Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows 11: Möglicherweise einen Keylogger eingefangen

Windows 11: Möglicherweise einen Keylogger eingefangen


Plagegeister aller Art und deren Bekämpfung: Windows 11: Möglicherweise einen Keylogger eingefangen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 22.02.2024, 03:25   #1
ChristopherN
 
Windows 11: Möglicherweise einen Keylogger eingefangen - Standard

Windows 11: Möglicherweise einen Keylogger eingefangen


Guten Abend liebes Board,

gestern sind eigenartige Dinge vorgefallen, die mich sehr beschäftigen, insbesondere hinsichtlich der Sicherheit meiner Accounts. Habe auf einem anderem System welches definitv nicht von Schadsoftware befallen sein kann, meine Passwörter geändert. Jedoch fürchte ich weiterhin um meine Daten. Dieses System hier scheint kompromittiert und deshalb brauche ich euch Experten um mir Klarheit und die Ausmaße dieses Problems zu begreifen.

Wie von euch gewünscht, die Logs:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19.02.2024 02
durchgeführt von Christopher (Administrator) auf CHRIS-RYZEN (Gigabyte Technology Co., Ltd. X570 AORUS ELITE) (22-02-2024 03:18:38)
Gestartet von C:\Users\Christopher\Downloads\FRST64.exe
Geladene Profile: Christopher
Plattform: Microsoft Windows 11 Pro Version 23H2 22631.3155 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser nicht gefunden!
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.40.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe <6>
(explorer.exe ->) (ADLICE -> ) C:\Users\Christopher\Downloads\RogueKiller_portable64.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <15>
(Node.js Foundation -> Node.js) C:\Users\Christopher\AppData\Roaming\Java\jre8\bin\java.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (Creative Technology Ltd -> Creative Technology Ltd) C:\Program Files (x86)\Creative\Creative App\Creative.VADMonitorService.exe
(services.exe ->) (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_0772df9f9e65a702\logi_lamparray_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_1b8f9115c198ff0c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe <2>
(services.exe ->) (TunnelBear (McAfee Canada ULC) -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <6>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.40.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe [1249848 2021-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Elgato Sound Capture] => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe [1234944 2021-08-22] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [Creative.Creative App] => C:\Program Files (x86)\Creative\Creative App\Creative.App.exe [380888 2023-02-22] (Creative Technology Ltd -> Creative Technology Ltd.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2044576 2023-12-13] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2598328 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2598328 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2108826960-4211556212-834145737-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46010112 2024-02-07] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2108826960-4211556212-834145737-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2108826960-4211556212-834145737-1001\...\Run: [MicrosoftEdgeAutoLaunch_741E772D9DD9CECA94A4FC008585852B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2108826960-4211556212-834145737-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2108826960-4211556212-834145737-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2730600 2024-02-22] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2108826960-4211556212-834145737-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Christopher\AppData\Local\Microsoft\Teams\Update.exe [2589872 2023-11-15] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2108826960-4211556212-834145737-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37371856 2024-02-20] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2108826960-4211556212-834145737-1001\...\Run: [shdoclc] => wscript.exe "C:\Users\Christopher\AppData\Roaming\Microsoft\Windows NT\shdoclc.js" [185 2024-02-22] () [Datei ist nicht signiert]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {781CACBF-14A2-4BBF-8B16-6ED87E12F610} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {64F2550E-A1F8-4C8F-8C25-F22BC64BE9B0} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [313192 2023-06-26] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {3F802E09-B6CD-4AED-A39F-07910C85B1DD} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1881448 2023-06-26] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {5C454918-96D8-4F55-9414-AD9208F2C273} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-09-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {0FE60EB1-3FD2-4CBC-B6D8-D84E3D99F09E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-09-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {A41F7E84-20EB-4665-86E9-E24F51E7E44A} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2023-05-31] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {6E0F5B9D-F8F9-407A-B13D-733DCC0F7DFC} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (Keine Datei)
Task: {B906CCB5-5C8A-40F7-8C3D-CE9C670DD808} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem123.0.6288.0{0E7C8859-48CD-4CE0-B2AB-5D1A378421EE} => C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ACHTUNG
Task: {BBFE8024-554A-4EF4-A018-E12A2A051E19} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E4FAE73-1CFA-404A-91F0-54479BC5CA04} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {B421CFFA-30F6-4697-9AE2-63FAD619FF43} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {14666FF2-69CC-4E3F-9D82-4908C9993D80} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Keine Datei)
Task: {D521011B-1944-4205-AE7A-284D8D14121A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC RebootDialog (Keine Datei)
Task: {7C989995-8C0F-4EF5-95C1-D48EF41D85BC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery RebootDialog (Keine Datei)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {BCDE4022-974A-4731-8BA3-603704BF4396} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3128C070-7884-45B5-B6D0-2E76502534AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {978DE02B-5028-4B24-AD1B-B5C29C559662} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {30F07E05-EC9A-41AD-BB16-DA4CD7B9E37D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {54B7C1D7-E01D-48A2-9708-98B23E440EE7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {60283C87-7D1E-4B9F-ADB8-EEC641D9A34D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A592740F-9436-4C38-BCCC-FD81AC993788} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E7790E3B-CA83-472A-838F-DEF7FAC48A43} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {019FEC21-68DD-4188-B8E4-B775A1C01E51} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7052FCCA-1366-4C85-B352-0BC539040B22} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {647A6B10-B849-49E8-BB1D-7F53EF6F1B01} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1CE556F-BE0A-4A8F-BE08-35178B02B6B6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C1C339A-8226-48A2-8495-4F368DAE513F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1AFEC67B-3E47-4391-B071-BF3D0C31ADBD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8ADA628F-5CF7-401C-8CAB-459DC702D84C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {51EE51B6-DB25-4B4E-89EE-6D71F13BD3E7} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2108826960-4211556212-834145737-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\..\Interfaces\{03108b26-6233-40bb-ba91-a94abcc85185}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{03108b26-6233-40bb-ba91-a94abcc85185}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{03108b26-6233-40bb-ba91-a94abcc85185}: [DhcpDomain] fritz.box

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Christopher\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-22]
Edge Extension: (Google Docs Offline) - C:\Users\Christopher\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-22]
Edge Extension: (Edge relevant text changes) - C:\Users\Christopher\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Automatic Twitch: Drops, Moments and Points) - C:\Users\Christopher\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfhgpagdjjoieckminnmigmpeclkdmjm [2024-01-25]
Edge Extension: (uBlock Origin) - C:\Users\Christopher\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2024-02-18]

FireFox:
========
FF DefaultProfile: kvjo2z5k.default
FF ProfilePath: C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\kvjo2z5k.default [2021-09-07]
FF ProfilePath: C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\2q1on2jj.default-release [2024-02-22]
FF Homepage: Mozilla\Firefox\Profiles\2q1on2jj.default-release -> web.de
FF NetworkProxy: Mozilla\Firefox\Profiles\2q1on2jj.default-release -> autoconfig_url", "hxxps://dns.controld.com/2g6lxjc442r"
FF Extension: (uBlock Origin) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\2q1on2jj.default-release\Extensions\uBlock0@raymondhill.net.xpi [2024-02-21]
FF Extension: (Video DownloadHelper) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\2q1on2jj.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-02-18]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-10] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-02-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [401880 2024-01-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe [457544 2021-10-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-09-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-05-19] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-09-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [591176 2021-09-16] (ASUSTeK Computer Inc. -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15820584 2024-02-15] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Creative.VADMonitorService; C:\Program Files (x86)\Creative\Creative App\Creative.VADMonitorService.exe [33896 2022-08-01] (Creative Technology Ltd -> Creative Technology Ltd)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [458240 2020-03-12] (Creative Technology Ltd) [Datei ist nicht signiert]
S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [51393352 2024-01-26] (Electronic Arts, Inc. -> Electronic Arts)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12094568 2024-02-22] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [954704 2024-02-03] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncHelper.exe [3515936 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2350048 2024-02-17] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-09-09] (GOG  sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
S2 GoogleUpdaterInternalService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ACHTUNG
S2 GoogleUpdaterService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ACHTUNG
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10962688 2024-02-07] (Logitech Inc -> Logitech, Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4801896 2023-12-01] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_0772df9f9e65a702\logi_lamparray_service.exe [9887216 2024-02-07] (Logitech Inc -> Logitech, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-02-22] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-02-22] (Malwarebytes Inc. -> Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [11910760 2021-12-19] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_1b8f9115c198ff0c\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-01-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\OneDriveUpdaterService.exe [3853856 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1932248 2023-11-28] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2024-02-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [142864 2023-08-30] (TunnelBear (McAfee Canada ULC) -> TunnelBear)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [310216 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2021-10-21] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [49256 2022-08-15] (ASUSTeK COMPUTER INC. -> )
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 CTIAIO; C:\WINDOWS\system32\drivers\CtiAIo64.sys [34520 2023-12-29] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [32296 2022-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 e60MZ0380.X64; C:\WINDOWS\System32\drivers\e60MZ0380.X64.SYS [3896880 2021-10-07] (Corsair Memory, Inc. -> )
R3 ElgatoVAD; C:\WINDOWS\System32\drivers\ElgatoVAD.sys [39208 2020-11-08] (Elgato Systems LLC -> Elgato Systems GmbH)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218592 2024-02-22] (Microsoft Windows -> Microsoft Corporation)
S3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [44760 2022-09-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54752 2023-01-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47928 2018-04-30] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-23] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-23] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-23] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_0772df9f9e65a702\logi_lamparray.sys [89072 2024-02-07] (Logitech Inc -> Logitech, Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-02-22] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 polarbear-split-tunneling; C:\Program Files (x86)\TunnelBear\Drivers\x64\SplitTunnelingDriver.sys [29176 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2023-07-10] (TunnelBear, Inc. -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [54208 2024-02-22] (ADLICE (Julien Ascoet) -> )
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2024-02-22] (Microsoft Windows -> )
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74064 2023-12-13] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\GIGABYTE\RGBFusion\MODAPI.sys [14544 2022-08-06] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2023-11-22] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
S3 KSUSBfilt64; \SystemRoot\system32\drivers\KSUSBfilt64.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-02-22 03:17 - 2024-02-22 03:17 - 000000000 ____D C:\Users\Christopher\AppData\Local\Backup
2024-02-22 03:09 - 2024-02-22 03:09 - 000758838 _____ C:\WINDOWS\system32\perfh007.dat
2024-02-22 03:09 - 2024-02-22 03:09 - 000157058 _____ C:\WINDOWS\system32\perfc007.dat
2024-02-22 03:05 - 2024-02-22 03:05 - 000054208 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2024-02-22 03:03 - 2024-02-22 03:03 - 000000448 __RSH C:\ProgramData\ntuser.pol
2024-02-22 03:01 - 2024-02-22 03:01 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows NT
2024-02-22 02:46 - 2024-02-22 02:54 - 000001053 _____ C:\Users\Christopher\Downloads\rk.txt
2024-02-22 02:38 - 2024-02-22 02:43 - 000000000 ____D C:\Users\Christopher\Downloads\RogueKiller
2024-02-22 02:38 - 2024-02-22 02:38 - 036149680 _____ C:\Users\Christopher\Downloads\RogueKiller_portable64.exe
2024-02-22 02:28 - 2024-02-22 02:29 - 000124181 _____ C:\Users\Christopher\Downloads\Addition.txt
2024-02-22 02:27 - 2024-02-22 03:19 - 000032268 _____ C:\Users\Christopher\Downloads\FRST.txt
2024-02-22 01:52 - 2024-02-22 01:52 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-02-22 01:52 - 2024-02-22 01:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\mde
2024-02-22 01:46 - 2024-02-22 01:46 - 000060462 _____ C:\WINDOWS\SysWOW64\ctac.json
2024-02-22 01:46 - 2024-02-22 01:46 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-22 01:45 - 2024-02-22 01:45 - 000060462 _____ C:\WINDOWS\system32\ctac.json
2024-02-22 01:45 - 2024-02-22 01:45 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-22 01:42 - 2024-02-22 01:43 - 000000000 ___HD C:\$WinREAgent
2024-02-22 01:23 - 2024-02-22 01:25 - 000000000 ____D C:\AdwCleaner
2024-02-22 01:23 - 2024-02-22 01:23 - 008797968 _____ (Malwarebytes) C:\Users\Christopher\Downloads\adwcleaner.exe
2024-02-22 01:19 - 2024-02-22 01:19 - 002585496 _____ (Malwarebytes) C:\Users\Christopher\Downloads\MBSetup.exe
2024-02-22 01:16 - 2024-02-22 03:18 - 000000000 ____D C:\FRST
2024-02-22 01:15 - 2024-02-22 01:15 - 002386944 _____ (Farbar) C:\Users\Christopher\Downloads\FRST64.exe
2024-02-22 00:58 - 2024-02-22 02:45 - 000000000 ____D C:\Users\Christopher\AppData\Local\Malwarebytes
2024-02-22 00:57 - 2024-02-22 01:22 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-02-22 00:57 - 2024-02-22 01:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-02-22 00:57 - 2024-02-22 01:21 - 000000000 ____D C:\Program Files\Malwarebytes
2024-02-20 23:20 - 2024-02-20 23:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-02-19 13:28 - 2024-02-19 13:28 - 000927065 _____ C:\Users\Christopher\Downloads\MAN 647 SIHRM_overview 2024.pdf
2024-02-19 13:27 - 2024-02-19 13:27 - 006659530 _____ C:\Users\Christopher\Downloads\MAN 647 SIHRM lecture slides.pdf
2024-02-18 03:52 - 2024-02-19 12:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-02-17 21:25 - 2024-02-17 21:25 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\Java
2024-02-17 20:47 - 2024-02-17 20:48 - 000000000 ___HD C:\ProgramData\DNTException
2024-02-17 20:46 - 2024-02-17 20:46 - 000000000 ____D C:\Users\Christopher\OneDrive\Dokumente\Atlantis
2024-02-17 20:46 - 2024-02-17 20:46 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\UIRmake
2024-02-17 20:46 - 2024-02-17 20:46 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\Atlantis
2024-02-17 20:46 - 2024-02-17 20:46 - 000000000 ____D C:\ProgramData\Canon_Inc_IC
2024-02-17 20:46 - 2024-02-17 20:46 - 000000000 ____D C:\ProgramData\Atlantis
2024-02-17 19:34 - 2024-02-17 19:34 - 000001272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2024-02-17 19:34 - 2024-02-17 19:34 - 000000000 ____D C:\Users\Christopher\AppData\Local\EpicGamesLauncher
2024-02-15 22:20 - 2024-02-15 22:20 - 000000797 _____ C:\Users\Christopher\OneDrive\Desktop\World of Tanks EU.lnk
2024-02-13 02:16 - 2024-02-13 02:16 - 001468407 _____ C:\Users\Christopher\Downloads\Lecture 1.pdf
2024-02-13 02:01 - 2024-02-13 02:01 - 001362936 _____ C:\Users\Christopher\Downloads\Lecture 0.pdf
2024-02-13 01:43 - 2024-02-13 01:43 - 006957226 _____ C:\Users\Christopher\Downloads\Training and Development - Part 1 - Part 3 (2.0) (Macro).pdf
2024-02-09 14:35 - 2024-02-18 00:40 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2024-02-09 14:35 - 2024-02-15 22:36 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\Wargaming.net
2024-02-09 14:35 - 2024-02-09 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2024-02-09 14:35 - 2024-02-09 14:35 - 000000000 ____D C:\Program Files (x86)\Wargaming.net
2024-02-09 14:33 - 2024-02-15 22:18 - 000000000 ____D C:\ProgramData\Wargaming.net
2024-02-09 12:56 - 2024-02-09 12:56 - 000000000 ____D C:\Users\Christopher\AppData\Local\ReadyOrNot
2024-02-09 12:56 - 2024-02-09 12:56 - 000000000 ____D C:\Users\Christopher\AppData\Local\mod.io
2024-02-08 20:43 - 2024-02-08 20:43 - 000000000 ____D C:\Users\Christopher\AppData\LocalLow\Bithell Games
2024-02-07 13:42 - 2024-02-07 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-02-07 13:42 - 2024-02-07 13:42 - 000000000 ____D C:\Program Files\LGHUB
2024-02-06 21:46 - 2024-02-06 21:46 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\EA
2024-02-06 21:34 - 2024-02-06 21:46 - 000000000 ____D C:\Program Files\EA
2024-02-06 21:34 - 2024-02-06 21:34 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2024-02-06 21:34 - 2024-02-06 21:34 - 000000000 ____D C:\ProgramData\eaanticheat
2024-02-06 21:20 - 2024-02-06 21:20 - 000000000 ____D C:\Users\Christopher\AppData\Local\Link2EA
2024-02-05 18:51 - 2024-02-08 18:36 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\EasyAntiCheat
2024-02-05 10:35 - 2024-02-05 10:35 - 000000000 ____D C:\WINDOWS\Panther
2024-02-05 03:18 - 2024-02-05 03:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2024-02-05 00:07 - 2024-02-05 00:08 - 000000000 ____D C:\Users\Christopher\AppData\Local\DayZ Launcher
2024-02-05 00:07 - 2024-02-05 00:08 - 000000000 ____D C:\Users\Christopher\AppData\Local\DayZ
2024-02-05 00:07 - 2024-02-05 00:07 - 000000000 ____D C:\Users\Christopher\OneDrive\Dokumente\DayZ
2024-02-05 00:07 - 2024-02-05 00:07 - 000000000 ____D C:\Users\Christopher\AppData\Local\Bohemia_Interactive_a.s
2024-02-04 18:38 - 2024-02-04 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer 2024
2024-02-04 18:37 - 2024-02-04 18:37 - 000000000 ____D C:\Program Files\WISO
2024-01-31 23:46 - 2024-02-15 23:50 - 000000000 ____D C:\Users\Christopher\AppData\Local\BattlEye
2024-01-31 22:20 - 2024-01-31 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2024-01-31 22:20 - 2024-01-31 22:20 - 000000000 ____D C:\ProgramData\Battlestate Games
2024-01-28 19:35 - 2024-01-28 19:35 - 000000000 ____D C:\ProgramData\obs-studio
2024-01-24 21:36 - 2024-01-19 00:38 - 002095464 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-01-24 21:36 - 2024-01-19 00:38 - 002095464 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-01-24 21:36 - 2024-01-19 00:38 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-01-24 21:36 - 2024-01-19 00:38 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-01-24 21:36 - 2024-01-19 00:38 - 001278720 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-01-24 21:36 - 2024-01-19 00:38 - 001278720 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-01-24 21:36 - 2024-01-19 00:37 - 001487376 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-01-24 21:36 - 2024-01-19 00:37 - 001434472 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-01-24 21:36 - 2024-01-19 00:37 - 001434472 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-01-24 21:36 - 2024-01-19 00:37 - 001226768 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-01-24 21:36 - 2024-01-19 00:33 - 001542176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-01-24 21:36 - 2024-01-19 00:33 - 001199112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-01-24 21:36 - 2024-01-19 00:33 - 001040504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-01-24 21:36 - 2024-01-19 00:33 - 000670344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-01-24 21:36 - 2024-01-19 00:33 - 000505992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-01-24 21:36 - 2024-01-19 00:32 - 002173984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-01-24 21:36 - 2024-01-19 00:32 - 001625736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-01-24 21:36 - 2024-01-19 00:32 - 001023608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-01-24 21:36 - 2024-01-19 00:32 - 000841848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-01-24 21:36 - 2024-01-19 00:32 - 000787064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-01-24 21:36 - 2024-01-19 00:31 - 016032784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-01-24 21:36 - 2024-01-19 00:31 - 012928120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-01-24 21:36 - 2024-01-19 00:31 - 006781064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-01-24 21:36 - 2024-01-19 00:31 - 005907464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-01-24 21:36 - 2024-01-19 00:31 - 005772920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-01-24 21:36 - 2024-01-19 00:31 - 003721224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-01-24 21:36 - 2024-01-19 00:31 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-01-24 21:36 - 2024-01-19 00:30 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-01-24 21:36 - 2024-01-18 12:32 - 000120271 _____ C:\WINDOWS\system32\nvinfo.pb

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-02-22 03:15 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-22 03:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-22 03:09 - 2022-09-21 19:25 - 001754660 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-22 03:09 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-02-22 03:03 - 2024-01-06 13:07 - 000000440 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2024-02-22 03:03 - 2023-08-24 20:14 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\asus_framework
2024-02-22 03:03 - 2022-09-21 19:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-22 03:03 - 2022-09-21 19:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-22 03:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-22 03:03 - 2021-09-08 01:00 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-22 03:03 - 2021-09-07 19:28 - 000000000 ____D C:\Users\Christopher\AppData\Local\LGHUB
2024-02-22 03:03 - 2021-09-07 19:25 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-22 03:02 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-02-22 02:56 - 2023-08-31 22:51 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\G HUB
2024-02-22 02:48 - 2022-09-21 19:22 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-02-22 02:39 - 2021-09-07 19:36 - 000000000 ____D C:\Program Files (x86)\Steam
2024-02-22 02:21 - 2021-09-07 19:12 - 000000000 ____D C:\Users\Christopher\AppData\Local\Google
2024-02-22 02:13 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-22 02:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-22 02:13 - 2021-09-07 19:10 - 000000000 ____D C:\Users\Christopher\AppData\Local\D3DSCache
2024-02-22 02:10 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-22 02:10 - 2021-09-07 19:10 - 000000000 ____D C:\Users\Christopher\AppData\Local\Packages
2024-02-22 02:10 - 2021-09-07 19:10 - 000000000 ____D C:\ProgramData\Packages
2024-02-22 02:05 - 2021-09-07 19:36 - 000000000 ____D C:\Users\Christopher\AppData\Local\Steam
2024-02-22 01:55 - 2022-09-21 18:46 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Spelling
2024-02-22 01:54 - 2021-09-08 01:00 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-22 01:53 - 2022-09-21 19:22 - 000480392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-22 01:52 - 2023-11-22 19:28 - 000000000 ____D C:\Program Files\Hyper-V
2024-02-22 01:52 - 2023-07-04 09:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2024-02-22 01:52 - 2022-05-07 11:39 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-02-22 01:52 - 2022-05-07 11:39 - 000000000 ____D C:\WINDOWS\InboxApps
2024-02-22 01:52 - 2022-05-07 11:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-02-22 01:52 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2024-02-22 01:52 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\de
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\WUModels
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\id-ID
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\appcompat
2024-02-22 01:52 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2024-02-22 01:52 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2024-02-22 01:50 - 2022-05-07 11:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-02-22 01:50 - 2022-05-07 11:39 - 000023775 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-02-22 01:50 - 2022-05-07 06:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-02-22 01:50 - 2022-05-07 06:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-02-22 01:47 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-22 01:46 - 2022-09-21 19:25 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-22 01:43 - 2021-09-07 23:05 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\discord
2024-02-22 01:42 - 2021-09-07 23:05 - 000000000 ____D C:\Users\Christopher\AppData\Local\Discord
2024-02-22 01:41 - 2021-09-09 21:04 - 000000000 ____D C:\Program Files\dotnet
2024-02-22 01:41 - 2021-09-07 21:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-02-22 01:41 - 2021-09-07 20:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-22 01:41 - 2021-09-07 19:13 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-22 01:39 - 2021-09-07 20:59 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-22 01:21 - 2023-09-13 22:22 - 000000000 ____D C:\Users\Christopher\AppData\Local\WeMod
2024-02-22 01:21 - 2023-06-05 13:54 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\WeMod
2024-02-22 01:21 - 2021-10-13 10:41 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2024-02-22 00:57 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-02-22 00:46 - 2021-09-09 09:38 - 000000000 ____D C:\ProgramData\EA Desktop
2024-02-22 00:46 - 2021-09-07 20:41 - 000000000 ____D C:\Users\Christopher\AppData\Local\Ubisoft Game Launcher
2024-02-22 00:41 - 2021-09-14 20:01 - 000000000 ____D C:\Program Files\ASUS
2024-02-21 00:22 - 2021-09-09 09:46 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\TS3Client
2024-02-20 23:20 - 2021-09-07 19:16 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-20 01:32 - 2021-09-08 12:05 - 000000000 ____D C:\Users\Christopher\AppData\Local\Battle.net
2024-02-19 23:36 - 2023-11-22 22:09 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2024-02-19 12:08 - 2021-09-07 21:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-18 12:29 - 2021-09-07 21:07 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-02-18 02:17 - 2021-09-08 11:58 - 000000000 ____D C:\Users\Christopher\AppData\Local\CrashDumps
2024-02-17 20:34 - 2021-09-07 20:41 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2024-02-17 19:35 - 2021-09-07 19:37 - 000000000 ____D C:\ProgramData\Epic
2024-02-17 19:34 - 2021-09-07 19:37 - 000000000 ____D C:\Program Files (x86)\Epic Games
2024-02-17 11:46 - 2021-09-09 20:31 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-02-17 00:49 - 2022-03-02 15:16 - 000000000 ____D C:\Games
2024-02-17 00:01 - 2022-09-21 19:25 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2108826960-4211556212-834145737-1001
2024-02-17 00:01 - 2022-09-21 19:25 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-02-17 00:01 - 2021-09-07 20:12 - 000002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-16 11:43 - 2022-10-22 21:18 - 000095848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-02-16 11:43 - 2022-10-22 21:18 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-02-16 11:43 - 2021-11-18 11:20 - 000202344 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-02-16 11:43 - 2021-09-07 21:38 - 002713080 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-02-16 11:43 - 2021-09-07 21:38 - 000689656 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-02-16 11:43 - 2021-09-07 21:38 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-02-16 11:43 - 2021-09-07 21:38 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-02-16 11:43 - 2021-09-07 20:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-02-15 10:48 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-14 01:21 - 2022-10-17 17:30 - 000002085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-14 01:21 - 2022-09-21 19:25 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-06 21:46 - 2023-12-27 20:20 - 000000000 ____D C:\ProgramData\Packer
2024-02-06 21:46 - 2021-12-30 17:29 - 000000000 ____D C:\Users\Christopher\OneDrive\Dokumente\Battlefield 2042
2024-02-06 21:46 - 2021-09-22 16:58 - 000000000 ____D C:\ProgramData\Origin
2024-02-06 17:44 - 2023-02-05 22:34 - 000000000 ____D C:\WINDOWS\Minidump
2024-02-06 17:39 - 2021-09-09 09:26 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Word
2024-02-06 17:30 - 2022-09-21 18:46 - 000000000 ____D C:\Users\Christopher
2024-02-05 21:29 - 2022-09-21 19:25 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-05 21:29 - 2022-09-21 19:25 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-04 23:38 - 2022-10-17 21:39 - 000000000 ____D C:\Program Files (x86)\wsr
2024-02-04 21:17 - 2023-12-30 16:34 - 000000000 ____D C:\Users\Christopher\AppData\LocalLow\Battlestate Games
2024-02-04 19:55 - 2023-12-30 13:42 - 000000000 ____D C:\Battlestate Games
2024-02-04 18:42 - 2021-09-07 21:23 - 000000000 ____D C:\Users\Christopher\OneDrive\Dokumente\steuer
2024-02-04 18:38 - 2021-12-30 21:04 - 000000000 ____D C:\Users\Christopher\AppData\Local\Buhl
2024-02-04 18:37 - 2021-12-30 21:03 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH
2024-02-04 18:37 - 2021-09-07 21:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-02-03 20:56 - 2021-10-18 22:27 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2024-02-01 22:15 - 2021-09-07 19:28 - 000000000 ____D C:\Users\Christopher\AppData\Local\NVIDIA
2024-01-31 22:20 - 2023-12-30 13:42 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\Battlestate Games
2024-01-31 22:20 - 2023-12-30 13:42 - 000000000 ____D C:\Users\Christopher\AppData\Local\Battlestate Games
2024-01-30 13:57 - 2022-05-30 20:58 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\obs-studio
2024-01-30 13:54 - 2021-09-07 22:29 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\Elgato
2024-01-28 09:13 - 2021-09-08 12:42 - 000000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Excel
2024-01-25 14:55 - 2021-09-08 12:05 - 000000000 ____D C:\Program Files (x86)\Battle.net

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2023-03-06 14:59 - 2023-03-16 20:45 - 000015648 _____ () C:\Users\Christopher\AppData\Roaming\-1271964237
2023-06-16 13:29 - 2024-01-17 00:02 - 000000128 _____ () C:\Users\Christopher\AppData\Roaming\winscp.rnd
2021-12-19 17:44 - 2021-12-19 17:44 - 000000389 _____ () C:\Users\Christopher\AppData\Roaming\x4jo2D4GcQ
2022-08-09 15:47 - 2022-08-09 15:47 - 000005966 _____ () C:\Users\Christopher\AppData\Local\1661597446
2022-03-14 19:30 - 2022-03-14 19:30 - 000006246 _____ () C:\Users\Christopher\AppData\Local\2240114613
2023-04-16 13:48 - 2023-04-16 13:48 - 000003998 _____ () C:\Users\Christopher\AppData\Local\3260404094
2023-06-09 12:50 - 2024-01-15 10:45 - 000005254 _____ () C:\Users\Christopher\AppData\Local\357009403
2022-11-25 20:58 - 2022-11-25 20:58 - 000006254 _____ () C:\Users\Christopher\AppData\Local\3663574423
2023-05-17 19:13 - 2023-05-17 19:13 - 000005382 _____ () C:\Users\Christopher\AppData\Local\91114846003
2023-04-17 21:05 - 2023-04-17 21:05 - 000005998 _____ () C:\Users\Christopher\AppData\Local\9154164905
2023-05-21 13:23 - 2023-05-21 13:23 - 000005894 _____ () C:\Users\Christopher\AppData\Local\92328901638
2023-03-19 20:53 - 2023-03-19 20:53 - 000006598 _____ () C:\Users\Christopher\AppData\Local\92557321650
2023-02-21 19:34 - 2023-02-21 19:34 - 000006598 _____ () C:\Users\Christopher\AppData\Local\92580481036
2023-02-23 22:19 - 2023-02-23 22:19 - 000006598 _____ () C:\Users\Christopher\AppData\Local\92761170034
2023-03-01 21:47 - 2023-03-09 19:00 - 000006598 _____ () C:\Users\Christopher\AppData\Local\93803181808
2023-12-08 00:46 - 2023-12-08 00:46 - 000005998 _____ () C:\Users\Christopher\AppData\Local\9437468409
2021-09-08 14:08 - 2022-02-11 04:22 - 000007602 _____ () C:\Users\Christopher\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
Addition im zweiten Beitrag.

 

Themen zu Windows 11: Möglicherweise einen Keylogger eingefangen
administrator, adobe, bonjour, computer, defender, desktop, firefox, homepage, installation, internet, mozilla, nvidia, prozesse, realtek, registry, rundll, scan, server, services.exe, sicherheit, svchost.exe, system, updates, windows, wiso


« Gesperrter Bildschirm mit Geldforderungen | PC ggf. per Remote-Verbindung gesteuert, Policies/Unsignierte Treiber auffällig im Log »


Ähnliche Themen: Windows 11: Möglicherweise einen Keylogger eingefangen


  1. Windows 10: Phishing, Fake Software installiert, Keylogger eingefangen ?
    Log-Analyse und Auswertung - 07.04.2022 (9)
  2. Habe einen Keylogger
    Plagegeister aller Art und deren Bekämpfung - 31.12.2016 (5)
  3. Ich habe mir möglicherweise einen Trojaner eingefangen beim öffnen eines ZIP Files als Mail Anhang
    Log-Analyse und Auswertung - 22.09.2015 (5)
  4. Ich habe mir möglicherweise einen Trojaner eingefangen beim öffnen eines ZIP Files als Mail Anhang
    Log-Analyse und Auswertung - 16.09.2015 (6)
  5. Möglicherweise DHL-Trojaner eingefangen
    Plagegeister aller Art und deren Bekämpfung - 09.06.2015 (11)
  6. Habe möglicherweise einen Virus / Trojaner
    Plagegeister aller Art und deren Bekämpfung - 04.06.2015 (3)
  7. Möglicherweise Trojaner eingefangen...?
    Plagegeister aller Art und deren Bekämpfung - 15.12.2014 (15)
  8. Falsche Telekomrechnung geöffnet - Trojaner möglicherweise eingefangen
    Plagegeister aller Art und deren Bekämpfung - 24.11.2014 (16)
  9. Falsche Telekomrechnung geöffnet - Trojaner möglicherweise eingefangen
    Log-Analyse und Auswertung - 20.11.2014 (3)
  10. Habe ich mir einen Bundespolizei-Trojaner eingefangen? Windows 7, Firefox
    Plagegeister aller Art und deren Bekämpfung - 26.11.2013 (9)
  11. Möglicherweise etwas eingefangen?
    Log-Analyse und Auswertung - 14.05.2013 (2)
  12. Möglicherweise Trojaner eingefangen
    Plagegeister aller Art und deren Bekämpfung - 01.07.2011 (1)
  13. Hab ich einen Keylogger ?
    Plagegeister aller Art und deren Bekämpfung - 21.12.2010 (12)
  14. Möglicherweise DNSChanger eingefangen?
    Plagegeister aller Art und deren Bekämpfung - 20.03.2009 (15)
  15. Habe einen Keylogger
    Mülltonne - 05.01.2009 (0)
  16. Verdacht auf einen Keylogger
    Log-Analyse und Auswertung - 05.09.2008 (1)
  17. hab mir einen Trojaner mit gefakten windows alerts eingefangen!
    Plagegeister aller Art und deren Bekämpfung - 05.10.2007 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 11: Möglicherweise einen Keylogger eingefangen - Guten Abend liebes Board, gestern sind eigenartige Dinge vorgefallen, die mich sehr beschäftigen, insbesondere hinsichtlich der Sicherheit meiner Accounts. Habe auf einem anderem System welches definitv nicht von Schadsoftware befallen - Windows 11: Möglicherweise einen Keylogger eingefangen...
Archiv
Du betrachtest: Windows 11: Möglicherweise einen Keylogger eingefangen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131