| |
| |||||||
Log-Analyse und Auswertung: Trojan:Script/Wacatac.B!ml Windows 11 Windows Defender schlägt AlarmWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
01.01.2024, 10:38
| #1 |
| |  Trojan:Script/Wacatac.B!ml Windows 11 Windows Defender schlägt Alarm Hallo liebes Forum, ich wünsche euch ein frohes gesundes neues Jahr ! Ich habe gester 3 WinRar Dateien über Discord von jemand geschickt bekommen, diese nicht geöffnet oder entpackt, ich Sie garnicht erst finden... Windows Defender hat sofort Alarm geschlagen, seitdem bekomme ich diese nicht weg... Malwarebytes kann nichts finden und auch nicht im abgesicherten Modus.. Leider auch nach einer Systemwiederherstellung geht nichts... Könnt Ihr mier hier vlt nach final helfen ? Ich danke vorab Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-12-2023
durchgeführt von Chris (Administrator) auf MININT-87Q8JIO (Micro-Star International Co., Ltd. MS-7D32) (01-01-2024 10:07:29)
Gestartet von C:\Users\Chris\Downloads\FRST64(1).exe
Geladene Profile: Chris
Plattform: Microsoft Windows 11 Home Version 23H2 22631.2861 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.29.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Corsair\Corsair iCUE5 Software\crashpad_handler.exe
(C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServer.exe
(C:\Program Files\Elgato\WaveLink\WaveLink.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\WaveLink\crashpad_handler.exe
(C:\Program Files\Elgato\WaveLink\WaveLink.exe ->) (Corsair Memory, Inc. -> Elgato Systems) C:\Program Files\Elgato\WaveLink\AudioRoutingHelper.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NvVirtualCamera\NVIDIA Broadcast.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Microsoft Corporation) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <6>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.91\msedgewebview2.exe <6>
(C:\Users\Chris\Downloads\FRST64(1).exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2310.13.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe
(ctfmon.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(ctfmon.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(explorer.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe
(explorer.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\WaveLink\WaveLinkSE.exe
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc) C:\Program Files\Elgato\WaveLink\WaveLink.exe
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Elgato\ControlCenter\ControlCenter.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <28>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CueLLAccessService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e913f9cc84fc282c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (KYOCERA Document Solutions Inc.) [Datei ist nicht signiert] C:\Program Files\KDService\bin\KDService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe <2>
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_677da8a9230cea15\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> wondershare) C:\ProgramData\Wondershare\wsServices\WsidService.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2349.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI\MSI Center\LAN Manager\MSI_LAN_Manager_Tool.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Speed Up\StorageMonitor.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\True Color\New\MSI.True Color.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Control Center] => C:\Program Files\Elgato\ControlCenter\ControlCenter.exe [1678376 2023-10-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Run: [Stream Deck] => C:\Program Files\Elgato\StreamDeck\StreamDeck.exe [16501328 2023-10-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Run: [Corsair iCUE5 Software] => C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE Launcher.exe [184872 2023-12-08] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [543736 2023-11-21] (Razer USA Ltd. -> Razer Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3572488 2023-12-08] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37157328 2023-12-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-11-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [Discord] => C:\Users\Chris\AppData\Local\Discord\Update.exe [1525016 2023-04-26] (Discord Inc. -> GitHub)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [CiscoSpark] => C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [1508 2023-08-08] () [Datei ist nicht signiert]
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [CiscoMeetingDaemon] => C:\Users\Chris\AppData\Local\WebEx\WebexHost.exe [8039008 2023-04-10] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [MicrosoftEdgeAutoLaunch_D3FEFEF9604A334C07E903E221AE7560] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [Camera Hub] => C:\Program Files\Elgato\CameraHub\Camera Hub.exe [34906152 2023-10-16] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [WaveLinkSE] => C:\Program Files\Elgato\WaveLink\WaveLinkSE.exe [281128 2023-09-04] (Corsair Memory, Inc. -> )
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [Volume Controller SD plugin] => C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe [108072 2023-09-18] (Corsair Memory, Inc. -> )
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Run: [Wave Link] => C:\Program Files\Elgato\WaveLink\WaveLink.exe [13369896 2023-09-04] (Corsair Memory, Inc. -> Corsair Memory, Inc)
HKU\S-1-5-21-818666927-3340188741-3001556913-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [Camera Hub] => C:\Program Files\Elgato\CameraHub\Camera Hub.exe [34906152 2023-10-16] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKU\S-1-5-18\...\Run: [RazerAxon] => C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.exe [452904 2023-12-15] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3572488 2023-12-08] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\KX Language Monitor: C:\windows\system32\KXPLM64.DLL [113608 2022-10-03] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.111\Installer\chrmstp.exe [2023-12-21] (Google LLC -> Google LLC)
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {67254D86-1204-4389-9CA5-664B6C7140AB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {848A78FA-82F9-4E45-8515-86052EE619BE} - System32\Tasks\Apple Diagnostics => C:\Users\Chris\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2024-01-01] () [symlink -> ]
Task: {E32A9877-664A-4BB3-9207-A3760580C881} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {52AAD740-E2EC-4FF0-81C1-CDFED1BB157E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "6444d7da-b690-4733-ada9-89c63a452aa9" --version "6.19.10858" --silent
Task: {4EA2237F-0F0B-45C9-BF19-7F925B1DA77D} - System32\Tasks\CCleanerSkipUAC - Chris => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D1EE1113-6459-47F1-841B-99F7231089EE} - System32\Tasks\GoogleUpdateTaskMachineCore{AB3514BE-D509-4015-AE58-F62A27866C49} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-25] (Google LLC -> Google LLC)
Task: {C18D5A99-9F13-44EE-B705-6D6B20EBAF86} - System32\Tasks\GoogleUpdateTaskMachineUA{ACAC3B77-7782-4807-B667-76D19CF2E1D3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-25] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {A4B2549F-861A-41B7-96E4-3ADA626E952C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-12-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {FFCE2D4C-E548-4717-A838-BC84B276300B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {97CF77E8-4AC5-427F-BFDF-6E0BE1090940} - System32\Tasks\MSI Task Host - FixNorton.exe => C:\Program Files (x86)\MSI\MSI Center\PushCast\Push20221215131801\FixNorton.exe (Keine Datei)
Task: {432D1D33-C667-4DEB-8C62-9122A8DE9B23} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2463840 2023-04-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {21DF6971-F9AE-4D96-8401-885EAFB489C3} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe [11015736 2023-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D4EFC33-36B3-4EB7-8D6C-FB54434D15C9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F445CB08-9D01-485D-B18E-73FD9126FF58} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D71A875D-0D25-417D-A4FF-228653C060E3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FAB2A398-5A46-4548-9CC2-B78E3F34B9CB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C959BE6C-1AE2-4620-A10D-49CECED13CFF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B8EE8FD4-1049-484C-AAAB-3B4A86CB98F8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AB1389BC-89A7-4D53-A8ED-F1192297B392} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E0E4959-70AF-4F3E-A375-B6AAF8C7F18E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {41A6449C-4510-4A4E-85B0-6F5EB0D86DDD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6B03316E-B3CD-47B4-8ED3-3436472B41C1} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [543736 2023-11-21] (Razer USA Ltd. -> Razer Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{5c2bf3ff-b8e3-4799-9a41-ef00191f93a7}: [DhcpNameServer] 10.9.7.254
Tcpip\..\Interfaces\{757e4895-4b84-4dfc-ae3c-b1f215ded9ed}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{757e4895-4b84-4dfc-ae3c-b1f215ded9ed}: [DhcpDomain] speedport.ip
Tcpip\..\Interfaces\{757e4895-4b84-4dfc-ae3c-b1f215ded9ed}\54C6761647F602B4569702C4967686470273647383: [DhcpNameServer] 192.168.62.1
Tcpip\..\Interfaces\{757e4895-4b84-4dfc-ae3c-b1f215ded9ed}\960586F6E6560267F6E6023486279637: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{757e4895-4b84-4dfc-ae3c-b1f215ded9ed}\D4167656E6471675C414E4: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{757e4895-4b84-4dfc-ae3c-b1f215ded9ed}\D4167656E6471675C414E4: [DhcpDomain] speedport.ip
Tcpip\..\Interfaces\{92bcb369-be09-4340-8d58-2cb2db4690c3}: [DhcpNameServer] 162.252.172.57 149.154.159.92
Tcpip\..\Interfaces\{cc5f8dcd-8646-40e4-ac93-df03bb7795b8}: [DhcpNameServer] 172.20.10.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Chris\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-01]
Edge Notifications: Default -> hxxps://www.adac.de; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.tiktok.com
Edge Extension: (Google Docs Offline) - C:\Users\Chris\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
Edge Extension: (Bitcleaner Surfguard) - C:\Users\Chris\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gidnhakgfijhghmilgiiffidakihnbnb [2023-12-02]
Edge Extension: (Edge relevant text changes) - C:\Users\Chris\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-15]
Edge HKU\S-1-5-21-818666927-3340188741-3001556913-1003\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [gidnhakgfijhghmilgiiffidakihnbnb]
FireFox:
========
FF DefaultProfile: cfjoio9m.default
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\cfjoio9m.default [2022-09-22]
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\icis11z4.default-release [2024-01-01]
FF Homepage: Mozilla\Firefox\Profiles\icis11z4.default-release -> www.google.de
FF Notifications: Mozilla\Firefox\Profiles\icis11z4.default-release -> hxxps://www.nvidia.com; hxxps://best.aliexpress.com; hxxps://www.instagram.com; hxxps://m.focus.de; hxxps://montanablack.de; hxxps://twitter.com; hxxps://www.giga.de; hxxps://b2b.gamescom.de; hxxps://www.gamescom.de; hxxps://streamlabs.com; hxxps://www.express.de; hxxps://www.wetteronline.de; hxxps://www.volksstimme.de; hxxps://www.scheidung.org; hxxps://wotpack.ru; hxxps://www.travelbook.de
FF Extension: (Ecko Graffiti) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\icis11z4.default-release\Extensions\{01c0fd5a-3222-4f0c-b0c7-24cf73ec272a}.xpi [2023-02-25]
FF Extension: (Mark Ecko) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\icis11z4.default-release\Extensions\{03aa1ab1-7785-43d2-88ff-19c69c6fe9c1}.xpi [2023-02-25]
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default [2023-12-08]
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-25]
CHR Extension: (Marc Ecko) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2023-02-25]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-12-03] (BattlEye Innovations e.K. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 CorsairCpuIdService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe [240168 2023-12-08] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 CorsairDeviceListerService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe [151080 2023-12-08] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\Corsair iCUE5 Software\CueLLAccessService.exe [252456 2023-12-08] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\Corsair iCUE5 Software\clink\Corsair.Service.exe [84008 2023-12-08] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [588712 2023-11-21] (Razer USA Ltd. -> Razer Inc.)
R2 DFWSIDService; C:\ProgramData\Wondershare\wsServices\WsidService.exe [3950832 2023-07-26] (Wondershare Technology Group Co.,Ltd -> wondershare)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2022-09-23] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-12-02] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
R3 iCUEUpdateService; C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe [366120 2023-12-08] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 KDService; C:\Program Files\KDService\bin\KDService.exe [499200 2022-07-28] (KYOCERA Document Solutions Inc.) [Datei ist nicht signiert]
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9405400 2024-01-01] (Malwarebytes Inc. -> Malwarebytes)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150840 2021-06-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150840 2021-06-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe [140528 2022-05-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe [37104 2022-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_677da8a9230cea15\Display.NvContainer\NVDisplay.Container.exe [1275544 2023-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2165168 2023-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [305072 2023-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [362760 2023-06-14] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [297736 2023-12-07] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2023-11-09] (Razer USA Ltd. -> Razer Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ElevationService; C:\ProgramData\Wondershare\wsServices\ElevationService.exe [X]
S2 WirelessBackupService; C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\WirelessBackupService.exe [X]
S2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 atvi-randgrid; C:\ProgramData\Battle.net_components\randgridauks\randgrid.sys [2786712 2023-09-28] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-10-01] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-10-01] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63008 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess8F050F5E415C1A5882EB9FF7CE2BC59B7BE3A953; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairLLAccess64.sys [23632 2023-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44576 2024-01-01] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R3 e2fexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2f.inf_amd64_0f2d4ef9c63375f3\e2f.sys [527000 2022-09-19] (Intel Corporation -> Intel Corporation)
S3 ElgatoUsbAudio; C:\WINDOWS\System32\drivers\ElgatoUsbAudio.sys [428584 2023-07-06] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ElgatoUsbAudioks; C:\WINDOWS\System32\drivers\ElgatoUsbAudioks.sys [55336 2023-07-06] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ElgatoUsbAudio_mixer; C:\WINDOWS\System32\drivers\ElgatoUsbAudio_mixer.sys [46632 2023-07-06] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ElgatoVirtualCamera; C:\WINDOWS\System32\drivers\ElgatoVirtualCamera.sys [14380560 2022-08-16] (WDKTestCert Elgato,132863164269755022 -> Windows (R) Win 7 DDK provider)
R3 ElgatoVirtUsbAudioEmu; C:\WINDOWS\System32\drivers\ElgatoVirtUsbAudioEmu.sys [97352 2023-06-23] (Microsoft Windows Hardware Compatibility Publisher -> ToriLogic GmbH & Co. KG)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [140928 2022-09-27] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88784 2022-08-10] (Intel Corporation -> Intel Corporation)
S3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [26168 2021-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222784 2024-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-01] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [233704 2024-01-01] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188008 2024-01-01] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32424 2023-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\MSI Center\Super Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NTIOLib_FWUpdate; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\ResetMCU\JT1Toucher\NTIOLib_X64.sys [28496 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 RtkUsbAD_2342; C:\WINDOWS\System32\DriverStore\FileRepository\rtdusbad_msi.inf_amd64_2173f71dd3f208d8\RtUsbA64.sys [496440 2022-09-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RtkUsbAD_2347; C:\WINDOWS\System32\DriverStore\FileRepository\rtdusbad_msi.inf_amd64_4ef5c78c2dee4eab\RtUsbA64.sys [498016 2022-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_007e; C:\WINDOWS\System32\drivers\RzDev_007e.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0086; C:\WINDOWS\System32\drivers\RzDev_0086.sys [53288 2021-09-28] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0088; C:\WINDOWS\System32\drivers\RzDev_0088.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_024e; C:\WINDOWS\System32\drivers\RzDev_024e.sys [64664 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0c02; C:\WINDOWS\System32\drivers\RzDev_0c02.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
U4 AppMgmt; kein ImagePath
U4 CscService; kein ImagePath
S3 HWiNFO_180; \??\C:\Users\Chris\AppData\Local\Temp\HWiNFO64A_180.SYS [X] <==== ACHTUNG
S3 MpKsl75bf0ffd; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D7A66823-A9B3-448D-9C43-DC5DBEE75544}\MpKslDrv.sys [X]
U4 napagent; kein ImagePath
U4 PeerDistSvc; kein ImagePath
S3 SIUSBXP; \??\C:\Windows\system32\drivers\SiUSBXp.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-01 10:06 - 2024-01-01 10:06 - 000058456 _____ C:\Users\Chris\Downloads\Addition.txt
2024-01-01 10:05 - 2024-01-01 10:07 - 000043058 _____ C:\Users\Chris\Downloads\FRST.txt
2024-01-01 10:05 - 2024-01-01 10:07 - 000000000 ____D C:\FRST
2024-01-01 10:04 - 2024-01-01 10:04 - 002387456 _____ (Farbar) C:\Users\Chris\Downloads\FRST64(1).exe
2024-01-01 10:03 - 2024-01-01 10:03 - 002387456 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2024-01-01 09:54 - 2024-01-01 09:54 - 000233704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-01-01 09:54 - 2024-01-01 09:54 - 000188008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-01-01 09:54 - 2024-01-01 09:54 - 000000000 ____D C:\Users\Chris\AppData\LocalLow\IGDump
2024-01-01 09:53 - 2024-01-01 09:53 - 002606880 _____ (Malwarebytes) C:\Users\Chris\Downloads\MBSetup.exe
2024-01-01 09:34 - 2024-01-01 09:34 - 000875154 _____ C:\WINDOWS\system32\perfh00C.dat
2024-01-01 09:34 - 2024-01-01 09:34 - 000859736 _____ C:\WINDOWS\system32\perfh010.dat
2024-01-01 09:34 - 2024-01-01 09:34 - 000851458 _____ C:\WINDOWS\system32\perfh007.dat
2024-01-01 09:34 - 2024-01-01 09:34 - 000188618 _____ C:\WINDOWS\system32\perfc007.dat
2024-01-01 09:34 - 2024-01-01 09:34 - 000188134 _____ C:\WINDOWS\system32\perfc00C.dat
2024-01-01 09:34 - 2024-01-01 09:34 - 000181206 _____ C:\WINDOWS\system32\perfc010.dat
2024-01-01 09:21 - 2024-01-01 09:21 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2024-01-01 09:06 - 2024-01-01 09:06 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-01-01 08:46 - 2024-01-01 09:06 - 001015776 _____ C:\WINDOWS\ntbtlog.txt
2024-01-01 08:41 - 2024-01-01 09:54 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-01 08:41 - 2024-01-01 09:54 - 000000000 ____D C:\Users\Chris\AppData\Local\Malwarebytes
2024-01-01 08:41 - 2024-01-01 09:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-01 08:41 - 2024-01-01 09:53 - 000000000 ____D C:\Program Files\Malwarebytes
2024-01-01 08:13 - 2024-01-01 08:13 - 000000000 ___HD C:\$SysReset
2024-01-01 00:29 - 2024-01-01 00:29 - 000094048 _____ C:\ProgramData\agent.update.1704065343.bdinstall.v2.bin
2023-12-31 23:56 - 2023-12-31 23:56 - 000697352 _____ C:\ProgramData\cl.1704062596.bdinstall.v2.bin
2023-12-31 23:56 - 2023-12-31 23:56 - 000126564 _____ C:\ProgramData\cl.kit.1704062592.bdinstall.v2.bin
2023-12-31 23:55 - 2023-12-31 23:55 - 000000000 ____D C:\ProgramData\Gemma
2023-12-31 23:55 - 2023-12-31 23:55 - 000000000 ____D C:\ProgramData\Atc
2023-12-31 23:55 - 2023-12-31 23:55 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2023-12-31 23:53 - 2024-01-01 00:04 - 000000000 ____D C:\ProgramData\BDLogging
2023-12-31 23:53 - 2023-12-31 23:53 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Bitdefender Security App
2023-12-31 23:53 - 2023-12-31 23:53 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Bitdefender
2023-12-31 23:52 - 2023-12-31 23:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2023-12-31 23:52 - 2023-12-31 23:52 - 000000000 ____D C:\ProgramData\Bitdefender
2023-12-31 23:52 - 2023-12-31 23:52 - 000000000 ____D C:\Program Files\Bitdefender
2023-12-31 23:43 - 2024-01-01 00:29 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2023-12-31 23:41 - 2024-01-01 08:30 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-12-31 23:41 - 2023-12-31 23:41 - 000143396 _____ C:\ProgramData\agent.1704062480.bdinstall.v2.bin
2023-12-31 23:41 - 2023-12-31 23:41 - 000000000 ____D C:\Users\Chris\AppData\Local\Bitdefender
2023-12-31 23:41 - 2023-12-31 23:41 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2023-12-31 23:33 - 2023-12-31 23:33 - 000000000 ____D C:\Users\Chris\AppData\Local\mbam
2023-12-31 23:26 - 2024-01-01 08:30 - 000000000 ____D C:\Users\Public\Security Sessions
2023-12-31 23:26 - 2023-12-31 23:26 - 000000000 ____D C:\Users\Chris\AppData\Local\AviraWebView2Cache
2023-12-31 23:26 - 2023-12-31 23:26 - 000000000 ____D C:\Users\Chris\AppData\Local\Avira
2023-12-31 23:25 - 2023-12-31 23:53 - 000000000 ____D C:\Program Files (x86)\Avira
2023-12-31 20:42 - 2023-12-31 20:42 - 001121079 _____ C:\Users\Chris\Downloads\MAS3Tech - Kartenmanager V3.0.4.zip
2023-12-31 20:33 - 2023-12-31 20:33 - 000245934 _____ C:\Users\Chris\Downloads\MAS3Tech Update - V3.94.zip
2023-12-31 20:33 - 2023-12-31 20:33 - 000245934 _____ C:\Users\Chris\Downloads\MAS3Tech Update - V3.94(1).zip
2023-12-31 20:33 - 2023-12-31 20:33 - 000000000 ____D C:\Users\Chris\Downloads\MAS3Tech Update - V3.94(1)
2023-12-31 20:27 - 2023-12-31 20:29 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\Daten Aufsteller
2023-12-29 10:48 - 2023-12-29 10:48 - 000033713 _____ C:\Users\Chris\Downloads\DHL-Paketmarke_PAKX7L73RGA4_Jürgen_Mederer.pdf
2023-12-28 08:20 - 2023-12-28 08:20 - 000056571 _____ C:\Users\Chris\Downloads\MD100 Blau Stapler und Dispenser - V1.72.zip
2023-12-28 08:15 - 2023-12-28 08:15 - 005753874 _____ C:\Users\Chris\OneDrive\Desktop\Reinigungshandbuch.pdf
2023-12-28 08:10 - 2023-12-28 08:10 - 000185942 _____ C:\Users\Chris\Downloads\TAIKO_PUB-7_22410_ID062E_EUR2.zip
2023-12-28 08:05 - 2023-12-28 08:26 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\ADP
2023-12-27 10:51 - 2023-12-27 10:51 - 000345193 _____ C:\Users\Chris\Downloads\Rechnung.pdf
2023-12-27 09:42 - 2023-12-27 09:42 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\Blue Wave
2023-12-27 08:08 - 2023-12-27 08:09 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\MAS3 Tech
2023-12-21 09:10 - 2023-12-21 09:10 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\JCM Treiber & Updatesoftware
2023-12-21 09:10 - 2023-12-21 09:10 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\Datensätze & Anleitungen
2023-12-20 09:10 - 2023-12-20 09:12 - 000000000 ___HD C:\$WinREAgent
2023-12-20 07:32 - 2023-12-20 07:35 - 000000000 ____D C:\Users\Chris\AppData\Local\Ubisoft Game Launcher
2023-12-20 07:32 - 2023-12-20 07:32 - 000001319 _____ C:\Users\Chris\OneDrive\Desktop\Ubisoft Connect.lnk
2023-12-20 07:32 - 2023-12-20 07:32 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2023-12-20 07:32 - 2023-12-20 07:32 - 000000000 ____D C:\ProgramData\Ubisoft
2023-12-20 07:32 - 2023-12-20 07:32 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2023-12-20 07:31 - 2023-12-20 07:31 - 118907760 _____ (Ubisoft) C:\Users\Chris\Downloads\UplayInstaller.exe
2023-12-20 07:17 - 2023-12-20 08:44 - 000000128 _____ C:\Users\Chris\AppData\LocalLow\3d7f6f7ed00394a4ac7e10ee7d9a45187fc68fe053d1101fc641a9d25a241958
2023-12-20 07:17 - 2023-12-20 07:17 - 000000026 _____ C:\Users\Chris\AppData\LocalLow\ba30abc8253114aa716dcde816ea6aa550d157f09b7f95fe4ba912cf3598ac83
2023-12-20 07:15 - 2024-01-01 08:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-12-19 08:55 - 2023-12-19 08:55 - 000507304 _____ C:\Users\Chris\Downloads\Magdeburg_OFF2_07230520231218195359.pdf
2023-12-19 08:02 - 2024-01-01 09:28 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-12-19 08:02 - 2023-12-20 07:09 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-12-19 08:02 - 2023-12-19 08:02 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-12-19 07:59 - 2024-01-01 09:28 - 000000128 _____ C:\Users\Chris\AppData\LocalLow\1cb834c15bad7e4ca543a04fc7e033dc83d4c22034941b6cbac2dbe135d72669
2023-12-19 07:59 - 2023-12-19 07:59 - 000000026 _____ C:\Users\Chris\AppData\LocalLow\514f447cfc3db182b2511c170fbd8cb2c131c01322a7703c49bd849b32af8b52
2023-12-18 09:33 - 2023-12-18 09:33 - 000006498 _____ C:\Users\Chris\Downloads\Umsätze.xlsx
2023-12-18 09:33 - 2023-12-18 09:33 - 000000106 ____H C:\Users\Chris\Downloads\.~lock.Umsätze.xlsx#
2023-12-18 08:01 - 2023-12-18 08:01 - 000079081 _____ C:\Users\Chris\Downloads\ebay-label-8ffe7d49-7a02-410c-ac4f-36bedc52bac8.pdf
2023-12-18 08:00 - 2023-12-28 08:49 - 000000128 _____ C:\Users\Chris\AppData\LocalLow\e2ab92fb3990b0b88d9350e4e4abf3109cb5485acd2a79b4725a7d6bad6087f0
2023-12-18 08:00 - 2023-12-18 08:00 - 000002260 _____ C:\Users\Chris\AppData\LocalLow\b777d17da872ed57fdc8f4215421e12d9bc87791279c43e796a84be6b8384754
2023-12-18 08:00 - 2023-12-18 08:00 - 000000026 _____ C:\Users\Chris\AppData\LocalLow\ab095bfdfdcb74ef57c98233f598b26ef64c295450f5a802f43be94154d2092b
2023-12-18 07:47 - 2023-11-04 20:14 - 000606960 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2023-12-18 07:47 - 2023-11-04 20:14 - 000537328 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2023-12-18 07:47 - 2023-11-04 20:13 - 000979368 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2023-12-18 07:47 - 2023-11-04 20:13 - 000737984 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2023-12-18 07:47 - 2023-11-04 20:13 - 000622024 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2023-12-18 07:47 - 2023-11-04 20:13 - 000543064 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2023-12-18 07:47 - 2023-11-04 20:13 - 000480920 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2023-12-18 07:47 - 2023-11-04 20:11 - 000538296 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2023-12-18 07:47 - 2023-11-04 20:11 - 000486184 _____ C:\WINDOWS\system32\ze_loader.dll
2023-12-18 07:47 - 2023-11-04 20:11 - 000326840 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2023-12-18 07:47 - 2023-11-04 20:10 - 027984056 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2023-12-18 07:47 - 2023-11-04 20:10 - 020708136 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2023-12-18 07:47 - 2023-11-04 20:10 - 000306832 _____ C:\WINDOWS\system32\ControlLib.dll
2023-12-18 07:47 - 2023-11-04 20:10 - 000254416 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2023-12-18 07:35 - 2023-12-18 07:35 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-818666927-3340188741-3001556913-1003
2023-12-18 07:35 - 2023-12-18 07:35 - 000002447 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-12-08 17:08 - 2023-12-08 17:08 - 000097963 _____ C:\Users\Chris\Downloads\AvengersEndgame.zip
2023-12-08 17:08 - 2023-12-08 17:08 - 000000000 ____D C:\Users\Chris\Downloads\AvengersEndgame
2023-12-08 17:07 - 2023-12-08 17:07 - 000000000 ____D C:\Users\Chris\Downloads\CarinaNebula
2023-12-08 17:06 - 2023-12-08 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
2023-12-08 17:05 - 2023-12-08 17:05 - 000885992 _____ C:\Users\Chris\Downloads\CarinaNebula.zip
2023-12-07 21:04 - 2023-12-07 21:04 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-05 14:40 - 2023-12-05 14:40 - 000000000 ____D C:\Users\Chris\Downloads\InfernoStar-Facecam
2023-12-05 14:38 - 2023-12-05 14:38 - 069987505 _____ C:\Users\Chris\Downloads\InfernoStar-Facecam.zip
2023-12-05 14:31 - 2023-12-05 14:31 - 023971669 _____ C:\Users\Chris\Downloads\InfernoBar-Overlay.zip
2023-12-05 14:31 - 2023-12-05 14:31 - 000000000 ____D C:\Users\Chris\Downloads\InfernoBar-Overlay
2023-12-05 14:05 - 2023-12-05 14:05 - 000001949 _____ C:\Users\Chris\OneDrive\Desktop\StreamElements SE.Live.lnk
2023-12-05 14:04 - 2023-12-05 14:04 - 000740304 _____ C:\Users\Chris\Downloads\obs-streamelements-setup-latest(1).exe
2023-12-05 14:02 - 2023-12-05 14:02 - 000740304 _____ C:\Users\Chris\Downloads\obs-streamelements-setup-latest.exe
2023-12-05 13:44 - 2023-12-05 13:44 - 000010844 _____ C:\Users\Chris\Downloads\StreamElements.zip
2023-12-05 09:19 - 2023-12-05 09:19 - 000146117 _____ C:\Users\Chris\Downloads\MIFID_Kundeninformationsbroschuere_SSK_Magdeburg_ePostfach.PDF
2023-12-05 09:19 - 2023-12-05 09:19 - 000076998 _____ C:\Users\Chris\Downloads\Sonderbedingungen_zur_Online-Nutzung_von_DekaBank_Depots.PDF
2023-12-05 09:18 - 2023-12-05 09:18 - 000219990 _____ C:\Users\Chris\Downloads\Deka-FondsSparplan_Deka-Auszahlplan_Deka-Tauschplan.PDF
2023-12-05 09:18 - 2023-12-05 09:18 - 000075788 _____ C:\Users\Chris\Downloads\Depoteroeffnung_OSPlus_neo_stationaer.PDF
2023-12-05 09:18 - 2023-12-05 09:18 - 000073851 _____ C:\Users\Chris\Downloads\Deka_Aenderungsbestaetigung_fuer_Depot-Nr_0241548262-1.PDF
2023-12-05 09:18 - 2023-12-05 09:18 - 000072515 _____ C:\Users\Chris\Downloads\Deka_Eroeffnungsbestaetigung_fuer_Depot-Nr_0241548262.PDF
2023-12-05 09:18 - 2023-12-05 09:18 - 000069242 _____ C:\Users\Chris\Downloads\Freistellungsauftrag_DekaBank.PDF
2023-12-05 09:18 - 2023-12-05 09:18 - 000045989 _____ C:\Users\Chris\Downloads\Freistellungsauftrag_fuer_Kapitalertraege_Antrag_ab_2023.PDF
2023-12-05 09:11 - 2023-12-05 09:11 - 000170742 _____ C:\Users\Chris\Downloads\S_20231205_091126_Disporeduzierung.ZIP
2023-12-05 09:11 - 2023-12-05 09:11 - 000116768 _____ C:\Users\Chris\Downloads\Rahmenvertrag_zur_Einraeumung_eines_Dispositionskredites.PDF
2023-12-05 08:59 - 2023-12-05 08:59 - 001945360 _____ C:\Users\Chris\Downloads\PDF_UK_Postcodes-3.pdf
2023-12-05 08:58 - 2023-12-05 08:58 - 001945360 _____ C:\Users\Chris\Downloads\PDF_UK_Postcodes-2.pdf
2023-12-05 08:57 - 2023-12-05 08:57 - 001945360 _____ C:\Users\Chris\Downloads\PDF_UK_Postcodes-1.pdf
2023-12-05 08:45 - 2023-12-05 08:45 - 001945360 _____ C:\Users\Chris\Downloads\PDF_UK_Postcodes.pdf
2023-12-03 19:18 - 2023-12-03 19:18 - 000000000 ____D C:\Users\Chris\AppData\Local\BattlEye
2023-12-02 19:49 - 2023-12-02 19:49 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2023-12-02 12:51 - 2023-12-06 14:03 - 000000000 ____D C:\Program Files\TeamViewer
2023-12-02 12:51 - 2023-12-02 13:05 - 000000000 ____D C:\Users\Chris\AppData\Local\TeamViewer
2023-12-02 12:51 - 2023-12-02 12:51 - 000000000 ____D C:\Users\Chris\OneDrive\Dokumente\TV484
2023-12-02 12:50 - 2023-12-02 12:50 - 122336849 _____ C:\Users\Chris\OneDrive\Dokumente\TV484 (2).zip
2023-12-02 12:49 - 2023-12-02 12:49 - 122336849 _____ C:\Users\Chris\OneDrive\Dokumente\TV484.zip
2023-12-02 12:40 - 2023-12-02 12:41 - 009846760 _____ C:\Users\Chris\Downloads\Black-Red.zip
2023-12-02 12:28 - 2023-12-02 12:28 - 000000000 ____D C:\Users\Chris\Downloads\Flamestone
2023-12-02 12:26 - 2023-12-02 12:26 - 002033582 _____ C:\Users\Chris\Downloads\Flamestone.zip
2023-12-02 12:11 - 2023-12-02 12:11 - 118459896 _____ (Voicemod S.L. ) C:\Users\Chris\Downloads\VoicemodSetup_2.46.0.0.exe
2023-12-02 11:59 - 2023-12-02 11:59 - 000000000 ____D C:\Users\Chris\AppData\Roaming\REAPER
2023-12-02 11:57 - 2023-12-02 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2023-12-02 11:57 - 2023-12-02 11:57 - 015600240 _____ C:\Users\Chris\Downloads\reaper706_x64-install.exe
2023-12-02 11:57 - 2023-12-02 11:57 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-01 10:03 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-01 09:55 - 2022-09-22 15:49 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-01 09:54 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-01 09:54 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-01-01 09:51 - 2023-02-25 10:00 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-01 09:34 - 2022-10-01 10:42 - 004137970 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-01 09:34 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-01-01 09:26 - 2023-01-02 16:21 - 000000000 ___RD C:\Users\Chris\iCloudDrive
2024-01-01 09:26 - 2023-01-02 16:20 - 000000000 ___RD C:\Users\Chris\iCloudPhotos
2024-01-01 09:26 - 2022-10-01 10:36 - 000003976 _____ C:\WINDOWS\system32\Tasks\RazerCortexScheduleClean
2024-01-01 09:26 - 2022-09-19 10:26 - 000000000 ____D C:\MSI
2024-01-01 09:26 - 2022-09-19 10:12 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-01 09:25 - 2023-11-03 09:13 - 000012288 ___SH C:\DumpStack.log.tmp
2024-01-01 09:25 - 2022-10-01 10:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-01 09:25 - 2022-10-01 10:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-01 09:20 - 2022-09-26 18:07 - 000000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2024-01-01 09:20 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-01-01 08:53 - 2022-10-04 06:56 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-01-01 08:41 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-01 08:39 - 2023-05-29 14:22 - 000000000 ____D C:\Users\Chris\AppData\Local\Discord
2024-01-01 08:35 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-01 08:35 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-01 08:35 - 2021-10-06 06:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-01 08:31 - 2022-10-01 09:46 - 000000000 ____D C:\Users\Chris
2024-01-01 08:31 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps.tmp
2024-01-01 08:30 - 2023-05-29 14:22 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-01-01 08:30 - 2023-05-29 14:22 - 000000000 ____D C:\Users\Chris\AppData\Roaming\discord
2024-01-01 08:30 - 2023-01-02 16:15 - 000000000 ____D C:\ProgramData\Apple Inc
2024-01-01 08:30 - 2022-10-14 07:03 - 000000000 ____D C:\Users\DefaultAppPool
2024-01-01 08:30 - 2022-09-22 15:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-01 08:30 - 2022-09-19 10:19 - 000000000 ____D C:\ProgramData\MSI
2024-01-01 08:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-01 08:21 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-01-01 08:21 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\registration
2024-01-01 08:15 - 2022-09-22 15:39 - 000000000 ____D C:\Users\Chris\AppData\Local\D3DSCache
2023-12-31 23:56 - 2022-09-22 15:39 - 000000000 ____D C:\Users\Chris\AppData\Local\Packages
2023-12-31 23:56 - 2021-10-06 07:12 - 000000000 ____D C:\ProgramData\Packages
2023-12-29 12:29 - 2023-05-29 14:22 - 000002285 _____ C:\Users\Chris\OneDrive\Desktop\Discord.lnk
2023-12-21 07:51 - 2023-02-25 10:01 - 000002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-21 07:31 - 2022-09-22 15:49 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-12-20 13:17 - 2022-10-01 10:32 - 000476864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-20 13:16 - 2023-09-29 15:32 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2023-12-20 13:16 - 2022-09-23 03:30 - 000000000 ____D C:\Program Files (x86)\Steam
2023-12-20 13:16 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-20 13:06 - 2022-10-27 13:22 - 000000000 ____D C:\Users\Chris\AppData\Local\Battle.net
2023-12-20 09:17 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-20 09:15 - 2022-10-01 10:37 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-12-20 07:28 - 2022-10-29 07:38 - 000000000 ____D C:\Program Files (x86)\Call of Duty
2023-12-20 07:09 - 2022-09-22 15:51 - 000000000 ____D C:\Program Files\CCleaner
2023-12-18 08:05 - 2022-10-03 08:54 - 000000000 ____D C:\ProgramData\KDService
2023-12-18 07:47 - 2023-09-30 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Axon
2023-12-18 07:35 - 2022-10-01 10:36 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-818666927-3340188741-3001556913-1003
2023-12-10 17:38 - 2022-09-26 11:04 - 000000000 ____D C:\Users\Chris\AppData\Roaming\EasyAntiCheat
2023-12-08 19:01 - 2022-09-23 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2023-12-08 19:00 - 2022-09-23 02:59 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-12-07 21:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-07 21:04 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2023-12-07 16:30 - 2023-05-31 07:37 - 000000000 ____D C:\Users\Chris\OneDrive\Desktop\Bilder
2023-12-07 12:46 - 2023-02-25 10:00 - 000004002 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{ACAC3B77-7782-4807-B667-76D19CF2E1D3}
2023-12-07 12:46 - 2023-02-25 10:00 - 000003878 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{AB3514BE-D509-4015-AE58-F62A27866C49}
2023-12-06 16:10 - 2022-12-15 08:40 - 000000000 ____D C:\Users\Chris\AppData\Roaming\obs-studio
2023-12-06 14:16 - 2021-10-06 06:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-06 14:03 - 2023-05-04 10:18 - 000000000 ____D C:\Program Files\Streamlabs OBS
2023-12-05 14:05 - 2022-12-15 08:40 - 000000000 ____D C:\Program Files\obs-studio
2023-12-04 11:28 - 2023-11-14 11:07 - 000000016 _____ C:\Users\Chris\OneDrive\Dokumente\Singtitle.txt
2023-12-04 11:02 - 2022-09-23 03:31 - 000000000 ____D C:\Users\Chris\AppData\Local\Steam
2023-12-02 20:46 - 2022-09-23 03:20 - 000000000 ____D C:\Users\Chris\AppData\Local\UnrealEngine
2023-12-02 19:49 - 2022-09-19 10:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-12-02 14:35 - 2023-05-04 10:19 - 000000000 ____D C:\Users\Chris\AppData\Roaming\slobs-client
2023-12-02 14:34 - 2023-09-26 07:06 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-12-02 10:38 - 2022-10-27 13:16 - 000000000 ____D C:\Program Files (x86)\Battle.net
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2022-12-18 08:46 - 2022-12-18 08:46 - 000000015 _____ () C:\Users\Chris\AppData\Roaming\obs-virtualcam.txt
2023-01-09 13:01 - 2023-01-09 13:01 - 000007605 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu Trojan:Script/Wacatac.B!ml Windows 11 Windows Defender schlägt Alarm |
| .dll, administrator, adobe, bitcleaner, bonjour, defender, firefox, geforce, google, home, homepage, internet, internet explorer, karte, mozilla, nvidia, prozesse, realtek, registry, rundll, scan, security, software, temp, trojan, windows |
Baum-Darstellung