2019-10-29 12:01 - 000000000 ____D C:\Users\Jonas\AppData\Local\AMD
2023-08-28 12:40 - 2020-01-30 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2023-08-28 12:40 - 2020-01-30 20:20 - 000000000 ____D C:\Program Files\7-Zip
2023-08-28 12:26 - 2022-07-24 13:08 - 000003152 _____ C:\WINDOWS\system32\Tasks\StartCN
2023-08-28 12:26 - 2022-07-24 13:08 - 000003072 _____ C:\WINDOWS\system32\Tasks\StartDVR
2023-08-28 12:26 - 2019-10-29 12:00 - 000000000 ____D C:\Program Files\AMD
2023-08-28 12:23 - 2019-10-29 11:59 - 000000000 ____D C:\AMD
2023-08-28 09:36 - 2019-10-29 12:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-27 16:42 - 2021-01-27 23:25 - 000000000 ____D C:\Users\Jonas
2023-08-27 16:42 - 2019-10-29 12:01 - 000000000 ____D C:\Users\Jonas\AppData\Local\ElevatedDiagnostics
2023-08-24 12:49 - 2022-04-08 18:21 - 000000000 ____D C:\Program Files\Common Files\VST3
2023-08-24 12:42 - 2022-07-16 13:19 - 000000000 ____D C:\Users\Jonas\AppData\Roaming\Tokyo Dawn Labs
2023-08-24 12:42 - 2022-07-16 13:17 - 000000000 ____D C:\Program Files\Vstplugins
2023-08-24 12:24 - 2019-10-29 11:17 - 000000000 ____D C:\Users\Jonas\AppData\Local\Packages
2023-08-24 12:23 - 2023-04-01 13:46 - 000000000 ____D C:\Users\Jonas\Documents\XLN Online Installer
2023-08-23 22:26 - 2019-12-07 16:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-08-23 22:26 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-08-23 22:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-08-23 22:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-08-23 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-23 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-23 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-23 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-08-23 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-23 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-08-23 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-08-23 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-23 13:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-23 13:07 - 2021-01-27 23:25 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-19 08:11 - 2023-03-18 12:42 - 000450080 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2023-08-19 08:11 - 2023-03-18 12:42 - 000034184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2023-08-19 08:10 - 2023-03-18 12:42 - 000177856 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2023-08-19 08:10 - 2022-07-24 13:03 - 002073528 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2023-08-19 08:10 - 2022-07-24 13:03 - 000222176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2023-08-15 04:44 - 2022-07-24 13:08 - 002967232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2023-08-12 01:43 - 2023-04-02 13:19 - 000000000 ____D C:\Users\Jonas\Documents\XLN Cloud Sync Logs
2023-08-10 16:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-10 16:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-10 16:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-10 16:15 - 2019-10-29 12:00 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-08-27 16:42 - 2023-08-27 16:42 - 000647440 _____ () C:\Users\Jonas\AppData\Roaming\ProfessionalSingleLanguage.dat
2023-07-25 03:24 - 2023-07-25 03:24 - 000001569 _____ () C:\Users\Jonas\AppData\Local\recently-used.xbel
2019-10-29 13:35 - 2023-03-20 19:45 - 000007601 _____ () C:\Users\Jonas\AppData\Local\Resmon.ResmonCfg
2023-09-08 15:59 - 2023-09-08 16:02 - 000000128 _____ () C:\Users\Jonas\AppData\Local\Support.ini
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu Windows 10: Powershell-Trojaner wird nie restlos entfernt |
| administrator, antivirus, asus, avast, defender, firefox, firewall, google, homepage, infiziert, internet, log, malwarebytes, microsoft, mozilla, ordner, powershell, prozesse, quarantine, registry, rundll, server, services.exe, svchost.exe, system, trojaner, windows |
Baum-Darstellung