![]() |
|
Plagegeister aller Art und deren Bekämpfung: Trojaner oder Malware eingefangen? Gimp Updater wird als Malware erkanntWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() | #1 |
| ![]() Trojaner oder Malware eingefangen? Gimp Updater wird als Malware erkannt Hallo zusammen, ich glaube ich habe mir Malware eingefangen und diese sind nicht durch Malwarebytes erfolgreich gelöscht worden. Würdet ihr bitte einmal über mein System drüberschauen und mir sagen ob noch Probleme bestehen. Die Malware war wohl Gimp Updater. Ich kann bei Bedarf auch gerne noch die Logdaten von Malwarebytes posten. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26.02.2024 01 durchgeführt von Lil Vamp (Administrator) auf DESKTOP-M7EP8UC (Micro-Star International Co., Ltd. MS-7A38) (27-02-2024 14:09:26) Gestartet von C:\Users\Lil Vamp\Downloads\FRST64.exe Geladene Profile: Lil Vamp Plattform: Microsoft Windows 10 Pro Version 22H2 19045.4046 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Beijing Sogou Technology Development Co., Ltd. -> Sogou.com Inc.) C:\Program Files (x86)\SogouInput\9.8.0.3746\SGTool.exe (C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Users\Lil Vamp\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Lil Vamp\AppData\Local\Microsoft\OneDrive\24.020.0128.0003\Microsoft.SharePoint.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wuapihost.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe (services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe (svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe (svchost.exe ->) (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2> (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2311.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.124.1221.0_x64__8wekyb3d8bbwe\GameBar.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.124.1221.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Lil Vamp\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Genshin Impact_Launcher] => [X] HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin) [Datei ist nicht signiert] HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2008856 2021-12-08] (Cisco Systems, Inc. -> Cisco Systems, Inc.) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG HKU\S-1-5-21-2168636311-4045087428-3637539368-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\Lil Vamp\AppData\Local\slack\Update.exe [1584656 2018-11-11] (Slack Technologies, Inc. -> ) HKU\S-1-5-21-2168636311-4045087428-3637539368-1001\...\Run: [ctfmon] => C:\WINDOWS\system32\ctfmon.exe [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-2168636311-4045087428-3637539368-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90952568 2020-10-09] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-2168636311-4045087428-3637539368-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Lil Vamp\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-18] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-2168636311-4045087428-3637539368-1001\...\Run: [Blizz] => C:\Users\Lil Vamp\AppData\Roaming\Blizz\Blizz.exe [39442048 2020-04-08] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) HKU\S-1-5-21-2168636311-4045087428-3637539368-1001\...\Run: [] => [X] HKU\S-1-5-21-2168636311-4045087428-3637539368-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Keine Datei) HKU\S-1-5-21-2168636311-4045087428-3637539368-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [24017528 2024-02-17] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2168636311-4045087428-3637539368-1001\...\Run: [MicrosoftEdgeAutoLaunch_449EB040EEE76013652793F6BD8242E1] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4067896 2024-02-23] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2168636311-4045087428-3637539368-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70921216 2024-02-23] (Riot Games, Inc. -> Riot Games, Inc.) HKU\S-1-5-21-2168636311-4045087428-3637539368-1001\...\MountPoints2: {cd4c5bc6-a9a0-11e9-9e1c-309c238a2d04} - "D:\pushinst.exe" HKU\S-1-5-21-2168636311-4045087428-3637539368-1001\...\MountPoints2: {d31c1a6d-d2ed-11e8-9dd9-309c238a2d04} - "E:\LaunchU3.exe" -a HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.70\Installer\chrmstp.exe [2024-02-26] (Google LLC -> Google LLC) GroupPolicy: Beschränkung ? <==== ACHTUNG GroupPolicy-Firefox: Beschränkung <==== ACHTUNG Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {394EE2A1-C6B1-404B-A2C9-9C483745E46D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {BAF21D80-2C0B-4E0D-B7DF-0444D8D280B7} - System32\Tasks\Avira_FallbackUpdater => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false Task: {25B07876-369B-4166-8729-B1544CCED3B5} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry Task: {25B07876-369B-4166-8729-B1544CCED3B5} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog Task: {25B07876-369B-4166-8729-B1544CCED3B5} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector Task: {7EFA9FB7-91D0-496F-BDF7-A3608C39CDF3} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [260832 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH) Task: {D3397E0E-6F45-4364-B82F-FC309017DE45} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1825360 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH) Task: {1CA6C108-1B14-4955-AF05-5D406232A7CD} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {794D9557-9332-4649-84DE-BA1677E3823F} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [37097112 2023-12-15] (Avira Operations GmbH -> Avira Operations GmbH) Task: {520C8626-A525-489A-829B-F7DA508E227A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-19] (Google Inc -> Google LLC) Task: {19FD6700-1A0D-4C82-9711-8A186144E11A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-19] (Google Inc -> Google LLC) Task: {9AA5C09B-DC10-4EF9-852B-5D11A86151FD} - System32\Tasks\HPCustParticipation HP ColorLaserJet MFP M178-M181 => C:\Program Files\HP\HP ColorLaserJet MFP M178-M181\Bin\HPCustPartic.exe [6659488 2020-01-22] (HP Inc -> HP Inc.) Task: {DAD5E68A-8176-4425-B5CC-A15B451CE242} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation) Task: {A4E18C6C-43BF-4724-81E6-CA9E0C8DA743} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation) Task: {F7E0F84D-E243-4B4B-9756-E82F3852A3CC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-17] (Microsoft Corporation -> Microsoft Corporation) Task: {79C67321-B852-422A-B931-91F28A2596DB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-17] (Microsoft Corporation -> Microsoft Corporation) Task: {3A01470B-6C6F-4E45-826A-02190C3A4081} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4436272 2024-02-10] (Microsoft Corporation -> Microsoft Corporation) Task: {2801E170-EE59-4E99-9241-4F7F3C4ACC79} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [362192 2024-02-17] (Microsoft Corporation -> Microsoft Corporation) Task: {389C3A98-131B-4AD3-9031-2782EA53C291} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {EC01A875-54B4-4303-AB2E-5F0438A3F31E} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2168636311-4045087428-3637539368-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {A56EDA1E-65DE-47FE-B447-5E7CAC01B76C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-20] (Mozilla Corporation -> Mozilla Foundation) Task: {8B70E5F4-C069-4327-9F49-FCA133C942A1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {7467276E-B594-42CA-B89D-3CB83B33F3AA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {09E6DFAA-DC8D-44CF-949E-7C26E3CE0478} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DEE5ED77-B0A6-4D5A-A92B-E61860898523} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A0920731-367A-4F7D-AE3C-DD5A599C0ACE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A7A7D487-EFDE-43B0-9571-C1538F85C3F9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6E2130CB-6228-45FD-A7A0-ED9DC851E6BD} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DA042E0E-783E-4A39-9E26-AF1B67C47F62} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {145D5E10-471F-47BC-890D-AB8EF5F73528} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {85AC4649-8BE3-4665-B185-5B287B96A590} - System32\Tasks\SogouImeMgr => C:\Program Files (x86)\SogouInput\SogouExe\SogouExe.exe [412568 2020-06-26] (Beijing Sogou Technology Development Co., Ltd. -> Sogou.com Inc.) -> "C:\Program Files (x86)\SogouInput\9.8.0.3746\SGTool.exe" --appid=pinyinrepair /t /v (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{2ffe0d0b-5d73-435a-982e-76bce369bc6c}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{2ffe0d0b-5d73-435a-982e-76bce369bc6c}\64259445A51224F68702733363230235C4: [DhcpNameServer] 192.168.188.1 Tcpip\..\Interfaces\{2ffe0d0b-5d73-435a-982e-76bce369bc6c}\64259445A51224F68702733363230235C4: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{31fbf6cc-82fa-4fae-ae6d-7f563f36c899}: [DhcpNameServer] 8.8.8.8 208.67.222.222 Tcpip\..\Interfaces\{5b3bc9bb-799c-4fd9-ad7e-d516cfda8258}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{b7251a39-74b2-41c7-8037-7d0df0f6e85e}: [DhcpNameServer] 192.168.0.1 Edge: ======= Edge Profile: C:\Users\Lil Vamp\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-27] Edge Extension: (Google Docs Offline) - C:\Users\Lil Vamp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-22] Edge Extension: (Edge relevant text changes) - C:\Users\Lil Vamp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] FireFox: ======== FF DefaultProfile: esnoyytm.default FF ProfilePath: C:\Users\Lil Vamp\AppData\Roaming\Mozilla\Firefox\Profiles\esnoyytm.default [2024-02-27] FF Notifications: Mozilla\Firefox\Profiles\esnoyytm.default -> hxxps://tinder.com FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Lil Vamp\AppData\Roaming\Mozilla\Firefox\Profiles\esnoyytm.default\Extensions\@windscribeff.xpi [2023-11-10] FF Extension: (Avira Browserschutz) - C:\Users\Lil Vamp\AppData\Roaming\Mozilla\Firefox\Profiles\esnoyytm.default\Extensions\abs@avira.com.xpi [2019-01-08] [UpdateUrl:hxxps://download.avira.com/package/absnooffers/firefox/update_webext_no_offers.rdf] FF Extension: (BetterTTV) - C:\Users\Lil Vamp\AppData\Roaming\Mozilla\Firefox\Profiles\esnoyytm.default\Extensions\firefox@betterttv.net.xpi [2024-02-19] FF Extension: (FrankerFaceZ) - C:\Users\Lil Vamp\AppData\Roaming\Mozilla\Firefox\Profiles\esnoyytm.default\Extensions\frankerfacez@frankerfacez.com.xpi [2019-06-22] [UpdateUrl:hxxps://cdn.frankerfacez.com/script/firefox-updates.json] FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\Lil Vamp\AppData\Roaming\Mozilla\Firefox\Profiles\esnoyytm.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-10-15] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json] FF Extension: (uBlock Origin) - C:\Users\Lil Vamp\AppData\Roaming\Mozilla\Firefox\Profiles\esnoyytm.default\Extensions\uBlock0@raymondhill.net.xpi [2024-02-23] FF Extension: (MetaMask) - C:\Users\Lil Vamp\AppData\Roaming\Mozilla\Firefox\Profiles\esnoyytm.default\Extensions\webextension@metamask.io.xpi [2024-02-09] FF Extension: (10ten Japanese Reader (Rikaichamp)) - C:\Users\Lil Vamp\AppData\Roaming\Mozilla\Firefox\Profiles\esnoyytm.default\Extensions\{59812185-ea92-4cca-8ab7-cfcacee81281}.xpi [2024-01-08] FF Extension: (Perapera Chinese Popup Dictionary) - C:\Users\Lil Vamp\AppData\Roaming\Mozilla\Firefox\Profiles\esnoyytm.default\Extensions\{90089c2c-9ab9-4d7b-a612-47c04c85c90e}.xpi [2021-02-26] FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2019-01-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2019-01-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Lil Vamp\AppData\Local\Google\Chrome\User Data\Default [2024-02-05] CHR Notifications: Default -> hxxps://www.youtube.com CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Lil Vamp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-01-30] CHR Extension: (Rajiko) - C:\Users\Lil Vamp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejcfdikabeebbgbopoagpabbdokepnff [2023-09-29] CHR Extension: (Avira Browserschutz) - C:\Users\Lil Vamp\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-11-06] CHR Extension: (Google Docs Offline) - C:\Users\Lil Vamp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-30] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lil Vamp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-17] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.) S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6782232 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [389096 2023-09-06] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [268600 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH) S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [298400 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-04-21] (BattlEye Innovations e.K. -> ) S3 brlapi; C:\WINDOWS\brltty\bin\brltty.exe [847886 2019-10-15] (Microsoft Windows -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2023-06-26] (EasyAntiCheat Oy -> Epic Games, Inc) R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11364008 2024-02-26] (Avira Operations GmbH -> Avira Operations GmbH) S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11364008 2024-02-26] (Avira Operations GmbH -> Avira Operations GmbH) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-18] (Epic Games Inc. -> Epic Games, Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-22] (HP Inc. -> HP Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-02-26] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-02-26] (Malwarebytes Inc. -> Malwarebytes) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-01-19] (NVIDIA Corporation -> NVIDIA Corporation) S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [22384 2023-11-16] (Microsoft Windows -> Microsoft Corporation) R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH) S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [403048 2023-07-05] (Proton Technologies AG -> ProtonVPN) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation) S2 SogouSvc; C:\Program Files (x86)\SogouInput\SogouExe\SogouSvc.exe [469912 2020-06-26] (Beijing Sogou Technology Development Co., Ltd. -> Sogou.com Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11660528 2018-12-07] (TeamViewer GmbH -> TeamViewer GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-04-02] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-04-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [1337216 2022-04-12] (Windscribe Limited -> Windscribe Limited) ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [293264 2021-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.) S3 avmeject; C:\WINDOWS\System32\drivers\avmeject.sys [14120 2018-08-22] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [190712 2023-03-16] (Avira Operations GmbH -> Avira Operations GmbH) R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2023-05-26] (Avira Operations GmbH -> Avira Operations GmbH) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 fwlanusb6_nv2; C:\WINDOWS\system32\DRIVERS\fwlanusb6_nv2.sys [2235152 2018-08-22] (WDKTestCert rstolz,131417395005862431 -> AVM GmbH) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-02-26] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2024-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-02-27] (Malwarebytes Inc. -> Malwarebytes) R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-05-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2023-07-05] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG) S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28784 2023-11-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH) U5 rtp_filesystem_filter; C:\Windows\System32\Drivers\rtp_filesystem_filter.sys [219448 2023-07-11] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp_filter; C:\WINDOWS\System32\DRIVERS\rtp_filter.sys [379264 2024-02-26] (Avira Operations GmbH -> Avira Operations GmbH) U5 rtp_process_monitor; C:\Windows\System32\Drivers\rtp_process_monitor.sys [199992 2023-07-11] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [41984 2023-11-10] (Avira Operations GmbH -> Avira Operations GmbH) S3 sonics_WaveExtensible; C:\WINDOWS\system32\drivers\vrtaupipe.sys [28976 2018-05-09] (CLOSED LOOP LABS LTD -> ) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2022-04-12] (Windscribe Limited -> The OpenVPN Project) R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider) S3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2019-05-25] (Vincent Burel -> Windows (R) Win 7 DDK provider) S3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2019-02-09] (Vincent Burel -> Windows (R) Win 7 DDK provider) S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74064 2021-12-08] (Cisco Systems, Inc. -> Cisco Systems, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49608 2023-04-02] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [495896 2023-04-02] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-04-02] (Microsoft Windows -> Microsoft Corporation) S3 WindscribeSplitTunnel; C:\WINDOWS\system32\DRIVERS\WindscribeSplitTunnel.sys [35752 2022-04-12] (Windscribe Limited -> ) R3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2022-04-12] (Windscribe Limited -> WireGuard LLC) R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2021-11-30] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-05-28] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2021-03-21] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation) S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2024-02-27 14:09 - 2024-02-27 14:10 - 000035073 _____ C:\Users\Lil Vamp\Downloads\FRST.txt 2024-02-27 14:09 - 2024-02-27 14:10 - 000000000 ____D C:\FRST 2024-02-27 14:08 - 2024-02-27 14:08 - 002386944 _____ (Farbar) C:\Users\Lil Vamp\Downloads\FRST64.exe 2024-02-27 14:06 - 2024-02-27 14:06 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2024-02-26 15:35 - 2024-02-27 01:15 - 000000000 ____D C:\Users\Lil Vamp\AppData\Local\Malwarebytes 2024-02-26 15:35 - 2024-02-26 15:35 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-02-26 15:35 - 2024-02-26 15:35 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-02-26 15:35 - 2024-02-26 15:35 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-02-26 15:35 - 2024-02-26 15:35 - 000000000 ____D C:\Program Files\Malwarebytes 2024-02-26 15:22 - 2024-02-26 15:23 - 000000000 ____D C:\Users\Lil Vamp\Desktop\Bilder von kaputten Staubsauger 2024-02-26 15:16 - 2024-02-26 15:16 - 002585496 _____ (Malwarebytes) C:\Users\Lil Vamp\Downloads\MBSetup.exe 2024-02-26 15:16 - 2024-02-26 15:16 - 002585496 _____ (Malwarebytes) C:\Users\Lil Vamp\Downloads\MBSetup(2).exe 2024-02-26 15:16 - 2024-02-26 15:16 - 002585496 _____ (Malwarebytes) C:\Users\Lil Vamp\Downloads\MBSetup(1).exe 2024-02-24 10:26 - 2024-02-24 10:26 - 000246526 _____ C:\Users\Lil Vamp\Documents\Aufnahmeantrag.pdf 2024-02-24 03:20 - 2024-02-24 03:20 - 000073133 _____ C:\Users\Lil Vamp\Downloads\65d7d947aadd7931306ed2ed_AIXCSC Aufnahmeantrag+Satzung 0224 1e.pdf 2024-02-20 15:18 - 2024-02-20 15:18 - 001138687 _____ C:\Users\Lil Vamp\Documents\Bewilligungsbescheid_2024.pdf 2024-02-20 15:11 - 2024-02-20 19:17 - 000000000 ____D C:\Program Files\Mozilla Firefox 2024-02-18 14:20 - 2024-02-18 14:23 - 000000000 ___HD C:\$WinREAgent 2024-02-17 14:37 - 2024-02-17 14:37 - 000000051 _____ C:\Users\Lil Vamp\Desktop\NZBgeek.txt 2024-02-17 14:29 - 2024-02-17 14:29 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-02-17 14:29 - 2024-02-17 14:29 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-02-15 18:37 - 2024-02-15 18:37 - 000740652 _____ C:\Users\Lil Vamp\Documents\STAWAG_Schlussrechnung.pdf 2024-02-15 13:01 - 2024-02-15 13:01 - 000104715 _____ C:\Users\Lil Vamp\Downloads\Paketschein_244046527024_Brandstätter_150224.pdf 2024-02-07 18:09 - 2024-02-07 18:09 - 000001230 _____ C:\Users\Public\Desktop\Proton VPN.lnk 2024-02-07 18:09 - 2024-02-07 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN 2024-02-04 18:45 - 2024-02-04 18:45 - 000000448 __RSH C:\ProgramData\ntuser.pol 2024-02-04 18:42 - 2024-02-04 18:42 - 3033710592 _____ C:\Users\Lil Vamp\Downloads\linuxmint-21.3-xfce-64bit.iso 2024-02-01 17:51 - 2024-01-19 00:25 - 002095360 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2024-02-01 17:51 - 2024-01-19 00:25 - 002095360 _____ C:\WINDOWS\system32\vulkaninfo.exe 2024-02-01 17:51 - 2024-01-19 00:25 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2024-02-01 17:51 - 2024-01-19 00:25 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2024-02-01 17:51 - 2024-01-19 00:25 - 001487376 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2024-02-01 17:51 - 2024-01-19 00:25 - 001434480 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2024-02-01 17:51 - 2024-01-19 00:25 - 001434480 _____ C:\WINDOWS\system32\vulkan-1.dll 2024-02-01 17:51 - 2024-01-19 00:25 - 001278720 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2024-02-01 17:51 - 2024-01-19 00:25 - 001278720 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2024-02-01 17:51 - 2024-01-19 00:25 - 001226872 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2024-02-01 17:51 - 2024-01-19 00:22 - 001040400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2024-02-01 17:51 - 2024-01-19 00:22 - 000670240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll 2024-02-01 17:51 - 2024-01-19 00:22 - 000505992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll 2024-02-01 17:51 - 2024-01-19 00:21 - 002173984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2024-02-01 17:51 - 2024-01-19 00:21 - 001625632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2024-02-01 17:51 - 2024-01-19 00:21 - 001542280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2024-02-01 17:51 - 2024-01-19 00:21 - 001199112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2024-02-01 17:51 - 2024-01-19 00:21 - 000841848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2024-02-01 17:51 - 2024-01-19 00:20 - 016032888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2024-02-01 17:51 - 2024-01-19 00:20 - 012928120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2024-02-01 17:51 - 2024-01-19 00:20 - 006780960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2024-02-01 17:51 - 2024-01-19 00:20 - 003721224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2024-02-01 17:51 - 2024-01-19 00:20 - 001023608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2024-02-01 17:51 - 2024-01-19 00:20 - 000787064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2024-02-01 17:51 - 2024-01-19 00:20 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2024-02-01 17:51 - 2024-01-19 00:19 - 005907464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2024-02-01 17:51 - 2024-01-19 00:19 - 005772816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2024-02-01 17:51 - 2024-01-19 00:18 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2024-02-01 17:51 - 2024-01-18 12:32 - 000120271 _____ C:\WINDOWS\system32\nvinfo.pb 2024-02-01 15:13 - 2024-02-01 15:13 - 000259665 _____ C:\Users\Lil Vamp\Downloads\47_262331321_000000001_47LM202400000363ER_20240131.pdf ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2024-02-27 14:10 - 2021-12-19 11:45 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-02-27 14:10 - 2019-07-19 14:16 - 000000000 ____D C:\Program Files (x86)\Google 2024-02-27 14:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-02-27 14:09 - 2018-08-19 21:24 - 000000000 ____D C:\ProgramData\NVIDIA 2024-02-27 14:08 - 2022-02-12 19:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-02-27 14:07 - 2018-12-24 01:20 - 000000000 ____D C:\Users\Lil Vamp\AppData\LocalLow\SogouPY 2024-02-27 14:06 - 2020-08-13 22:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-02-27 14:06 - 2020-08-13 22:39 - 000008192 ___SH C:\DumpStack.log.tmp 2024-02-27 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-02-27 14:06 - 2018-12-21 23:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2024-02-27 01:25 - 2023-02-15 09:25 - 005780576 _____ C:\WINDOWS\system32\rtp.db 2024-02-27 01:25 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2024-02-27 01:17 - 2020-08-13 22:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-02-26 22:41 - 2019-07-19 14:16 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-02-26 22:41 - 2019-07-19 14:16 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-02-26 16:19 - 2018-08-19 21:32 - 000000000 ____D C:\Users\Lil Vamp\AppData\Local\D3DSCache 2024-02-26 15:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-02-26 15:35 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2024-02-26 15:20 - 2020-08-13 23:22 - 000475978 _____ C:\WINDOWS\system32\perfh011.dat 2024-02-26 15:20 - 2020-08-13 23:22 - 000131662 _____ C:\WINDOWS\system32\perfc011.dat 2024-02-26 15:20 - 2020-08-13 22:44 - 002321176 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-02-26 15:20 - 2019-12-07 15:51 - 000739414 _____ C:\WINDOWS\system32\perfh007.dat 2024-02-26 15:20 - 2019-12-07 15:51 - 000149046 _____ C:\WINDOWS\system32\perfc007.dat 2024-02-26 15:13 - 2018-09-14 16:40 - 000000000 ____D C:\Users\Lil Vamp\AppData\Local\CrashDumps 2024-02-26 12:27 - 2023-04-24 15:38 - 000379264 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filter.sys 2024-02-25 23:37 - 2018-08-23 19:50 - 000000000 ____D C:\ProgramData\Riot Games 2024-02-25 23:24 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-02-25 19:34 - 2020-06-19 17:39 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-02-25 19:34 - 2020-06-19 17:39 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-02-24 19:37 - 2022-10-13 23:21 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-02-24 19:37 - 2022-10-13 23:21 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2024-02-24 19:37 - 2020-08-13 22:46 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2024-02-23 20:58 - 2018-09-07 18:44 - 000000000 ____D C:\Users\Lil Vamp\AppData\Local\JDownloader 2.0 2024-02-21 17:51 - 2020-08-13 22:46 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-02-21 17:51 - 2020-08-13 22:46 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-02-20 19:17 - 2018-08-23 19:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-02-20 17:01 - 2018-09-02 23:07 - 000000000 ____D C:\Users\Lil Vamp\AppData\Roaming\vlc 2024-02-20 16:27 - 2021-10-11 10:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2024-02-20 16:27 - 2018-08-23 19:23 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-02-17 18:40 - 2020-08-13 22:39 - 000515336 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-02-17 18:39 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV 2024-02-17 18:39 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-02-17 18:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-02-17 18:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-02-17 18:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-02-17 18:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-02-17 18:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2024-02-17 18:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2024-02-17 18:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-02-17 18:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2024-02-17 18:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-02-17 18:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-02-17 18:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-02-17 14:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-02-17 14:29 - 2020-08-13 22:41 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-02-17 14:26 - 2021-12-12 18:20 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2168636311-4045087428-3637539368-1001 2024-02-17 14:26 - 2020-08-13 22:46 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2168636311-4045087428-3637539368-1001 2024-02-17 14:26 - 2020-08-13 22:40 - 000002408 _____ C:\Users\Lil Vamp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-02-17 14:26 - 2018-08-23 21:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2024-02-17 14:17 - 2018-08-23 19:23 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-02-17 14:14 - 2018-08-23 19:23 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-02-07 18:09 - 2021-11-30 17:18 - 000000000 ____D C:\Users\Lil Vamp\AppData\Roaming\Proton Technologies AG 2024-02-07 18:09 - 2021-11-30 17:18 - 000000000 ____D C:\Users\Lil Vamp\AppData\Local\ProtonVPN 2024-02-07 18:09 - 2021-11-30 17:18 - 000000000 ____D C:\Program Files (x86)\Proton Technologies 2024-02-01 17:55 - 2018-08-23 19:40 - 000000000 ____D C:\Users\Lil Vamp\AppData\Local\NVIDIA 2024-01-31 17:41 - 2020-08-13 22:40 - 000000000 ____D C:\Users\Lil Vamp ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2023-11-01 12:49 - 2023-11-01 12:49 - 000000211 _____ () C:\Users\Lil Vamp\AppData\Roaming\com.reolink.app.client 2018-08-30 20:22 - 2019-02-10 19:53 - 000007662 _____ () C:\Users\Lil Vamp\AppData\Roaming\SpeedRunnersLog.txt 2019-02-09 20:20 - 2019-05-25 23:02 - 000004694 _____ () C:\Users\Lil Vamp\AppData\Roaming\VoiceMeeterDefault.xml 2023-06-03 16:25 - 2023-06-03 16:25 - 000006441 _____ () C:\Users\Lil Vamp\AppData\Local\recently-used.xbel 2018-08-19 21:33 - 2018-08-29 16:27 - 000007602 _____ () C:\Users\Lil Vamp\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
Themen zu Trojaner oder Malware eingefangen? Gimp Updater wird als Malware erkannt |
.dll, adobe, avira, defender, firefox, google, internet, malware, monitor, mozilla, popup, proxy, prozesse, registry, rundll, scan, security, services.exe, software, stick, svchost.exe, system, trojaner, usb, windows |