| |
| |||||||
Log-Analyse und Auswertung: Windows10: Windows Defender meldet Wacatac.B!ml TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.01.2024, 15:07
| #1 |
| |  Windows10: Windows Defender meldet Wacatac.B!ml Trojaner Frohes neues Jahr allerseits. Während dem Programmieren mit Visual Studio hat der Windows Defender mir gesagt, er habe den Trojaner Wacatac.B!ml in einer Zip Datei gefunden. Diese Zip Datei war ca. ein halbes Jahr alt und beinhaltete soweit ich mich errinern kann, Pixelarts von einem ehemaligen Kollegen. Es kann auch sein dass ich diese über ein Online Tool editiert habe und diese Zip Datei das Ergebnis war. Der Zip Ordner war (wsl. dank des Windows Defender) nicht mehr zu finden. Daraufhin habe ich jegliche Dateien die damit zu tun hatten in meinem Download Ordner entfernt. Da diese Dateien alle älter sind und schon öfter von mir verwendet und bewegt wurden wollte ich einmal sicher gehen, dass ich mir nichts eingefangen habe. Schonmal danke für eure Hilfe. Logfiles: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2024
durchgeführt von soere (Administrator) auf DESKTOP-5Q9M6SE (Gigabyte Technology Co., Ltd. B550 GAMING X V2) (02-01-2024 14:58:55)
Gestartet von C:\Users\soere\Downloads\FRST64.exe
Geladene Profile: soere
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3803 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Microsoft Corporation) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <6>
(Discord Inc. -> Discord Inc.) C:\Users\soere\AppData\Local\Discord\app-1.0.9028\Discord.exe <6>
(explorer.exe ->) () [Datei ist nicht signiert] C:\Program Files\Student Printer\StudentPrinterNotifier.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <22>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\Gigabyte\GService\GCloud.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4e58e7ac1d277d04\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21768.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21768.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [13129552 2023-04-17] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [613048 2023-05-24] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [Student Printer Notifier] => C:\Program Files\Student Printer\StudentPrinterNotifier /NSC-Print2005 /S (Keine Datei)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [126403424 2022-03-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2017432 2022-10-03] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1129440 2023-07-07] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-07-07] (Adobe Inc. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [Opera GX Stable] => C:\Users\soere\AppData\Local\Programs\Opera GX\launcher.exe [2296224 2023-12-21] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-12-08] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11517400 2023-11-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\soere\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [MicrosoftEdgeAutoLaunch_D06D155AFA9627861CD2DF456863381A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70918144 2023-12-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [OpenOffice Updater] => C:\Users\soere\AppData\Roaming\OpenOffice Updater\Updater.exe [367480 2021-07-28] (Arne Koenig -> ) <==== ACHTUNG
HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2189592 2023-11-15] (Wargaming Group Limited -> Wargaming.net)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2023-06-14] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\SC-Print2005 Port: C:\WINDOWS\system32\Scp2005.dll [86016 2006-10-05] (SHARP CORPORATION) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\SHARP SS0E PCL6 Language Monitor: C:\WINDOWS\system32\SS0ELMON.dll [82432 2008-10-29] (Microsoft Windows Hardware Compatibility Publisher -> SHARP CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.130\Installer\chrmstp.exe [2023-12-26] (Google LLC -> Google LLC)
Startup: C:\Users\soere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2023-12-20]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {89F79AE4-6FC1-4D8B-ABC5-C83AD03D7BBE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {9DE7381A-2A22-44CB-9E8E-DE86B9DB535A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4761AB65-2EB8-4DBA-B363-EB1BB63258D1} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E2DF46A3-154E-4F4E-841B-EBC0312061EE} - System32\Tasks\Apple Diagnostics => C:\Users\soere\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2023-11-05] () [symlink -> ]
Task: {E065378C-AD96-4468-9AA1-FEAD5624AA7B} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [17280 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {66150742-C1EE-491F-8CE0-8AD39ED3A86B} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [20352 2021-10-11] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {63722F1F-D81A-48CD-98D2-B64997FD97CE} - System32\Tasks\GoogleUpdateTaskMachineCore{A41DCD2B-2FF8-4999-B73F-6AF40C1E8F0E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-05] (Google LLC -> Google LLC)
Task: {32EEC457-2BB0-4F27-A65E-163EECD92A58} - System32\Tasks\GoogleUpdateTaskMachineUA{7175B6DF-9778-4709-B595-1C3D2228B04C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-05] (Google LLC -> Google LLC)
Task: {BBA9BABA-119C-41BD-A3DF-53E17A3D5D6D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFB4F3F5-D3E0-464F-A8CD-2C501E70F382} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {08A8D9F8-628D-4778-AE2B-241B166B7C9A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7EDF46D-33B6-4ECC-A88C-9F802A64CCDC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A957E72-1469-47D7-81F9-003720741BE0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0999FC1-B596-4D70-8896-603625662A47} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [254944 2023-12-19] (Microsoft Corporation -> Microsoft)
Task: {DF3991D1-AEC7-4781-8182-05F0321810B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0197451D-13C5-4DC9-A7EB-2D8DEAF5AE20} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A0AEC091-3FDA-4208-8572-26733F77390A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5A1FFA93-DCA9-48AB-B785-A492AA729982} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {42DC5350-D9BC-45F9-BE8A-C44C81E9ADEC} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-08-18] () [Datei ist nicht signiert]
Task: {8AC7E60E-24CC-4096-ABEF-D97A14ABE453} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A4A52C8E-09EC-454B-86CB-7647B187DD9D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0C288D0C-4CBC-4FE7-9C95-0ACF5E57037A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DF4EDF3-1D12-4A86-AD24-12BBCC704147} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BFBCCA3D-53DA-40B6-A1E2-D7BA88389AAD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B4A8AF76-F668-4BEB-AD0B-BAFEA01A143F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A1F4FEE5-C7F1-4F08-A835-28CB307885DE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D039A8E1-6DC9-4D70-AE29-04FBBB33FEFF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C0C2C0AD-E53F-44E5-B403-D89E8AB7D82B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4C10CC4E-9E35-471E-88D0-6ECDAEEAE937} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E85A9DD6-D95B-40C0-8C3F-E091A80F4AA5} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3788760031-3244841089-4271810839-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {11D80DC0-4185-4B5E-99C6-95DF5336B9B4} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1671713000 => C:\Users\soere\AppData\Local\Programs\Opera GX\launcher.exe [2296224 2023-12-21] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\soere\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {94B8093B-7437-43D1-9196-FC53C9D96070} - System32\Tasks\Opera GX scheduled Autoupdate 1671191861 => C:\Users\soere\AppData\Local\Programs\Opera GX\launcher.exe [2296224 2023-12-21] (Opera Norway AS -> Opera Software)
Task: {672A480B-8CC8-4B91-90BD-75533E01AEB4} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2023-12-19] (Overwolf Ltd -> Overwolf LTD)
Task: {D2DED964-54F7-42F7-9AFA-C8FC3B9E4321} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\Thermald.exe [392264 2022-09-30] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {5E9A7589-0229-459A-A06F-CE44EF7A39C8} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\Sensord.exe [257408 2021-06-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e13c1c24-5e02-4afe-8be7-4799848d372c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e13c1c24-5e02-4afe-8be7-4799848d372c}: [DhcpDomain] fritz.box
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\soere\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-18]
Edge Extension: (Google Docs Offline) - C:\Users\soere\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
Edge Extension: (Edge relevant text changes) - C:\Users\soere\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-17]
FireFox:
========
FF DefaultProfile: xj0ozq91.default
FF ProfilePath: C:\Users\soere\AppData\Roaming\Zotero\Zotero\Profiles\xj0ozq91.default [2023-07-25]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-07-07] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-07-07] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default [2024-01-02]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Extension: (BetterTTV) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-12-25]
CHR Extension: (7TV) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-12-16]
CHR Extension: (Watch2Gether) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2023-06-19]
CHR Extension: (uBlock Origin) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-12-05]
CHR Extension: (Axure RP Extension for Chrome) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\dogkpdfcklifaemcdfbildhcofnopogp [2022-12-16]
CHR Extension: (Watch Netflix Together) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjglnlhapkoahdmanogpccpmmpnakje [2023-06-19]
CHR Extension: (Google Docs Offline) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-16]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2023-12-05]
CHR HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001) Opera GXStable - "C:\Users\soere\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2023-07-07] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4555744 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-07-19] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233744 2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-07-27] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [954704 2023-11-04] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 EasyTuneEngineService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe [147824 2022-06-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-11-04] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe [3514384 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2023-11-15] (HP Inc. -> HP Inc.)
R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [Datei ist nicht signiert]
S2 OCButtonService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe [127360 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe [3851280 2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2023-12-19] (Overwolf Ltd -> Overwolf LTD)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [424584 2022-12-16] (Parsec Cloud, Inc. -> Parsec)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [613048 2023-05-24] (geek software GmbH -> geek software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35152 2023-04-17] (SteelSeries ApS -> )
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [802752 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [41416 2023-12-19] (Microsoft Corporation -> Microsoft)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 GigabyteUpdateService; C:\WINDOWS\system32\GigabyteUpdateService.exe [861328 2023-12-30] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4e58e7ac1d277d04\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4e58e7ac1d277d04\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1869904 2024-01-02] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [310208 2022-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [32296 2022-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [45248 2022-12-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 HoYoProtect; C:\WINDOWS\system32\HoYoKProtect.sys [3712576 2023-03-30] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
R3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1092552 2021-12-03] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2022-12-16] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 parsecvusba; C:\WINDOWS\System32\drivers\parsecvusba.sys [256560 2022-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Parsec)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [43472 2023-03-27] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [44456 2023-03-13] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [251776 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [262648 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1060600 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74064 2022-10-03] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [244264 2023-04-19] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited)
U4 npcap_wifi; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-02 14:58 - 2024-01-02 14:59 - 000035037 _____ C:\Users\soere\Downloads\FRST.txt
2024-01-02 14:58 - 2024-01-02 14:59 - 000000000 ____D C:\FRST
2024-01-02 14:58 - 2024-01-02 14:58 - 002387456 _____ (Farbar) C:\Users\soere\Downloads\FRST64.exe
2024-01-02 14:25 - 2024-01-02 14:25 - 000000083 _____ C:\Users\soere\Downloads\response_1704201913107.json
2024-01-02 14:19 - 2024-01-02 14:19 - 000000634 _____ C:\Users\soere\Downloads\response_1704201593400.json
2024-01-01 20:12 - 2024-01-01 20:12 - 000000005 _____ C:\Users\soere\Downloads\response_1704136341730.json
2024-01-01 20:11 - 2024-01-01 20:11 - 000000162 _____ C:\Users\soere\Downloads\response_1704136278174.json
2024-01-01 20:11 - 2024-01-01 20:11 - 000000003 _____ C:\Users\soere\Downloads\response_1704136302729.html
2024-01-01 20:09 - 2024-01-01 20:09 - 000000116 _____ C:\Users\soere\Downloads\response_1704136184047.json
2024-01-01 20:07 - 2024-01-01 20:07 - 000000114 _____ C:\Users\soere\Downloads\response_1704136034114.html
2024-01-01 20:04 - 2024-01-01 20:04 - 000000007 _____ C:\Users\soere\Downloads\response_1704135837572.html
2024-01-01 20:03 - 2024-01-01 20:03 - 000000128 _____ C:\Users\soere\Downloads\response_1704135781021.html
2024-01-01 16:04 - 2024-01-02 14:15 - 000000000 ____D C:\Users\soere\AppData\Local\SourceServer
2024-01-01 15:01 - 2024-01-01 15:01 - 000000146 _____ C:\Users\soere\Downloads\response_1704117671669.json
2024-01-01 15:00 - 2024-01-01 15:00 - 000000668 _____ C:\Users\soere\Downloads\response_1704117610744.json
2023-12-31 14:04 - 2023-12-31 14:04 - 000000000 ____D C:\Users\soere\AppData\Roaming\sqlitebrowser
2023-12-31 13:55 - 2023-12-31 13:55 - 000001386 _____ C:\Users\Public\Desktop\DB Browser (SQLite).lnk
2023-12-31 13:55 - 2023-12-31 13:55 - 000000000 ____D C:\Program Files\DB Browser for SQLite
2023-12-31 13:51 - 2023-12-31 13:51 - 018038784 _____ C:\Users\soere\Downloads\DB.Browser.for.SQLite-3.12.2-win64.msi
2023-12-30 00:49 - 2023-12-30 00:51 - 000389872 _____ C:\Users\soere\Downloads\Soren_Char.pdf
2023-12-29 23:20 - 2023-12-30 00:31 - 000024879 _____ C:\Users\soere\Documents\dndyannick.odt
2023-12-19 13:36 - 2023-12-31 13:22 - 000000000 ____D C:\Users\soere\AppData\Local\NuGet
2023-12-19 13:36 - 2023-12-19 13:36 - 000000000 ____D C:\Users\soere\.nuget
2023-12-19 13:32 - 2023-12-19 13:32 - 000000000 ____D C:\Users\soere\.librarymanager
2023-12-19 13:29 - 2023-12-19 13:32 - 000000000 ____D C:\Users\soere\AppData\Roaming\NuGet
2023-12-19 13:29 - 2023-12-19 13:29 - 000000000 ____D C:\Users\soere\AppData\Local\AzureFunctionsTools
2023-12-19 13:28 - 2023-12-19 13:28 - 000000000 ____D C:\Users\soere\Documents\My Web Sites
2023-12-19 13:28 - 2023-12-19 13:28 - 000000000 ____D C:\Users\soere\Documents\IISExpress
2023-12-19 13:28 - 2023-12-19 13:28 - 000000000 ____D C:\Program Files\IIS Express
2023-12-19 13:28 - 2023-12-19 13:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2023-12-19 13:28 - 2023-12-19 13:28 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2023-12-19 13:28 - 2023-12-19 13:28 - 000000000 ____D C:\Program Files (x86)\IIS Express
2023-12-19 13:22 - 2023-12-19 13:22 - 000000000 ____D C:\Users\soere\source
2023-12-19 13:00 - 2023-12-19 13:00 - 000001925 _____ C:\Users\soere\Downloads\BewerberAufgabe.md
2023-12-19 12:48 - 2023-12-19 12:52 - 000000000 ____D C:\ProgramData\Unity
2023-12-19 12:48 - 2023-12-19 12:48 - 000000000 ____D C:\Users\soere\AppData\Roaming\Unity
2023-12-19 12:48 - 2023-12-19 12:48 - 000000000 ____D C:\Users\soere\AppData\LocalLow\Unity
2023-12-19 12:48 - 2023-12-19 12:48 - 000000000 ____D C:\Users\soere\AppData\Local\Unity
2023-12-19 12:45 - 2023-12-20 03:30 - 000000000 ____D C:\Users\soere\AppData\Roaming\UnityHub
2023-12-19 12:45 - 2023-12-19 12:45 - 000000000 ____D C:\Users\soere\AppData\Roaming\Unity Hub
2023-12-14 02:41 - 2023-12-14 02:41 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-13 12:26 - 2023-12-13 12:26 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-13 12:22 - 2023-12-13 12:22 - 000000000 ___HD C:\$WinREAgent
2023-12-13 12:06 - 2023-12-13 12:06 - 000060767 _____ C:\Users\soere\Downloads\Twitch Extensions.zip
2023-12-12 14:29 - 2023-12-12 14:29 - 693065411 _____ C:\Users\soere\Downloads\ZuschauerSicht.mp4
2023-12-05 21:03 - 2023-12-05 21:03 - 000001892 _____ C:\Users\soere\Desktop\Game Center.lnk
2023-12-05 21:03 - 2023-12-05 21:03 - 000000779 _____ C:\Users\soere\Desktop\World of Tanks EU.lnk
2023-12-05 21:03 - 2023-12-05 21:03 - 000000000 ____D C:\Users\soere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2023-12-05 21:02 - 2023-12-05 21:02 - 004821648 _____ (Wargaming.net ) C:\Users\soere\Downloads\wargaming_game_center_install_eu_cxgo2ot6h7aw.exe
2023-12-05 21:02 - 2023-12-05 21:02 - 000000000 ____D C:\ProgramData\Wargaming.net
2023-12-05 20:59 - 2023-12-05 21:03 - 000000000 ____D C:\Users\soere\AppData\Roaming\Wargaming.net
2023-12-05 14:13 - 2023-12-05 14:13 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-12-05 14:10 - 2023-12-26 22:22 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-05 14:10 - 2023-12-26 22:22 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-12-05 14:10 - 2023-12-07 00:16 - 000004002 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{7175B6DF-9778-4709-B595-1C3D2228B04C}
2023-12-05 14:10 - 2023-12-07 00:16 - 000003878 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{A41DCD2B-2FF8-4999-B73F-6AF40C1E8F0E}
2023-12-05 14:10 - 2023-12-05 14:10 - 001375280 _____ (Google LLC) C:\Users\soere\Downloads\ChromeSetup.exe
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-02 14:57 - 2023-10-10 16:23 - 000000000 ____D C:\Users\soere\AppData\Roaming\Code
2024-01-02 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-02 14:45 - 2022-12-16 13:20 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-02 14:45 - 2022-12-16 12:59 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-02 14:43 - 2023-07-06 11:57 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-01-02 14:14 - 2022-12-16 14:21 - 000000000 ____D C:\Users\soere\AppData\Local\Discord
2024-01-02 13:58 - 2023-10-10 17:19 - 000000000 ____D C:\Users\soere\AppData\Local\.IdentityService
2024-01-02 13:14 - 2022-12-16 14:21 - 000000000 ____D C:\Users\soere\AppData\Roaming\discord
2024-01-02 12:38 - 2023-04-27 12:19 - 000000000 ____D C:\Program Files\Star Rail
2024-01-02 12:25 - 2022-12-16 12:23 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-02 11:40 - 2023-05-04 19:45 - 001869904 _____ (ANTICHEATEXPERT.COM) C:\WINDOWS\system32\Drivers\ACE-BASE.sys
2024-01-02 11:16 - 2022-12-28 00:08 - 000004172 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{195588D5-9A54-4231-B7E9-89B086E55604}
2024-01-02 11:13 - 2022-12-29 16:11 - 000000000 ___RD C:\Users\soere\iCloudDrive
2024-01-01 23:00 - 2022-12-16 13:52 - 000000000 ____D C:\ProgramData\Riot Games
2024-01-01 22:05 - 2022-12-16 14:06 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-01 19:31 - 2022-12-16 13:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-01 16:04 - 2023-10-10 17:19 - 000000000 ____D C:\Users\soere\Documents\Visual Studio 2022
2023-12-31 13:26 - 2022-12-16 12:28 - 000000000 ____D C:\Users\soere\AppData\Local\D3DSCache
2023-12-31 13:23 - 2023-10-10 17:10 - 000000000 ____D C:\Users\soere\.dotnet
2023-12-31 13:22 - 2023-10-10 17:19 - 000000000 ____D C:\Users\soere\.templateengine
2023-12-31 12:52 - 2022-12-16 13:28 - 001723308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-31 12:52 - 2019-12-07 15:51 - 000743838 _____ C:\WINDOWS\system32\perfh007.dat
2023-12-31 12:52 - 2019-12-07 15:51 - 000150260 _____ C:\WINDOWS\system32\perfc007.dat
2023-12-31 12:52 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-12-30 01:23 - 2022-12-16 19:20 - 000875536 _____ C:\WINDOWS\system32\wpbbin.exe
2023-12-30 01:23 - 2022-12-16 19:20 - 000861328 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe
2023-12-30 01:23 - 2022-12-16 13:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-30 01:23 - 2022-12-16 13:22 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-30 01:23 - 2022-12-16 12:24 - 000089232 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe
2023-12-30 01:23 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-12-28 00:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-28 00:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-26 03:56 - 2022-12-18 16:33 - 000000000 ____D C:\Users\soere\AppData\Local\CrashDumps
2023-12-25 16:41 - 2022-12-16 13:24 - 000004240 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1671191861
2023-12-25 16:41 - 2022-12-16 12:57 - 000001438 _____ C:\Users\soere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2023-12-25 16:39 - 2022-12-16 12:20 - 000002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-21 18:02 - 2023-10-10 17:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2023-12-21 18:02 - 2022-12-30 19:14 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-12-20 19:16 - 2022-12-16 14:21 - 000002231 _____ C:\Users\soere\Desktop\Discord.lnk
2023-12-19 18:46 - 2023-08-17 14:46 - 000000000 ____D C:\Program Files (x86)\Overwolf
2023-12-19 14:09 - 2022-12-29 17:42 - 000000000 ____D C:\Users\soere\AppData\Roaming\Microsoft\Teams
2023-12-19 13:36 - 2022-12-16 13:22 - 000000000 ____D C:\Users\soere
2023-12-19 13:29 - 2022-12-29 17:42 - 000002368 _____ C:\Users\soere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2023-12-19 13:28 - 2023-10-10 17:10 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2023-12-19 13:28 - 2023-10-10 17:10 - 000000000 ____D C:\WINDOWS\SysWOW64\1031
2023-12-19 13:28 - 2023-10-10 17:10 - 000000000 ____D C:\WINDOWS\system32\1033
2023-12-19 13:28 - 2023-10-10 17:10 - 000000000 ____D C:\WINDOWS\system32\1031
2023-12-19 13:28 - 2023-10-10 17:08 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2023-12-19 13:28 - 2023-10-10 17:05 - 000001433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2023-12-19 13:28 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-12-19 13:22 - 2022-12-16 12:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-12-19 13:01 - 2023-10-10 16:23 - 000000000 ____D C:\Users\soere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2023-12-19 12:45 - 2023-10-10 17:19 - 000000000 ____D C:\Users\soere\AppData\Local\unityhub-updater
2023-12-18 15:56 - 2023-06-06 17:14 - 000000000 ____D C:\ProgramData\XSplit
2023-12-15 21:21 - 2022-12-29 16:12 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-12-15 21:21 - 2022-12-29 16:12 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-12-15 21:21 - 2022-12-16 13:24 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3788760031-3244841089-4271810839-1001
2023-12-14 13:30 - 2022-12-16 12:24 - 000000000 ____D C:\Users\soere\AppData\Local\Packages
2023-12-14 02:42 - 2022-12-16 13:22 - 000484928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-14 02:41 - 2023-10-30 13:56 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2023-12-14 02:41 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-14 02:41 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-12-13 12:28 - 2019-12-07 15:54 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-12-13 12:28 - 2019-12-07 15:54 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2023-12-13 12:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-13 12:26 - 2022-12-16 13:24 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-12-12 20:07 - 2022-12-16 12:23 - 000000000 ____D C:\ProgramData\Packages
2023-12-12 20:06 - 2022-12-16 12:25 - 000000000 ____D C:\Users\soere\AppData\Local\PlaceholderTileLogoFolder
2023-12-12 13:37 - 2023-09-14 13:43 - 000263784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll
2023-12-12 13:37 - 2022-12-16 14:54 - 002754152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-12-12 13:37 - 2022-12-16 14:54 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-12-12 13:37 - 2022-12-16 14:54 - 000214632 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-12-12 13:37 - 2022-12-16 14:54 - 000194040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-12-12 13:37 - 2022-12-16 14:54 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-12-12 13:37 - 2022-12-16 14:54 - 000095736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-12-12 13:37 - 2022-12-16 14:54 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-12-08 00:54 - 2023-04-03 14:59 - 000000000 ____D C:\Users\soere\AppData\Roaming\texstudio
2023-12-07 19:06 - 2022-12-16 19:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-05 14:13 - 2023-07-29 23:00 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2023-12-05 14:13 - 2023-07-06 11:58 - 000003506 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2023-12-05 14:13 - 2022-12-29 16:07 - 000000000 ____D C:\Program Files\Microsoft Office
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-09-11 20:39 - 2023-11-27 22:36 - 000000171 _____ () C:\Users\soere\AppData\Roaming\BattleBitConfig.ini
2023-10-17 23:37 - 2023-10-17 23:37 - 000000016 _____ () C:\Users\soere\AppData\Roaming\obs-virtualcam.txt
2023-07-06 11:55 - 2023-07-06 11:55 - 000000410 _____ () C:\Users\soere\AppData\Local\oobelibMkey.log
2023-11-14 17:54 - 2023-11-15 11:22 - 000000128 _____ () C:\Users\soere\AppData\Local\PUTTY.RND
2023-09-04 02:39 - 2023-09-04 02:39 - 000007605 _____ () C:\Users\soere\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu Windows10: Windows Defender meldet Wacatac.B!ml Trojaner |
| administrator, adobe, bonjour, defender, download, geforce, google, internet, microsoft, mozilla, nvidia, opera, ordner, pdf, performance, port, prozesse, registry, scan, secure, server, software, svchost.exe, trojaner, windows |
Baum-Darstellung