Windows 11 Virus über Usb installiert?

Searching000 · 09.04.2024, 13:55

Frst

Code:

ATTFilter

ntersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 06.04.2024
durchgeführt von gehrk (Administrator) auf JUSTIN-PC (Hyrican Informationssysteme AG Hyrican PC) (09-04-2024 14:45:42)
Gestartet von D:\EXEN\FRST64.exe
Geladene Profile: gehrk
Plattform: Microsoft Windows 11 Pro Version 23H2 22631.3296 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Brave
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.149\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.149\BraveCrashHandler64.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EACefSubProcess.exe <3>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\Microsoft.GamingApp_2403.1001.2.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe
(explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <16>
(explorer.exe ->) (Peakstar Technologies Inc. -> AtlasVPN) C:\Program Files\AtlasVPN\Bin\AtlasVPN.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_ed9d96ac28b0f507\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Peakstar Technologies Inc. -> AtlasVPN.Worker) C:\Program Files\AtlasVPN\Bin\AtlasVPN.Worker.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(svchost.exe ->) () [Datei ist nicht signiert] D:\WindowsApps\21676OptimiliaStudios.AquileReader_1.1.37.0_x64__k42naep6bwmrc\Aquile Reader.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2403.1001.2.0_x64__8wekyb3d8bbwe\XboxPcApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2403.1001.2.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(svchost.exe ->) (Ubisoft Entertainment Sweden AB -> Ubisoft) D:\EXEN\Ubisoft Game Launcher\UbisoftExtension.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [808504 2018-09-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1067296 2024-02-29] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY (Keine Datei)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\...\Run: [MicrosoftEdgeAutoLaunch_00B16D86002203141C6DBD71ADCA9AE0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063784 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\...\Run: [Discord] => C:\Users\gehrk\AppData\Local\Discord\Update.exe [1525016 2023-10-16] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2735208 2024-04-02] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2189080 2024-01-18] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\...\Run: [EpicGamesLauncher] => D:\XBOXGAMES\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37277648 2024-01-29] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\...\Run: [] => [X]
HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45018016 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\...\Run: [Voicemod] => D:\Voicemod Desktop\VoicemodDesktop.exe [7559560 2023-11-30] (Voicemod Sociedad Limitada -> Voicemod)
HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\...\Run: [Amazon Music Helper] => C:\Users\gehrk\AppData\Local\Amazon Music\Amazon Music Helper.exe [2107504 2023-09-26] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\...\Run: [Amazon Music] => C:\Users\gehrk\AppData\Local\Amazon Music\Amazon Music.exe [22891632 2023-09-26] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\...\MountPoints2: {f5728855-7002-11ee-8241-806e6f6e6963} - "F:\Setup.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\123.1.64.116\Installer\chrmstp.exe [2024-04-04] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {FE7A8EC4-0CD1-4A6A-983A-F2E8DE63C617} - \Opera scheduled assistant Autoupdate 1698528890 -> Keine Datei <==== ACHTUNG
Task: {D2FA518F-E511-4787-9ECF-35596944B4D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {D2FA518F-E511-4787-9ECF-35596944B4D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerCrashReporting" /ENABLE
Task: {D2FA518F-E511-4787-9ECF-35596944B4D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - gehrk" /ENABLE
Task: {D2FA518F-E511-4787-9ECF-35596944B4D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {E0F70F7E-4753-45BF-921F-32195EC38113} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.266\WatchDog.exe [1111184 2023-12-12] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.0.1.266\repair
Task: {097B5910-BA4C-4D62-B48B-B2B99AB10458} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{43AD14EC-538F-4B55-B011-80F30BBCE1C4} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-10-21] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1863BD27-B291-47BB-B3C9-1B8C22A2EBB5} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{648E7E68-A08F-4045-B9EF-7C6F6B07E16F} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-10-21] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {782AE29C-98F8-4D25-B645-33B2B88BDCDD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9A4BB1FA-E2B1-48F9-9745-51FE61570FBD} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "c25459bd-13fd-435f-9eb4-a506770ba164" --version "6.21.10918" --silent
Task: {953995DA-013C-4E02-843C-34BA6F3AF489} - System32\Tasks\CCleanerSkipUAC - gehrk => C:\Program Files\CCleaner\CCleaner.exe [38778272 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {D9B373AE-C5FD-4631-8093-574E0E2F48A6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7FE335B4-837E-44DC-B2CC-2C699854BD5C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F7468300-8567-45AA-887B-4ACAD6AF5480} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {5BD63357-2877-459D-90B6-7EFEA4D0220A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E82321B4-93EB-4D6F-B3EE-E08545E4F7CC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CF714E69-92F7-4E19-BF46-BB6D799BB03A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D88C4768-CA46-4E8E-8BB4-0CC90B5056EB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C73E06E9-CAB8-400D-A336-AC2E97F59755} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A2FB028-C1A1-45D2-AADC-D8A79BB322D4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B028BD93-2873-40F2-93D2-7D2185A4C304} - System32\Tasks\Opera scheduled Autoupdate 1698528884 => C:\Users\gehrk\AppData\Local\Programs\Opera\launcher.exe  --scheduledautoupdate $(Arg0) (Keine Datei)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{73a44145-c35e-44c0-a027-434213f895a3}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{74B698FF-9566-40D6-912F-9F9202BFF2D8}: [NameServer] 10.25.0.1
Tcpip\..\Interfaces\{b07575f2-ae11-4106-af0e-c44e34be3af2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b07575f2-ae11-4106-af0e-c44e34be3af2}: [DhcpDomain] fritz.box

Edge: 
=======
Edge Profile: C:\Users\gehrk\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-07]
Edge Extension: (Avira Safe Shopping) - C:\Users\gehrk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-11-03]
Edge Extension: (Avira Password Manager) - C:\Users\gehrk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-11-04]
Edge Extension: (Google Docs Offline) - C:\Users\gehrk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-05]
Edge Extension: (Bitcleaner Surfguard) - C:\Users\gehrk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gidnhakgfijhghmilgiiffidakihnbnb [2023-11-03]
Edge Extension: (Online Security) - C:\Users\gehrk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jcpgbnbdnakoblgfkbgggankeidkfcdl [2024-03-01]
Edge Extension: (Edge relevant text changes) - C:\Users\gehrk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [gidnhakgfijhghmilgiiffidakihnbnb]
Edge HKU\S-1-5-21-2487667140-2351503887-2796013851-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [jcpgbnbdnakoblgfkbgggankeidkfcdl]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [jcpgbnbdnakoblgfkbgggankeidkfcdl]

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext [2024-03-01] [] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

Opera: 
=======
OPR DefaultProfile: Default

Brave: 
=======
BRA Profile: C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-04-09]
BRA Extension: (Avira Password Manager) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-14]
BRA Extension: (Avira Browserschutz) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-11-04]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-04-07]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-04-09]
BRA Extension: (Brave NTP background images) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-02-02]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-04-09]
BRA Extension: (Wallet Data Files Updater) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2024-01-22]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-04-09]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-03-13]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2023-10-21]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-04-09]
BRA Extension: (Brave Ads Resources) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\jcncoheihebhhiemmbmpfhkceomfipbj [2024-02-29]
BRA Extension: (Brave Ad Block Updater (EasyList Germany (plaintext))) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2024-04-09]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-01-30]
BRA Extension: (Brave NTP sponsored images) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2024-04-09]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\gehrk\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtlasVPN.Worker; C:\Program Files\AtlasVPN\Bin\AtlasVPN.Worker.exe [153352 2024-03-20] (Peakstar Technologies Inc. -> AtlasVPN.Worker)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [849328 2024-02-29] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [849328 2024-02-29] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [849328 2024-02-29] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2963856 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2574864 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [849328 2024-02-29] (Bitdefender SRL -> Bitdefender)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-10-21] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\123.1.64.116\elevation_service.exe [2671128 2024-04-03] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-10-21] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [53217096 2024-02-14] (Electronic Arts, Inc. -> Electronic Arts)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12200040 2024-04-02] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2023-11-24] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2024-02-12] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-05-01] (Epic Games Inc. -> Epic Games, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8884840 2024-04-09] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-04-09] (Malwarebytes Inc. -> Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_ed9d96ac28b0f507\Display.NvContainer\NVDisplay.Container.exe [1274992 2023-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [686032 2023-12-12] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522200 2024-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [282728 2024-02-29] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [849328 2024-02-29] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 aswWintun; C:\Windows\System32\drivers\aswWintun.sys [40832 2024-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [6611008 2023-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [800168 2023-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [24568 2023-05-08] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender)
S3 bdprivmon; C:\Windows\system32\DRIVERS\bdprivmon.sys [49200 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\Windows\system32\DRIVERS\bduefiscan.sys [42440 2024-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [544768 2023-10-20] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [188416 2023-10-20] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1347496 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2022-05-18] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 Ignisv2; C:\Windows\system32\DRIVERS\ignisv2.sys [165312 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-04-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [234312 2024-04-09] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2024-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188784 2024-04-09] (Malwarebytes Inc. -> Malwarebytes)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [629184 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [520144 2023-11-22] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 VOICEMOD_Driver; C:\Windows\system32\drivers\mvvad.sys [48144 2023-08-30] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-04-09 14:40 - 2024-04-09 14:40 - 000234312 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2024-04-09 14:40 - 2024-04-09 14:40 - 000188784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2024-04-09 14:40 - 2024-04-09 14:40 - 000000000 ____D C:\Users\gehrk\AppData\LocalLow\IGDump
2024-04-09 14:24 - 2024-04-09 14:25 - 000000000 ____D C:\AdwCleaner
2024-04-09 14:22 - 2024-04-09 14:22 - 000001503 _____ C:\Users\gehrk\Downloads\Malwarebytes Scan-Bericht 2024-04-09 121510.txt
2024-04-09 14:10 - 2024-04-09 14:45 - 000000000 ____D C:\Users\gehrk\AppData\Local\Malwarebytes
2024-04-09 14:10 - 2024-04-09 14:10 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-04-09 14:10 - 2024-04-09 14:10 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-04-09 14:08 - 2024-04-09 14:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-04-09 14:07 - 2024-04-09 14:08 - 000000000 ____D C:\Program Files\Malwarebytes
2024-04-08 20:39 - 2024-04-08 20:39 - 000736636 _____ C:\Windows\system32\perfh007.dat
2024-04-08 20:39 - 2024-04-08 20:39 - 000153558 _____ C:\Windows\system32\perfc007.dat
2024-04-07 15:23 - 2024-04-09 14:46 - 000000000 ____D C:\FRST
2024-04-07 15:11 - 2024-04-07 15:12 - 000000000 ____D C:\Users\gehrk\Desktop\Bücher DOWN
2024-04-07 15:11 - 2024-04-07 15:11 - 025657033 _____ C:\Users\gehrk\Desktop\Meeting the Shadow_ The Hidden Power of the Dark Side of -- Edited by Connie Zweig, Jeremiah Abrams -- 1st, 1991 -- Tarcher -- 9780874776188 -- df16cf6865caaab9285f935ed4a6654e -- Anna’s Archive.pdf.crdownload
2024-04-06 20:40 - 2024-04-06 20:36 - 000428011 _____ C:\Users\gehrk\Desktop\The Four Agreements -- Ruiz, Don Miguel -- 2011 -- Amber-Allen Publishing -- 9781934408018 -- d7c2973e41dd3d56a7181a6009a38b54 -- Anna’s Archive.mobi
2024-04-06 15:57 - 2024-04-07 23:23 - 000000000 ____D C:\Users\gehrk\AppData\Roaming\AtlasVPN
2024-04-06 15:57 - 2024-04-06 15:57 - 000000000 ____D C:\Users\gehrk\AppData\Local\AtlasVPN
2024-04-06 15:56 - 2024-04-06 15:56 - 000001068 _____ C:\Users\Public\Desktop\AtlasVPN.lnk
2024-04-06 15:56 - 2024-04-06 15:56 - 000001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\AtlasVPN.lnk
2024-04-06 15:56 - 2024-04-06 15:56 - 000000000 ____D C:\Program Files\AtlasVPN
2024-04-04 15:54 - 2024-04-04 15:54 - 000001642 _____ C:\Users\gehrk\Desktop\T18 Wired Gaming Mouse.lnk
2024-04-04 15:54 - 2024-04-04 15:54 - 000000000 ____D C:\Users\gehrk\AppData\Local\BY-COMBO2
2024-04-04 15:54 - 2024-04-04 15:54 - 000000000 ____D C:\Users\gehrk\AppData\Local\BY-COMBO
2024-04-04 15:54 - 2024-04-04 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T18 Wired Gaming Mouse
2024-04-03 15:39 - 2024-04-03 15:39 - 000000000 ____D C:\Users\gehrk\AppData\Local\SwGame
2024-04-03 12:24 - 2024-04-03 12:24 - 000001171 _____ C:\Users\Public\Desktop\STAR WARS Jedi - Fallen Order™.lnk
2024-04-03 12:24 - 2024-04-03 12:24 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2024-03-31 19:57 - 2024-03-31 19:57 - 000000027 _____ C:\Windows\system32\ctc.json
2024-03-31 19:56 - 2024-03-31 19:56 - 000000318 _____ C:\Windows\system32\httpproxy.json
2024-03-31 19:33 - 2024-03-31 19:33 - 000690740 _____ C:\ProgramData\cl.1711905940.bdinstall.v2.bin
2024-03-31 19:33 - 2024-03-31 19:33 - 000126580 _____ C:\ProgramData\cl.kit.1711905939.bdinstall.v2.bin
2024-03-31 19:30 - 2024-03-31 19:30 - 000000000 ____D C:\ProgramData\Gemma
2024-03-31 19:30 - 2024-03-31 19:30 - 000000000 ____D C:\ProgramData\Atc
2024-03-31 19:30 - 2024-03-31 19:30 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2024-03-31 19:29 - 2024-03-31 20:49 - 000000000 ____D C:\ProgramData\Bitdefender
2024-03-31 19:29 - 2024-03-31 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2024-03-31 19:29 - 2024-03-31 19:30 - 000000000 ____D C:\ProgramData\BDLogging
2024-03-31 19:29 - 2024-03-31 19:29 - 000002378 _____ C:\Users\Public\Desktop\Bitdefender.lnk
2024-03-31 19:29 - 2024-03-31 19:29 - 000000000 ____D C:\Windows\system32\elambkup
2024-03-31 19:29 - 2024-03-31 19:29 - 000000000 ____D C:\Users\gehrk\AppData\Roaming\Bitdefender Security App
2024-03-31 19:29 - 2024-03-31 19:29 - 000000000 ____D C:\Users\gehrk\AppData\Roaming\Bitdefender
2024-03-31 19:29 - 2024-03-31 19:29 - 000000000 ____D C:\Program Files\Bitdefender
2024-03-31 19:25 - 2024-03-31 19:29 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2024-03-31 19:15 - 2024-03-31 19:15 - 000003846 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2024-03-31 19:13 - 2024-03-31 19:13 - 000143044 _____ C:\ProgramData\agent.1711905203.bdinstall.v2.bin
2024-03-31 19:13 - 2024-03-31 19:13 - 000000000 ____D C:\Users\gehrk\AppData\Local\Bitdefender
2024-03-31 19:13 - 2024-03-31 19:13 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2024-03-31 19:13 - 2024-03-31 19:13 - 000000000 ____D C:\Program Files\Bitdefender Agent
2024-03-31 19:00 - 2024-03-31 19:00 - 000007597 _____ C:\Users\gehrk\AppData\Local\Resmon.ResmonCfg
2024-03-31 17:11 - 2024-03-31 17:11 - 000000222 _____ C:\Users\gehrk\Desktop\Rust.url
2024-03-20 08:19 - 2024-03-20 08:19 - 000427272 _____ (WireGuard LLC) C:\Windows\system32\wintun.dll
2024-03-17 18:56 - 2024-03-17 18:57 - 000000000 ____D C:\Users\gehrk\AppData\Local\Oregon
2024-03-14 19:02 - 2024-03-14 19:02 - 000020023 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-14 19:01 - 2024-03-14 19:01 - 000020023 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-03-14 18:56 - 2024-03-14 18:58 - 000000000 ___HD C:\$WinREAgent
2024-03-11 21:49 - 2024-03-11 21:49 - 000027048 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_240094990750345.dll

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-04-09 14:40 - 2024-02-01 21:23 - 000000000 ____D C:\Users\gehrk\AppData\Local\Ubisoft Game Launcher
2024-04-09 14:40 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2024-04-09 14:38 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-09 14:25 - 2023-11-03 21:08 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2024-04-09 14:25 - 2023-10-21 14:00 - 000000000 ____D C:\Users\gehrk\AppData\Roaming\discord
2024-04-09 14:25 - 2023-10-21 13:51 - 000000000 ____D C:\ProgramData\NVIDIA
2024-04-09 14:09 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-04-09 14:09 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2024-04-09 14:08 - 2023-10-21 14:00 - 000000000 ____D C:\Users\gehrk\AppData\Local\Discord
2024-04-09 14:05 - 2023-10-21 12:27 - 000000000 ____D C:\Users\gehrk\AppData\Local\Packages
2024-04-09 14:05 - 2023-10-21 12:17 - 000000000 ____D C:\ProgramData\Packages
2024-04-09 14:05 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-09 14:05 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2024-04-09 14:00 - 2023-10-21 12:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-04-08 20:51 - 2023-10-21 12:29 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2487667140-2351503887-2796013851-1001
2024-04-08 20:51 - 2023-10-21 12:29 - 000003368 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2487667140-2351503887-2796013851-1001
2024-04-08 20:51 - 2023-10-21 12:29 - 000002399 _____ C:\Users\gehrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-08 20:42 - 2023-10-21 12:30 - 000000000 ____D C:\Users\gehrk\AppData\Local\D3DSCache
2024-04-08 20:39 - 2023-10-21 12:22 - 001692090 _____ C:\Windows\system32\PerfStringBackup.INI
2024-04-08 20:35 - 2023-10-21 14:07 - 000000000 ____D C:\Users\gehrk\AppData\Local\CrashDumps
2024-04-08 20:35 - 2023-10-21 14:03 - 000004024 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA{648E7E68-A08F-4045-B9EF-7C6F6B07E16F}
2024-04-08 20:35 - 2023-10-21 14:03 - 000003900 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore{43AD14EC-538F-4B55-B011-80F30BBCE1C4}
2024-04-08 20:32 - 2023-10-22 15:59 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2024-04-08 20:32 - 2023-10-21 12:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-04-08 20:32 - 2022-05-07 07:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-04-07 16:26 - 2023-10-21 12:56 - 000000000 ____D C:\Program Files (x86)\Steam
2024-04-06 15:51 - 2023-10-21 12:15 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-04 16:02 - 2023-10-21 12:14 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-04 16:02 - 2023-10-21 12:14 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-04 15:54 - 2023-10-28 20:58 - 000000000 ____D C:\Exen
2024-04-04 15:22 - 2023-10-21 14:04 - 000002356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-04-04 15:22 - 2023-10-21 14:04 - 000002315 _____ C:\Users\Public\Desktop\Brave.lnk
2024-04-03 16:28 - 2023-10-21 14:06 - 000000000 ____D C:\Users\gehrk\AppData\Local\Origin
2024-04-03 15:39 - 2023-10-21 16:56 - 000000000 ____D C:\Users\gehrk\AppData\Local\UnrealEngine
2024-04-02 20:20 - 2023-10-21 14:06 - 000000000 ____D C:\ProgramData\EA Desktop
2024-04-02 19:27 - 2023-10-21 14:00 - 000002231 _____ C:\Users\gehrk\Desktop\Discord.lnk
2024-04-02 18:14 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\LiveKernelReports
2024-03-31 19:49 - 2023-10-21 13:51 - 000003702 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-31 19:45 - 2023-10-21 12:52 - 000000000 ____D C:\Users\gehrk\AppData\Roaming\Microsoft\MMC
2024-03-31 17:59 - 2023-12-27 00:58 - 000000000 ____D C:\ProgramData\Avast Software
2024-03-31 17:58 - 2022-05-07 07:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-03-31 17:57 - 2023-12-27 01:02 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2024-03-31 17:11 - 2023-10-28 18:56 - 000000000 ____D C:\Users\gehrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-03-28 19:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2024-03-27 13:39 - 2023-10-21 12:24 - 000000000 ___SD C:\Users\gehrk\AppData\Roaming\Microsoft\Protect
2024-03-19 19:48 - 2023-10-21 13:58 - 000000000 ____D C:\Program Files\CCleaner
2024-03-17 02:15 - 2023-10-21 12:28 - 000000000 ____D C:\Users\gehrk\AppData\Local\PlaceholderTileLogoFolder
2024-03-15 18:24 - 2023-10-21 15:26 - 002709096 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2024-03-15 18:24 - 2023-10-21 15:26 - 000145000 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2024-03-15 18:24 - 2023-10-21 15:26 - 000108136 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2024-03-15 18:24 - 2023-10-21 15:26 - 000075368 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2024-03-15 18:23 - 2024-02-17 19:49 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_4.dll
2024-03-15 18:23 - 2023-10-21 15:26 - 000706152 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2024-03-15 18:23 - 2023-10-21 15:26 - 000218728 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2024-03-15 18:23 - 2023-10-21 15:26 - 000206440 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2024-03-15 01:44 - 2023-10-21 12:14 - 000295504 _____ C:\Windows\system32\FNTCACHE.DAT
2024-03-15 01:43 - 2023-10-20 22:29 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-03-15 01:43 - 2022-05-07 12:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-03-15 01:43 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-15 01:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-03-15 01:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2024-03-15 01:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2024-03-15 01:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-03-15 01:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-03-15 01:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2024-03-15 01:43 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2024-03-15 01:43 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
2024-03-14 19:05 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2024-03-14 19:02 - 2023-10-21 12:16 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-03-13 16:42 - 2023-10-24 14:07 - 000000000 ____D C:\Windows\system32\MRT
2024-03-13 16:41 - 2023-10-24 14:07 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-13 16:04 - 2023-10-21 12:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-03-13 03:02 - 2023-10-21 12:24 - 000000000 ____D C:\Users\gehrk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2023-12-06 23:16 - 2023-12-06 23:16 - 000003854 _____ () C:\Users\gehrk\AppData\Local\3301857876
2024-03-31 19:00 - 2024-03-31 19:00 - 000007597 _____ () C:\Users\gehrk\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

Windows 11 Virus über Usb installiert?

Log-Analyse und Auswertung: Windows 11 Virus über Usb installiert?

Windows 11 Virus über Usb installiert?

Ähnliche Themen: Windows 11 Virus über Usb installiert?