| |
| |||||||
Diskussionsforum: Eingehende Verbindung mit svchost.exe (Malewarebytes )Windows 7 Hier sind ausschließlich fachspezifische Diskussionen erwünscht. Bitte keine Log-Files, Hilferufe oder ähnliches posten. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Bereinigungen von nicht ausgebildeten Usern sind hier untersagt. Wenn du dir einen Virus doer Trojaner eingefangen hast, eröffne ein Thema in den Bereinigungsforen oben. |
 |
28.04.2024, 21:47
| #1 |
| |  Eingehende Verbindung mit svchost.exe (Malewarebytes ) Hallo zusammen, ich bekomme immer wieder von Malewarebytes folgende Meldung: HTML-Code: Malwarebytes www.malwarebytes.com -Protokolldetails- Datum des Schutzereignisses: 28.04.2024 Uhrzeit des Schutzereignisses: 22:42 Protokolldatei: c822b420-059f-11ef-ab31-6c2408d1cfeb.json -Softwaredaten- Version: 5.1.3.110 Komponentenversion: 1.0.1219 Version des Aktualisierungspakets: 1.0.84000 Lizenz: Premium -Systemdaten- Betriebssystem: Windows 11 (Build 22631.3527) CPU: x64 Dateisystem: NTFS Benutzer: System -Einzelheiten zu blockierten Websites- Bösartige Website: 1 , C:\Windows\System32\svchost.exe, Blockiert, -1, -1, 0.0.0, , -Website-Daten- Kategorie: Compromised Domäne: IP-Adresse: 210.245.120.108 Port: 3389 Typ: Eingehend Datei: C:\Windows\System32\svchost.exe (end) Es ist nur Malewarebytes das mir das anzeigt. Virustotal hat auch nichts angezeigt. Hab die IP mal Lokalisiert und gesehen das es Vietnam ist.....scheiße was und wie hab ich mir da eingefangen? Ich hoffe ihr könnt mir helfen. Geändert von Ghost_Induct (28.04.2024 um 21:51 Uhr) Grund: Neue Infos |
|
29.04.2024, 08:24
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Eingehende Verbindung mit svchost.exe (Malewarebytes ) FRST-Logs fehlen...
__________________
__________________ |
|
29.04.2024, 08:54
| #3 |
| | Eingehende Verbindung mit svchost.exe (Malewarebytes ) Sry hab ich vergessen.
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
durchgeführt von ghost (Administrator) auf LENOVO-LEGION (LENOVO 82NW) (28-04-2024 23:12:45)
Gestartet von D:\Multimedia\Downloads\FRST64.exe
Geladene Profile: ghost
Plattform: Microsoft Windows 11 Pro Version 23H2 22631.3527 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\Adguard.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(A-Volute SAS -> A-Volute) C:\Users\ghost\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\ClipboardFusion\ClipboardFusion.exe
(Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusion.exe
(Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\TrayStatus\TrayStatus.exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\AMD\ANR\AMDNoiseSuppression.exe
(C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
(C:\Program Files\DisplayFusion\DisplayFusion.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionHookApp32.exe
(C:\Program Files\DisplayFusion\DisplayFusion.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionHookApp64.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> com.logitech) C:\ProgramData\Logishrd\LogiOptionsPlus\logi_ai_prompt_builder\LogiAiPromptBuilder.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (DroidMonkey Apps, LLC -> ) C:\Program Files\KeePassXC\keepassxc-proxy.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2311.40000.5.0_x64__8wekyb3d8bbwe\WsaClient\WsaClient.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2311.40000.5.0_x64__8wekyb3d8bbwe\WSACrashUploader\WSACrashUploader.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe <6>
(C:\ProgramData\Logishrd\LogiOptionsPlus\logi_ai_prompt_builder\LogiAiPromptBuilder.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\msedgewebview2.exe <6>
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\FnHotkeyCapsLKNumLK.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0402338.inf_amd64_d4de815aa579b06a\B402197\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402338.inf_amd64_d4de815aa579b06a\B402197\atieclxx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <22>
(services.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\AdguardSvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402338.inf_amd64_d4de815aa579b06a\B402197\atiesrxx.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionService.exe
(services.exe ->) (CODE SECTOR PTY LTD -> ) C:\Program Files\TeraCopy\TeraCopyService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(services.exe ->) (GuinpinSoft inc) [Datei ist nicht signiert] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\LenovoUtilityService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2311.40000.5.0_x64__8wekyb3d8bbwe\WsaService\WsaService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(services.exe ->) (O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_699082c7b7897e92\RtkAudUService64.exe <2>
(services.exe ->) (VMware Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2311.40000.5.0_x64__8wekyb3d8bbwe\WsaClient\WsaClient.exe
(svchost.exe ->) (21E1B422-257A-44A2-9C8F-379165856473 -> ) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.10.1.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(svchost.exe ->) (QNAP Systems, Inc. -> ) C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
(vmcompute.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\vmwp.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
konnte nicht auf den Prozess zugreifen -> vmmemWSA
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_699082c7b7897e92\RtkAudUService64.exe [1618808 2022-11-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [OODITRAY.EXE] => C:\Program Files\OO Software\DiskImage\ooditray.exe [8070928 2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adguard] => C:\Program Files\AdGuard\Adguard.exe [7180504 2024-04-19] (Adguard Software Limited -> Adguard Software Limited)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951048 2021-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114112 2024-02-12] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QfinderPro] => C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe [6498128 2024-01-24] (QNAP Systems, Inc. -> QNAP)
HKLM-x32\...\Run: [Avira Security startup helper] => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259040 2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Installer\setup.exe [7136720 2024-04-28] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [] => [X]
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [DAEMON Tools Ultra Automount] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [583264 2024-02-28] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45380000 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [DisplayFusion] => C:\Program Files\DisplayFusion\DisplayFusion.exe [335320 2023-10-05] (Binary Fortress Software Ltd -> Binary Fortress Software)
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [TrayStatus] => C:\Program Files\TrayStatus\TrayStatus.exe [314320 2023-09-01] (Binary Fortress Software Ltd -> Binary Fortress Software)
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [145336 2023-08-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [ClipboardFusion] => C:\Program Files\ClipboardFusion\ClipboardFusion.exe [311768 2023-09-01] (Binary Fortress Software Ltd -> Binary Fortress Software)
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Policies\system: [shell] explorer.exe <==== ACHTUNG
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Windows x64\Print Processors\us016PC: C:\Windows\System32\spool\prtprocs\x64\us016pc.dll [61736 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\us016 Langmon: C:\WINDOWS\system32\us016lm.dll [40744 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\124.0.6367.92\Installer\chrmstp.exe [2024-04-26] (Google LLC -> Google LLC)
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {59F78804-8E60-45C9-AB24-9CC4F48BD513} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {47A87E9D-175B-4340-9E72-7F4D14E43EB9} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {23E767E5-070F-49D1-B16A-770051AD1124} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183512 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {1F1D5DA9-AAA1-42B8-95CF-EAF6CB673DA8} - System32\Tasks\AMDScoSupportTypeUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E8635269-7BAD-4B63-8688-8EF3AE43EB4B} - System32\Tasks\Avira\System Speedup\Delayed Startup\ghost\1 => C:\Program Files\KeePassXC\KeePassXC.exe [5480656 2024-03-09] (DroidMonkey Apps, LLC -> KeePassXC Team)
Task: {B435AC21-67E0-44B7-B627-6429CDF0404C} - System32\Tasks\Avira\System Speedup\SecurityTestScheduler => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259040 2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {4F12227F-6A34-412F-93E5-E42407164EBE} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\System32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {1135264D-1FF2-4F86-B7FE-3765B8B945D8} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {1135264D-1FF2-4F86-B7FE-3765B8B945D8} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {1135264D-1FF2-4F86-B7FE-3765B8B945D8} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {003B7E78-8EA3-41A6-89AC-A65F42C2A756} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259040 2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {21A0BE17-BFA7-41C9-A848-B89983BD0835} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1775072 2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {03C60F47-4959-4FD3-8D6A-52982A5CB6A2} - System32\Tasks\Avira_Security_Update => C:\Windows\System32\net.exe [81920 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {D0F97725-4E32-4265-B089-7250B291D695} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [36867040 2024-04-28] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {824EAC5E-FD66-43A8-99B8-3D9518E573F2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E6C41D01-8537-4651-A3D4-9643CB545D00} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "9b4bed59-fe04-4433-9157-2976f6e02612" --version "6.23.11010" --silent
Task: {EFA17480-555F-461B-BC00-22048E470F8B} - System32\Tasks\CCleanerSkipUAC - ghost => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9E7443A6-F7A6-4D40-8049-2010F76D71B4} - System32\Tasks\eM Client Database Backup (S-1-5-21-636087272-42344311-1300616916-1001) => C:\Program Files (x86)\eM Client\MailClient.exe [263760 2023-10-10] (eM Client s.r.o. -> eM Client s.r.o.)
Task: {FBC2EAF5-8B33-48EF-A5A0-CF8EA0A4778D} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6425.0{793F9EAD-C7B1-4A59-A94B-E330BDD6AB03} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC)
Task: {F9ACEAB8-B8A9-4F58-A8FB-F38DC9937E2E} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [1741136 2024-01-24] (QNAP Systems, Inc. -> )
Task: {EF9711D8-C7F3-4EAE-9F1B-D89459B659DC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {BE33A794-1062-4DCF-8EA5-E82B16D8050C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {19C0047F-346A-4B7E-8B26-1C7B6FB5426E} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [102400 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {CFDADDE2-20DC-4751-A70F-E8BF62E03286} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6ba878d8-bb95-4b93-9180-33b40e9a0b16 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {31475E0D-3E2B-4E52-956F-C7940CA458B2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8776f4d1-fb5d-4362-9642-f6ea8336c339 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {B8582CC2-72D2-4F53-9BE3-7CCC11E62946} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ac430654-2ee5-4e64-aa3d-eb69171c43c5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {FEC87B5F-40A9-44A2-A80D-85ABBDF3B9DF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b185c72d-cc15-476c-8ade-91f4adedf0d3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {8F5A3CC0-89C9-4EEA-B933-300A137EBCE2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e409663f-8cb9-4824-b48c-7079dff95852 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {05E97E01-3FE1-416E-A6BB-D028F50A0DAF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-636087272-42344311-1300616916-1001 => C:\Users\ghost\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2024-04-15] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {14C4AD13-1FB6-4D43-BF32-8F1644F88A66} - System32\Tasks\Lenovo\LenovoNowLauncher => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.exe [1634728 2024-01-26] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/task
Task: {0C18AD9B-5692-429B-A32D-A327E95342FF} - System32\Tasks\Lenovo\LenovoNowQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [1522088 2024-01-26] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/QuarterlyLaunch
Task: {EC86254A-9273-470C-B969-33E332F9A201} - System32\Tasks\Lenovo\LenovoNowTask => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [1522088 2024-01-26] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\$(EventData)
Task: {5C8C9574-4D1E-4C6D-988D-DEF98F130977} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
Task: {D12E4CC4-A586-4884-8631-70AE1DA2C827} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90600 2023-11-02] (Lenovo -> Lenovo Group Ltd.) -> C:\windows\system32\drivers\Lenovo\udc\Service\/onidle
Task: {26E677A9-A286-4B55-8E48-19DBDC16D209} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [185312 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
Task: {834F72D4-E8F5-4954-9931-05838C20CE55} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {1BA74BA4-BBBA-4C42-AC67-4DD914D53FA2} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {79767E76-A251-48AC-A6A4-EAC7CA7ECFCE} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {AFD1C4F8-38D2-4B4B-BEC2-254A84032D5A} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {ECB39FFD-CEBC-4298-893C-D7B2D3C4FA6B} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {88CAE79D-3EE9-4F4C-968C-23A416AEAE2C} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {44716DFF-9989-4892-8C80-72122E73C533} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {2EFB2304-AA11-4A87-867D-337483C054B6} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {AB43F284-09EA-4615-9FDC-84003D85DC4E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {6A41BBC2-8547-4E76-BF25-9B25315BF6E0} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {4151EE70-3D67-48E1-9041-73C669831213} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {B88BF42B-1449-4426-B8E7-443A6F257949} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {08F7638E-C460-4973-8107-34696C32EAE9} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {76E686C2-0C5D-488E-94E1-8DB946649F4B} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\uninstall.exe [365024 2024-03-03] (Lenovo -> Lenovo)
Task: {FBB0FC33-4283-4B25-BA54-FD3F31BD429F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28438712 2024-04-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C12D0511-B5E8-44D6-8F8C-3E965A95D9FB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28438712 2024-04-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {8256EC7B-1BAC-4E1D-9F67-44C0870EE071} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {387246FF-B9D6-49FA-95B1-71BE38001BE9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {783A6548-B471-4A64-9CD3-E314DE519C56} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168928 2024-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6956F840-9B43-44DA-8397-26806E3CD8AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C7C960E-DA9E-45CF-80C5-871B49AFEE7E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B914ED59-58D7-4CE9-99EF-79F38A44388A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {897253B3-3E74-499B-8BDD-28CE13F22AC3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1363BA69-55FE-4D54-A102-11661E5C3EFE} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {1CB88CA2-B510-43FB-BC96-49C0D27E458C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-04-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {FD7A3C32-9AA4-4137-95C5-2C6E712D5129} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-636087272-42344311-1300616916-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-04-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {F7C2DAB7-A7DC-4BF0-8BFD-29134C26C3DF} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [844400 2023-04-13] (A-Volute SAS -> Nahimic)
Task: {BFFE0F41-87E5-44DE-8832-6BFA0C5B4B07} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1105520 2023-04-13] (A-Volute SAS -> Nahimic)
Task: {AB36A674-F7D7-48C7-9785-21CEB45BF06D} - System32\Tasks\NahimicTask32 => C:\Windows\System32\..\SysWOW64\NahimicSvc32.exe [844400 ] (A-Volute SAS -> Nahimic)
Task: {E754E7F1-0CA3-446C-BC14-B65B7C576694} - System32\Tasks\NahimicTask64 => C:\Windows\System32\.\NahimicSvc64.exe [1105520 ] (A-Volute SAS -> Nahimic)
Task: {5D85DFAA-ED16-4A5C-A58F-2B27C37BC7FF} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-11-22] () [Datei ist nicht signiert]
Task: {8C801541-6DCB-48C9-9949-53EC43E1EC6D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4207120 2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {4776AF02-37FB-4BCA-94D6-6A0A1A538C56} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-636087272-42344311-1300616916-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4207120 2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {387D88B2-EE2D-4609-B9AE-B74B59356F42} - System32\Tasks\OO DiskImage {8291e112-6f26-445b-b2ff-37a616ae81ad} => C:\Program Files\OO Software\DiskImage\oodiag.exe [13084432 2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
Task: {C31A328E-07E8-4F60-8F42-CC51CD212E81} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60120 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {5F06D504-CD78-4775-B9E7-678F0E38B0EB} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [323800 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4f2bd305-e8aa-426a-b034-e7810bdd27ab}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4f2bd305-e8aa-426a-b034-e7810bdd27ab}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{4f2bd305-e8aa-426a-b034-e7810bdd27ab}\64259445A51224F68702735323030244D4: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4f2bd305-e8aa-426a-b034-e7810bdd27ab}\64259445A51224F68702735323030244D4: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{4f2bd305-e8aa-426a-b034-e7810bdd27ab}\64259445A51224F68702735393030255A502537486A7: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4f2bd305-e8aa-426a-b034-e7810bdd27ab}\64259445A51224F68702735393030255A502537486A7: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{f0b04d73-8082-4e49-b700-36baf60d1602}: [DhcpNameServer] 150.204.1.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-28]
Edge HomePage: Default -> hxxps://www.bing.com/?/ai
Edge StartupUrls: Default -> "hxxps://www.msn.com/de-de/feed"
Edge DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=U549DF&PC=U549&q={searchTerms}
Edge Extension: (Google Übersetzer) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-01-10]
Edge Extension: (Password Manager SafeInCloud) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bfilcmnckjfhldbbkaeofghnhpbehipd [2024-01-10]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-04-10]
Edge Extension: (AdGuard Browser-Assistent) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\calilkfbhgibagenlbchfbiafnacldki [2024-03-28]
Edge Extension: (Avira Password Manager) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2024-02-28]
Edge Extension: (Turn Off the Lights) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fmamkbgpnienhphflfdamlhnljffjdgm [2023-12-09]
Edge Extension: (Google Docs Offline) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
Edge Extension: (Xbox New Tab) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gipflfpkiocnigbpalofdghmpeigegah [2023-12-09]
Edge Extension: (Auto Refresh Plus | Page Monitor) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hgeljhfekpckiiplhkigfehkdpldcggm [2024-01-10]
Edge Extension: (AdBlocker for YouTube™) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\higmhbckajbkjohakkmnlemnekmmhicp [2024-03-01]
Edge Extension: (Dark Reader) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ifoakfbpdcdoeenechcleahebpibofpc [2024-04-11]
Edge Extension: (Tampermonkey) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iikmkjmpaadaobahmlepeloendndfphd [2024-04-10]
Edge Extension: (ChatGPT for Google) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jgjaeacdkonaoafenlfkkkmbaopkbilf [2024-04-28]
Edge Extension: (Edge relevant text changes) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Microsoft Power Automate) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kagpabjoboikccfdghpdlaaopmgpgfdc [2024-02-28]
Edge Extension: (Adblocker für Youtube™) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nipggfgilmoiofmnkbeabghbcaohmjih [2024-03-27]
Edge Extension: (Autofill) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk [2024-02-15]
Edge Extension: (uBlock Origin) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2024-04-10]
Edge Extension: (I don't care about cookies) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oholpbloipjbbhlhohaebmieiiieioal [2023-12-09]
Edge Extension: (SABconnect++) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod [2024-04-28]
Edge Extension: (KeePassXC-Browser) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffhmdngciaglkoonimfcmckehcpafo [2024-04-04]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: eiueytob.default
FF ProfilePath: C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\eiueytob.default [2024-03-30]
FF ProfilePath: C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release [2024-04-28]
FF Homepage: Mozilla\Firefox\Profiles\ixn01s7u.default-release -> hxxps://www.google.com/?ptid=19027681&ptt=8&fpts=0
FF Extension: (Dark Reader) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\addon@darkreader.org.xpi [2024-04-15]
FF Extension: (2FAS - Two Factor Authentication) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\admin@2fas.com.xpi [2024-04-07]
FF Extension: (AdGuard Browser-Assistent) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\browserassistant@adguard.com.xpi [2024-03-28]
FF Extension: (GNOME Shell-Integration) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\chrome-gnome-shell@gnome.org.xpi [2023-12-10]
FF Extension: (Enhancer for YouTube™) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2024-04-26]
FF Extension: (FoxyTab) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\foxytab@eros.man.xpi [2023-12-10]
FF Extension: (GSConnect) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\gsconnect@andyholmes.github.io.xpi [2023-12-10]
FF Extension: (ProxTube) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\ich@maltegoetz.de.xpi [2023-12-10]
FF Extension: (To Google Translate) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2023-12-10]
FF Extension: (I don't care about cookies) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-12-10]
FF Extension: (KeePassXC-Browser) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\keepassxc-browser@keepassxc.org.xpi [2024-04-02]
FF Extension: (Plasma Integration) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\plasma-browser-integration@kde.org.xpi [2023-12-10]
FF Extension: (Download Manager (S3)) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\s3download@statusbar.xpi [2023-12-10]
FF Extension: (SponsorBlock für YouTube – Überspringe gesponserte Videosegmente) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\sponsorBlocker@ajay.app.xpi [2024-03-22]
FF Extension: (Turn Off the Lights) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\stefanvandamme@stefanvd.net.xpi [2024-03-01]
FF Extension: (Kein Name) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\tranquility@ushnisha.com.xpi [2023-12-10]
FF Extension: (uBlock Origin) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\uBlock0@raymondhill.net.xpi [2024-04-10]
FF Extension: (Privacy Possum) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\woop-NoopscooPsnSXQ@jetpack.xpi [2023-12-10]
FF Extension: (حسون) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{1af8a7ba-9a9b-4c9e-a37c-a9ee9f437456}.xpi [2023-12-10]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-04-16]
FF Extension: (Anonymous - I am free) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{283b426b-78c2-48cf-8cd7-8d3fa4dc101f}.xpi [2023-12-10]
FF Extension: (Sahara Sand) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{2ddbcb89-c6c1-4c0e-a146-21ba9bcd99ef}.xpi [2023-12-10]
FF Extension: (Search by Image) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{2e5ff8c8-32fe-46d0-9fc8-6b8986621f3c}.xpi [2024-02-21]
FF Extension: (Sidebery) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{3c078156-979c-498b-8990-85f7987dd929}.xpi [2024-03-12]
FF Extension: (Image Search Options) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{4a313247-8330-4a81-948e-b79936516f78}.xpi [2023-12-10]
FF Extension: (SingleFile) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{531906d3-e22f-4a6c-a102-8057b88a1a63}.xpi [2024-04-19]
FF Extension: (Groovy Blue) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{6149213c-39c0-4bad-8ffa-f0bff06e96f8}.xpi [2023-12-10]
FF Extension: (Audio Equalizer) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{63d150c4-394c-4275-bc32-c464e76a891c}.xpi [2023-12-10]
FF Extension: (Black Shine) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{66c3310d-738e-4975-806f-c2c5952d55c7}.xpi [2023-12-10]
FF Extension: (NoScript) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2024-02-21]
FF Extension: (YouTube High Definition) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2023-12-10]
FF Extension: (alike03's Subscription Info on Steam) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{7d7241f8-5541-4ab7-9c8a-ad15bd3aa4c7}.xpi [2024-04-15]
FF Extension: (NZB Unity) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{96586e48-b9a2-45dd-b1a1-54fa85a97c91}.xpi [2023-12-10]
FF Extension: (Feedbro) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{a9c2ad37-e940-4892-8dce-cd73c6cbbc0c}.xpi [2024-03-28]
FF Extension: (The Solar Eclipse) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{d742d723-c843-413b-89da-56c63162e817}.xpi [2023-12-10]
FF Extension: (DownThemAll!) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2024-02-21]
FF Extension: (Popup Blocker (strict)) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{de22fd49-c9ab-4359-b722-b3febdc3a0b0}.xpi [2024-02-28]
FF Extension: (Foxy Gestures) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{e839c3f9-298e-4cd0-99e0-464431cb7c34}.xpi [2023-12-10]
FF Plugin: @java.com/DTPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-23] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default [2024-04-28]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Google Übersetzer) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-12-09]
CHR Extension: (Turn Off the Lights) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2023-12-09]
CHR Extension: (Avira Password Manager) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-21]
CHR Extension: (Dark Reader) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2024-04-15]
CHR Extension: (I don't care about cookies) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-12-09]
CHR Extension: (Avira Browserschutz) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-21]
CHR Extension: (Google Docs Offline) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
CHR Extension: (GNOME Shell-Integration) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\gphhapmejobijbbhgpjhcjognlahblep [2024-04-27]
CHR Extension: (Auto Refresh Plus | Page Monitor) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgeljhfekpckiiplhkigfehkdpldcggm [2023-12-09]
CHR Extension: (Similarweb – Traffic-Ranking und Website-Analyse) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2024-04-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-04-12]
CHR Extension: (Chrome Remote Desktop) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2024-04-09]
CHR Extension: (ChatGPT for Google) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjaeacdkonaoafenlfkkkmbaopkbilf [2024-04-27]
CHR Extension: (Autofill) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk [2024-02-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-09]
CHR Extension: (KeePassXC-Browser) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\oboonakemofpalcgghocfoadofidjkkk [2024-04-03]
CHR Extension: (SABconnect++) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod [2024-04-24]
CHR Profile: C:\Users\ghost\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-18]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Adguard Service; C:\Program Files\AdGuard\AdguardSvc.exe [806104 2024-04-19] (Adguard Software Limited -> Adguard Software Limited)
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6738360 2024-04-28] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3003584 2024-01-22] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [398816 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [265544 2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [295752 2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
S4 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.5\ABService.exe [1106416 2024-03-12] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe [9728 2024-02-28] (GuinpinSoft inc) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14247904 2024-04-13] (Microsoft Corporation -> Microsoft Corporation)
S4 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [7512672 2024-02-28] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
R2 DisplayFusionService; C:\Program Files\DisplayFusion\DisplayFusionService.exe [335320 2023-10-05] (Binary Fortress Software Ltd -> Binary Fortress Software)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [14991976 2024-04-17] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2023-06-29] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11427672 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11427672 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH)
S4 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncHelper.exe [3507728 2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
S2 GoogleUpdaterInternalService126.0.6425.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6425.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\LenovoUtilityService.exe [168776 2024-04-01] (Lenovo -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe [34168 2024-03-03] (Lenovo -> Lenovo)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-01-29] (The Document Foundation -> The Document Foundation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887264 2024-04-26] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\tunnel\MBVpnTunnelService.exe [3073888 2024-02-28] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1930888 2023-04-13] (A-Volute SAS -> Nahimic)
S4 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.070.0407.0003\OneDriveUpdaterService.exe [3848208 2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [13084432 2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3900176 2024-03-12] (O&O Software GmbH -> O&O Software GmbH)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [19145472 2024-04-17] (Logitech Inc -> Logitech, Inc.)
R2 PlexUpdateService; C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe [916248 2024-04-18] (Plex, Inc. -> Plex, Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2024-04-27] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2024-04-27] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeraCopyService.exe; C:\Program Files\TeraCopy\TeraCopyService.exe [317664 2023-06-29] (CODE SECTOR PTY LTD -> )
R2 UDCService; C:\WINDOWS\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72160 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
S3 VmwareAutostartService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-autostart.exe [64960 2024-02-12] (VMware, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [651216 2023-09-11] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
R3 WsaService; C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2311.40000.5.0_x64__8wekyb3d8bbwe\WsaService\WsaService.exe [312832 2024-03-27] (Microsoft Corporation -> )
Geändert von Ghost_Induct (29.04.2024 um 09:07 Uhr) |
|
29.04.2024, 09:08
| #4 |
| | Eingehende Verbindung mit svchost.exe (Malewarebytes ) Teil 2 von FRST Code:
ATTFilter ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [89160 2024-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Limited) R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [36736 2023-05-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R2 AMDRyzenMasterDriverV20; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [58952 2024-04-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices) R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys [113088 2023-04-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices) R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0402338.inf_amd64_d4de815aa579b06a\B402197\amdkmdag.sys [100126720 2024-04-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0402263.inf_amd64_1366da2d694c570c\B400781\amdkmdag.sys [106387864 2024-04-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [172928 2024-04-27] (AOMEI International Network Limited -> ) S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2023-10-10] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [32176 2024-04-27] (AOMEI International Network Limited -> ) R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [162296 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> RedFox) R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [162296 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> RedFox) R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [176712 2024-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH) R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2024-04-18] (Avira Operations GmbH -> Avira Operations GmbH) S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2023-10-10] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2023-05-30] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [63704 2023-05-30] (AVB Disc Soft, SIA -> Disc Soft Ltd) R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [60784 2023-12-06] (Lenovo -> Lenovo) R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218592 2024-02-29] (Microsoft Windows -> Microsoft Corporation) R2 hcmon; C:\WINDOWS\system32\DRIVERS\hcmon.sys [72144 2023-08-08] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-02-28] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [234312 2024-04-28] (Malwarebytes Inc. -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-04-28] (Malwarebytes Inc. -> Malwarebytes) R3 NahimicBTLink; C:\WINDOWS\System32\drivers\NahimicBTLink.sys [85144 2023-04-13] (A-Volute SAS -> Windows (R) Win 7 DDK provider) R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85144 2023-04-13] (A-Volute SAS -> Windows (R) Win 7 DDK provider) R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [115496 2024-04-18] (Avira Operations GmbH -> Avira Operations GmbH) R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [77792 2023-10-19] (Nmap Software LLC -> Insecure.Com LLC.) R0 oodisr; C:\WINDOWS\System32\DRIVERS\oodisr.sys [116888 2023-11-17] (O&O Software GmbH -> O&O Software GmbH) R0 oodisrh; C:\WINDOWS\System32\DRIVERS\oodisrh.sys [41112 2023-11-17] (O&O Software GmbH -> O&O Software GmbH) R0 oodivd; C:\WINDOWS\System32\DRIVERS\oodivd.sys [274424 2023-11-17] (O&O Software GmbH -> O&O Software GmbH) R0 oodivdh; C:\WINDOWS\System32\DRIVERS\oodivdh.sys [60920 2023-11-17] (O&O Software GmbH -> O&O Software GmbH) S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group) R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_92b2eef9fcc25565\rt68cx21x64.sys [779752 2023-12-18] (Realtek Semiconductor Corp. -> Realtek) R1 rtp1; C:\WINDOWS\System32\DRIVERS\rtp1.sys [411064 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp2; C:\WINDOWS\System32\DRIVERS\rtp2.sys [411064 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH) S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28768 2024-04-23] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH) R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation) R3 USBPcap; C:\WINDOWS\system32\DRIVERS\USBPcap.sys [52872 2020-05-22] (Tomasz Moń -> USBPcap) S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2024-02-29] (Microsoft Windows -> ) R0 vmci; C:\WINDOWS\System32\drivers\vmci.sys [104888 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.) R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [60344 2024-02-12] (VMware, Inc. -> VMware, Inc.) R3 VMnetAdapter; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [31120 2024-02-12] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [53704 2024-02-12] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.) R2 VMnetuserif; C:\WINDOWS\system32\DRIVERS\vmnetuserif.sys [30664 2024-02-12] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.) R2 vmx86; C:\WINDOWS\system32\DRIVERS\vmx86.sys [100776 2024-02-12] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [88976 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.) R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation) S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2024-02-28] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [33864 2024-02-28] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com) S3 WiseRegNotify; C:\WINDOWS\WiseRegNotify.sys [48472 2024-02-28] (Lespeed Technology Co., Ltd -> WiseCleaner.com) S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X] U4 npcap_wifi; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2024-04-28 22:15 - 2024-04-28 22:15 - 000000730 _____ C:\Users\ghost\Desktop\Malwarebytes Bericht über blockierte Websites 2024-04-28 194921.txt 2024-04-28 22:15 - 2024-04-28 22:15 - 000000723 _____ C:\Users\ghost\Desktop\Malwarebytes Bericht über blockierte Websites 2024-04-28 161701.txt 2024-04-28 22:06 - 2024-04-28 23:13 - 000000000 ____D C:\FRST 2024-04-28 22:00 - 2024-04-28 22:00 - 000028448 _____ C:\WINDOWS\system32\lc.dat 2024-04-28 21:46 - 2024-04-28 21:46 - 000762024 _____ C:\WINDOWS\system32\perfh007.dat 2024-04-28 21:46 - 2024-04-28 21:46 - 000157682 _____ C:\WINDOWS\system32\perfc007.dat 2024-04-28 21:40 - 2024-04-28 21:40 - 000234312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys 2024-04-28 21:40 - 2024-04-28 21:40 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2024-04-28 18:33 - 2024-04-28 18:33 - 000000000 ____D C:\Program Files\WSL 2024-04-28 18:26 - 2024-04-28 18:26 - 000000000 ____D C:\Program Files\Avira 2024-04-28 18:26 - 2024-04-23 08:51 - 000411064 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp2.sys 2024-04-28 18:26 - 2024-04-23 08:51 - 000411064 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp1.sys 2024-04-28 18:26 - 2024-04-18 09:42 - 000115496 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\netprotection_network_filter.sys 2024-04-28 18:26 - 2024-04-18 09:41 - 000233560 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\BdSentry.sys 2024-04-28 18:23 - 2024-04-28 18:23 - 000067310 _____ C:\Users\ghost\Downloads\bluescreenview.zip 2024-04-28 18:22 - 2024-04-28 18:22 - 000001672 _____ C:\Users\ghost\Downloads\bluescreenview_german.zip 2024-04-28 18:21 - 2024-04-28 18:21 - 000003774 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify 2024-04-28 18:21 - 2024-04-28 18:21 - 000000000 ____D C:\Users\Public\Speedup Sessions 2024-04-28 18:20 - 2024-04-28 18:20 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance 2024-04-28 18:20 - 2024-04-28 18:20 - 000003708 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater 2024-04-28 18:20 - 2024-04-28 18:20 - 000003480 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update 2024-04-28 18:20 - 2024-04-28 18:20 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog 2024-04-28 18:20 - 2024-04-28 18:20 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray 2024-04-28 18:20 - 2024-04-28 18:20 - 000001157 _____ C:\Users\Public\Desktop\Avira.lnk 2024-04-28 18:11 - 2024-04-28 18:19 - 006738360 _____ (Avira Operations GmbH) C:\Users\ghost\Downloads\avira_de_aps10_3810393873_qlrhcii9dpo4k2snpmvd_wdp.exe 2024-04-28 12:05 - 2024-04-28 12:05 - 000000000 ____D C:\Users\ghost\AppData\Roaming\com.shirogames.evoland 2024-04-28 12:04 - 2024-04-28 12:04 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Macromedia 2024-04-28 11:58 - 2024-04-28 12:00 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Beat Hazard 2024-04-28 11:38 - 2024-04-28 11:39 - 019093186 _____ C:\Users\ghost\Downloads\WM2164.zip 2024-04-28 08:17 - 2024-04-28 08:17 - 000000000 ____D C:\Users\ghost\AppData\Local\Daedalic Entertainment 2024-04-28 07:35 - 2024-04-28 07:35 - 000000000 ____D C:\Users\ghost\AppData\LocalLow\AMD 2024-04-28 07:34 - 2024-04-28 21:39 - 000003114 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher 2024-04-28 07:34 - 2024-04-28 21:39 - 000003106 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate 2024-04-28 07:34 - 2024-04-28 07:34 - 000003518 _____ C:\WINDOWS\system32\Tasks\AMDScoSupportTypeUpdate 2024-04-28 07:34 - 2024-04-28 07:34 - 000003484 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate 2024-04-28 07:34 - 2024-04-28 07:34 - 000002616 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask 2024-04-28 07:34 - 2024-04-28 07:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool 2024-04-28 07:33 - 2024-04-28 07:33 - 000003072 _____ C:\WINDOWS\system32\Tasks\StartDVR 2024-04-28 07:33 - 2024-04-28 07:33 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2024-04-28 07:33 - 2024-04-28 07:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition 2024-04-28 07:30 - 2024-04-23 18:27 - 002100736 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2024-04-28 07:30 - 2024-04-23 18:27 - 002100736 _____ C:\WINDOWS\system32\vulkaninfo.exe 2024-04-28 07:30 - 2024-04-23 18:27 - 001658992 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2024-04-28 07:30 - 2024-04-23 18:27 - 001658992 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2024-04-28 07:30 - 2024-04-23 18:27 - 001465984 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2024-04-28 07:30 - 2024-04-23 18:27 - 001465984 _____ C:\WINDOWS\system32\vulkan-1.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 011526256 _____ C:\WINDOWS\system32\amdsmi.exe 2024-04-28 07:30 - 2024-04-23 18:26 - 002221976 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 002130544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 001640960 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 001640960 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 001331536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 001307328 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 001307328 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 001254400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 001055232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 001054296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 000998512 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2024-04-28 07:30 - 2024-04-23 18:26 - 000731248 _____ C:\WINDOWS\system32\hiprt0200064.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 000607744 _____ C:\WINDOWS\system32\GameManager64.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 000535664 _____ C:\WINDOWS\system32\atieah64.exe 2024-04-28 07:30 - 2024-04-23 18:26 - 000502384 _____ C:\WINDOWS\system32\EEURestart.exe 2024-04-28 07:30 - 2024-04-23 18:26 - 000473200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 000460800 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 000404592 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2024-04-28 07:30 - 2024-04-23 18:26 - 000266240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 000226928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 000196208 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 000183920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 000147056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 000138752 _____ C:\WINDOWS\system32\amdxc64.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 000114688 _____ C:\WINDOWS\SysWOW64\amdxc32.dll 2024-04-28 07:30 - 2024-04-23 18:26 - 000074864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 105805424 _____ C:\WINDOWS\system32\amd_comgr_2.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 105432688 _____ C:\WINDOWS\system32\amd_comgr.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 089173616 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 018444400 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64_6.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 007559792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 007339520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 000801280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 000678400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 000568432 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 000543344 _____ C:\WINDOWS\system32\dgtrayicon.exe 2024-04-28 07:30 - 2024-04-23 18:25 - 000524912 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 000471048 _____ C:\WINDOWS\system32\amdlogum.exe 2024-04-28 07:30 - 2024-04-23 18:25 - 000432240 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 000389744 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 000360960 _____ C:\WINDOWS\system32\clinfo.exe 2024-04-28 07:30 - 2024-04-23 18:25 - 000176640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 000167248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 000159888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 000145408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 000136688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 000051312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll 2024-04-28 07:30 - 2024-04-23 18:25 - 000048128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll 2024-04-28 07:30 - 2024-04-23 18:24 - 021762160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll 2024-04-28 07:30 - 2024-04-23 18:24 - 001725752 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll 2024-04-28 07:30 - 2024-04-23 18:24 - 001400208 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll 2024-04-28 07:30 - 2024-04-23 18:24 - 000567840 _____ C:\WINDOWS\system32\amdmiracast.dll 2024-04-28 07:30 - 2024-04-23 18:24 - 000177056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2024-04-28 07:30 - 2024-04-23 18:24 - 000167136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2024-04-28 07:30 - 2024-04-23 18:24 - 000151200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2024-04-28 07:30 - 2024-04-23 18:24 - 000136576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2024-04-28 07:30 - 2024-04-23 18:24 - 000131472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2024-04-28 07:30 - 2024-04-23 17:44 - 105732976 _____ C:\WINDOWS\system32\amdxc64.so 2024-04-28 07:30 - 2024-04-19 15:40 - 000548968 _____ C:\WINDOWS\system32\libsmi_guest.dll 2024-04-28 07:30 - 2024-04-19 15:40 - 000524288 _____ C:\WINDOWS\system32\libsmi_host.dll 2024-04-28 07:30 - 2024-04-19 15:40 - 000207360 _____ C:\WINDOWS\system32\mantle64.dll 2024-04-28 07:30 - 2024-04-19 15:40 - 000186472 _____ C:\WINDOWS\system32\mantleaxl64.dll 2024-04-28 07:30 - 2024-04-19 15:40 - 000165480 _____ C:\WINDOWS\SysWOW64\mantle32.dll 2024-04-28 07:30 - 2024-04-19 15:40 - 000148992 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll 2024-04-28 07:30 - 2024-04-19 15:39 - 000210632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2024-04-28 07:30 - 2024-04-19 15:39 - 000187448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll 2024-04-28 07:30 - 2024-04-19 15:39 - 000174552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2024-04-28 07:30 - 2024-04-19 15:39 - 000157224 _____ C:\WINDOWS\system32\SET2DFE.tmp 2024-04-28 06:59 - 2024-04-28 06:59 - 000000000 ____D C:\Users\ghost\ai_overlay_tmp 2024-04-27 22:41 - 2024-04-27 22:41 - 000000000 ____D C:\Users\ghost\AppData\Local\NVIDIA Corporation 2024-04-27 10:19 - 2024-04-27 10:19 - 000172928 _____ C:\WINDOWS\system32\ammntdrv.sys 2024-04-27 10:19 - 2024-04-27 10:19 - 000032176 _____ C:\WINDOWS\system32\amwrtdrv.sys 2024-04-27 10:19 - 2024-04-27 10:19 - 000000960 _____ C:\Users\Public\Desktop\AOMEI Backupper.lnk 2024-04-27 10:19 - 2024-04-27 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper 2024-04-27 10:19 - 2024-04-27 10:19 - 000000000 ____D C:\Program Files (x86)\AOMEI 2024-04-27 10:19 - 2019-05-14 11:28 - 000051120 _____ C:\WINDOWS\system32\ambakdrv.sys 2024-04-27 08:21 - 2024-04-27 08:21 - 000000025 _____ C:\Users\ghost\OneDrive\Dokumente\FMRQPPRTKMH2K727R33THMXWZ.txt 2024-04-26 19:26 - 2024-04-26 19:32 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\Project CARS 2024-04-26 19:26 - 2024-04-26 19:26 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\wmd_symbol_cache 2024-04-26 16:01 - 2024-04-26 16:03 - 000000000 ____D C:\Users\ghost\AppData\Roaming\geany 2024-04-26 15:55 - 2024-04-26 16:03 - 000000000 ____D C:\Program Files\Geany 2024-04-26 15:55 - 2024-04-26 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geany 2024-04-26 15:36 - 2024-04-26 15:36 - 000004166 _____ C:\Users\ghost\OneDrive\Dokumente\DownloadManagerS3.2024.04.26.15.36.32.txt 2024-04-26 10:28 - 2024-04-26 10:28 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\Materialien_zu_Schroedinger_lernt_HTML5_und_CSS 2024-04-25 16:23 - 2024-04-25 16:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2024-04-25 16:22 - 2024-04-25 16:22 - 000000000 ____D C:\WINDOWS\pss 2024-04-23 15:00 - 2024-04-23 15:00 - 000002100 _____ C:\Users\Public\Desktop\AnyMP4 Blu-ray Player.lnk 2024-04-23 13:51 - 2024-04-23 13:51 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2024-04-23 11:40 - 2024-04-23 11:40 - 000000000 ____D C:\Users\ghost\AppData\Roaming\FasterThanLight 2024-04-22 21:46 - 2024-04-25 15:39 - 000000128 ___SH C:\WINDOWS\system32\geajqpkwirltyjih.dat 2024-04-22 21:46 - 2024-04-22 21:46 - 000000128 ___SH C:\WINDOWS\system32\cuqkopdfmievdpkq.tbl 2024-04-22 21:45 - 2024-04-22 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo EasyUEFI 2024-04-22 21:45 - 2024-04-22 21:45 - 000000000 ____D C:\Program Files\Hasleo 2024-04-22 13:59 - 2024-04-22 14:03 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Wireshark 2024-04-22 13:57 - 2024-04-24 08:41 - 000624008 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-04-22 13:56 - 2024-04-22 13:56 - 000001838 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk 2024-04-22 13:56 - 2024-04-22 13:56 - 000001826 _____ C:\Users\Public\Desktop\Wireshark.lnk 2024-04-22 13:56 - 2024-04-22 13:56 - 000000000 ____D C:\Program Files\USBPcap 2024-04-22 13:55 - 2024-04-22 13:56 - 000000000 ____D C:\Program Files\Wireshark 2024-04-22 13:55 - 2024-04-22 13:55 - 000003460 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog 2024-04-22 13:55 - 2024-04-22 13:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap 2024-04-22 13:55 - 2024-04-22 13:55 - 000000000 ____D C:\WINDOWS\system32\Npcap 2024-04-22 13:55 - 2024-04-22 13:55 - 000000000 ____D C:\Program Files\Npcap 2024-04-22 11:45 - 2024-04-22 11:45 - 000073300 _____ C:\Users\ghost\OneDrive\Dokumente\invoice_5066544802_20221205_113405_DEU_DEU.pdf 2024-04-22 10:57 - 2024-04-22 10:57 - 000373220 _____ C:\Users\ghost\OneDrive\Dokumente\Rechnung SAMSUNG WD90T534ABWS2 Waschtrockner.pdf 2024-04-22 10:06 - 2024-04-22 10:06 - 000000000 ____D C:\ProgramData\RapidSolution 2024-04-22 09:56 - 2024-04-22 09:56 - 000000000 ____D C:\Users\ghost\AppData\Local\CrashReport 2024-04-22 09:55 - 2024-04-22 10:07 - 000000000 ____D C:\Users\ghost\AppData\Local\Audials 2024-04-22 09:55 - 2024-04-22 10:07 - 000000000 ____D C:\Program Files\Audials 2024-04-22 09:29 - 2024-04-22 09:29 - 000000000 ___HD C:\OneDriveTemp 2024-04-22 09:29 - 2024-04-22 09:29 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\.@__thumb 2024-04-22 09:23 - 2024-04-22 09:23 - 000001236 _____ C:\Users\Public\Desktop\Wise Care 365.lnk 2024-04-22 09:22 - 2024-04-22 09:22 - 000000000 ____D C:\Users\ghost\AppData\Roaming\msg data 2024-04-21 14:07 - 2024-04-21 14:07 - 000000000 ____D C:\Users\ghost\AppData\LocalLow\Level 91 Entertainment 2024-04-20 17:23 - 2024-04-20 17:23 - 000000000 ____D C:\Users\ghost\AppData\LocalLow\Square Enix Ltd 2024-04-19 12:46 - 2024-04-19 12:46 - 000000000 ____D C:\Users\ghost\AppData\LocalLow\BetaDwarf ApS 2024-04-19 11:58 - 2024-04-19 11:58 - 000000000 ____D C:\Program Files\ReIcon 2024-04-19 11:55 - 2024-04-19 11:55 - 000001154 _____ C:\Users\ghost\Desktop\TeraCopy.lnk 2024-04-19 11:24 - 2024-04-19 11:24 - 000000000 _____ C:\Users\ghost\OneDrive\Dokumente\XYplorer u. Teracopy.txt 2024-04-18 21:15 - 2024-04-18 21:21 - 000000000 ____D C:\Users\ghost\AppData\Roaming\MiTeC 2024-04-18 21:14 - 2024-04-18 21:14 - 000000000 ____D C:\Users\ghost\Downloads\TMX 2024-04-18 20:10 - 2024-04-18 20:10 - 000000000 ____D C:\Users\ghost\AppData\Local\LenovoServiceBridge 2024-04-18 11:05 - 2024-04-18 12:59 - 000000000 ____D C:\Users\ghost\AppData\Local\MusicBee 2024-04-18 11:04 - 2024-04-18 11:04 - 000001101 _____ C:\Users\ghost\Desktop\MusicBee.lnk 2024-04-18 11:03 - 2024-04-27 08:36 - 000000000 ____D C:\Users\ghost\AppData\Roaming\MusicBee 2024-04-18 11:03 - 2024-04-18 11:03 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee 2024-04-18 11:03 - 2024-04-18 11:03 - 000000000 ____D C:\Program Files (x86)\MusicBee 2024-04-18 10:40 - 2024-04-18 10:40 - 000000773 _____ C:\Users\ghost\OneDrive\Dokumente\Malwarebytes Bericht über blockierte Websites 2024-04-18 083935.txt 2024-04-17 21:10 - 2024-04-17 21:10 - 000001999 _____ C:\Users\ghost\Desktop\MediathekView.lnk 2024-04-17 16:00 - 2024-04-17 16:00 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk 2024-04-17 16:00 - 2024-04-17 16:00 - 000000000 ____D C:\Users\ghost\AppData\Roaming\com.logitech 2024-04-17 16:00 - 2024-04-17 16:00 - 000000000 ____D C:\Users\ghost\AppData\Local\flutter_webview_windows 2024-04-17 16:00 - 2024-04-17 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2024-04-17 16:00 - 2024-04-17 16:00 - 000000000 ____D C:\Program Files\LogiOptionsPlus 2024-04-17 15:57 - 2024-04-17 16:45 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Wise Uninstaller 2024-04-17 15:57 - 2024-04-17 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Program Uninstaller 2024-04-17 13:04 - 2024-04-28 11:40 - 000000869 _____ C:\Users\Public\Desktop\WinMerge.lnk 2024-04-17 13:04 - 2024-04-28 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge 2024-04-17 13:04 - 2024-04-28 11:40 - 000000000 ____D C:\Program Files\WinMerge 2024-04-17 13:04 - 2024-04-17 13:04 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\WinMerge 2024-04-17 04:00 - 2024-04-17 04:00 - 000873176 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Device.dll 2024-04-17 04:00 - 2024-04-17 04:00 - 000061144 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Platform.dll 2024-04-16 23:04 - 2024-04-16 23:04 - 000058952 _____ (Advanced Micro Devices) C:\WINDOWS\system32\AMDRyzenMasterDriver.sys 2024-04-16 20:10 - 2024-04-16 20:10 - 000376793 _____ C:\Users\ghost\OneDrive\Dokumente\Überweisung Miete März.pdf 2024-04-16 20:10 - 2024-04-16 20:10 - 000376791 _____ C:\Users\ghost\OneDrive\Dokumente\Überweisung Miete April.pdf 2024-04-16 20:09 - 2024-04-16 20:09 - 000376797 _____ C:\Users\ghost\OneDrive\Dokumente\Überweisung Miete Februar.pdf 2024-04-16 15:26 - 2024-04-26 19:25 - 000000128 _____ C:\Users\ghost\AppData\Roaming\winscp.rnd 2024-04-16 15:26 - 2024-04-16 15:26 - 000001351 _____ C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk 2024-04-16 15:26 - 2024-04-16 15:26 - 000001343 _____ C:\Users\ghost\Desktop\WinSCP.lnk 2024-04-16 15:07 - 2024-04-16 20:19 - 000000128 _____ C:\Users\ghost\AppData\Local\PUTTY.RND 2024-04-16 15:06 - 2024-04-16 15:06 - 000001012 _____ C:\Users\Public\Desktop\PuTTY (64-bit).lnk 2024-04-16 15:06 - 2024-04-16 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit) 2024-04-16 15:06 - 2024-04-16 15:06 - 000000000 ____D C:\Program Files\PuTTY 2024-04-16 14:48 - 2024-04-16 14:48 - 000000000 ____D C:\Users\Default\AppData\Roaming\Adobe 2024-04-16 09:51 - 2024-04-16 09:51 - 000000000 ____D C:\Users\ghost\AppData\Local\ATI 2024-04-16 09:38 - 2024-04-16 09:38 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Hulubulu 2024-04-16 09:38 - 2024-04-16 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Renamer 2024-04-16 09:38 - 2024-04-16 09:38 - 000000000 ____D C:\Program Files\Advanced Renamer 2024-04-15 22:15 - 2024-04-15 22:15 - 000006094 _____ C:\Users\ghost\OneDrive\Dokumente\FileMenu Settings Backup.ini 2024-04-15 22:07 - 2024-04-15 22:07 - 000006471 _____ C:\Users\ghost\OneDrive\Dokumente\Miete Darlehen.odt 2024-04-15 22:02 - 2024-04-16 20:08 - 000059399 _____ C:\Users\ghost\OneDrive\Dokumente\Darlehen Miete.pdf 2024-04-15 17:29 - 2024-04-15 17:29 - 000000000 ____D C:\ProgramData\delight software gmbh 2024-04-15 16:35 - 2024-04-15 16:35 - 000000000 ___RD C:\Users\ghost\Downloads\BooStudioLLC.TorrexPro_b6e429xa66pga!App 2024-04-15 12:55 - 2024-04-15 12:55 - 000019265 _____ C:\Users\ghost\OneDrive\Dokumente\Möbelliste.pdf 2024-04-14 20:55 - 2024-04-14 20:56 - 081405584 _____ (QNAP SYSTEMS, INC.) C:\Users\ghost\Downloads\QNAPQsyncClientWindows-5.1.4.0129.exe 2024-04-14 13:18 - 2024-04-14 13:18 - 000000000 ____D C:\Program Files\PowerShell 2024-04-14 12:59 - 2024-04-14 12:59 - 010061078 _____ C:\Users\ghost\Downloads\QNAP-TS-464_settings_2024-4-14.bin 2024-04-13 23:37 - 2024-04-13 23:37 - 000000000 ____D C:\Users\ghost\AppData\Local\AMDIdentifyWindow 2024-04-13 17:41 - 2024-04-13 17:41 - 000000017 _____ C:\Users\ghost\AppData\Local\resmon.resmoncfg 2024-04-13 11:15 - 2024-04-13 11:15 - 000000000 ____D C:\Users\ghost\AppData\Local\Downloaded Installations 2024-04-13 11:15 - 2024-04-13 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2024-04-13 06:37 - 2024-04-13 06:37 - 001335296 _____ C:\WINDOWS\system32\config\DEFAULT.rhk 2024-04-13 06:37 - 2024-04-13 06:37 - 000090112 _____ C:\WINDOWS\system32\config\SAM.rhk 2024-04-12 15:25 - 2024-04-27 20:52 - 000002390 ____H C:\Users\ghost\OneDrive\Dokumente\Default.rdp 2024-04-12 08:26 - 2024-04-12 08:26 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\PowerToys 2024-04-12 02:13 - 2024-04-12 02:13 - 000000906 _____ C:\Users\ghost\Desktop\TrayStatus.lnk 2024-04-12 01:28 - 2024-04-12 01:28 - 016322560 _____ C:\Users\ghost\Downloads\Sniffnet_Windows_64-bit.msi 2024-04-12 00:42 - 2024-04-12 00:43 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\PowerShell 2024-04-12 00:42 - 2024-04-12 00:42 - 000000000 ____D C:\Users\ghost\AppData\Roaming\NuGet 2024-04-12 00:40 - 2024-04-12 08:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys 2024-04-12 00:40 - 2024-04-12 00:41 - 000000000 ____D C:\Program Files\PowerToys 2024-04-12 00:40 - 2024-04-12 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview) 2024-04-11 20:59 - 2024-04-28 21:41 - 000000000 ____D C:\WINDOWS\Minidump 2024-04-11 18:19 - 2024-04-11 18:19 - 000041813 _____ C:\Users\ghost\Downloads\271198292.pdf 2024-04-11 14:03 - 2024-04-11 14:03 - 000000000 ___HD C:\$Windows.~WS 2024-04-11 14:02 - 2024-04-11 14:04 - 000000000 ____D C:\ESD 2024-04-10 18:48 - 2024-04-10 18:48 - 000000000 ____D C:\Users\ghost\AppData\Local\QNAP 2024-04-10 18:48 - 2024-04-10 18:48 - 000000000 ____D C:\Users\ghost\AppData\Local\QfinderPro 2024-04-10 18:47 - 2024-04-10 18:47 - 000003040 _____ C:\WINDOWS\system32\Tasks\iSCSIAgentAutoStartup 2024-04-10 18:47 - 2024-04-10 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QNAP 2024-04-10 18:47 - 2024-04-10 18:47 - 000000000 ____D C:\Program Files (x86)\QNAP 2024-04-09 09:15 - 2024-04-09 09:15 - 000108508 _____ C:\Users\ghost\Downloads\Delato_32x32.theme.rar 2024-04-09 09:10 - 2024-04-09 09:16 - 000002027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk 2024-04-09 09:10 - 2024-04-09 09:16 - 000001975 _____ C:\Users\Public\Desktop\WinRAR.lnk 2024-04-09 09:10 - 2024-04-09 09:16 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2024-04-09 09:10 - 2024-04-09 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2024-04-09 09:10 - 2024-04-09 09:16 - 000000000 ____D C:\Program Files\WinRAR 2024-04-06 22:18 - 2024-04-06 22:21 - 000000169 _____ C:\Users\ghost\AppData\Roaming\BattleBitConfig.ini 2024-04-06 22:18 - 2024-04-06 22:19 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS 2024-04-06 22:12 - 2024-04-06 22:12 - 000001448 _____ C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Update Viewer.lnk 2024-04-05 18:05 - 2024-04-05 18:05 - 000001427 _____ C:\Users\ghost\Desktop\EA.lnk 2024-04-05 17:23 - 2024-04-26 14:06 - 000000000 ____D C:\ProgramData\EA Desktop 2024-04-05 16:22 - 2024-04-05 16:22 - 007370386 _____ C:\Users\ghost\Downloads\rpc444.zip 2024-04-05 16:15 - 2024-04-05 16:15 - 000008327 _____ C:\Users\ghost\Downloads\stefanrodriguezgaleano@gmail.com-export-2024-04-05-16-15-37.bckey 2024-04-05 16:13 - 2022-05-26 02:17 - 000012544 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbfsevtmsg.dll 2024-04-05 16:13 - 2022-05-26 02:16 - 000282368 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbfsShellHelper20.dll_ 2024-04-05 16:13 - 2022-05-26 02:16 - 000226048 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\SysWOW64\cbfsShellHelper20.dll_ 2024-04-05 06:43 - 2024-04-17 17:40 - 000000000 ____D C:\Program Files (x86)\WonderFox Soft 2024-04-05 06:43 - 2024-04-05 06:43 - 000000000 ____D C:\Users\ghost\AppData\Roaming\WonderFox Soft 2024-04-04 16:20 - 2024-04-04 16:22 - 000000000 ____D C:\Users\ghost\AppData\Local\Larian Studios 2024-04-04 15:59 - 2024-04-04 15:59 - 000201748 _____ C:\Users\ghost\OneDrive\Dokumente\Mietvertrag Bremen 02 2024 V02.pdf 2024-04-04 15:58 - 2024-04-04 15:58 - 001190734 _____ C:\Users\ghost\OneDrive\Dokumente\Betriebskostenabrechnung SWB 20223.pdf 2024-04-04 15:58 - 2024-04-04 15:58 - 000089281 _____ C:\Users\ghost\OneDrive\Dokumente\Aufforderung zur Mitwirkung.pdf 2024-04-04 09:27 - 2024-04-04 09:27 - 000003992 _____ C:\WINDOWS\system32\Tasks\eM Client Database Backup (S-1-5-21-636087272-42344311-1300616916-1001) 2024-04-03 16:27 - 2024-04-03 16:27 - 000184485 _____ C:\Users\ghost\Downloads\Umsaetze_DE42200400000175188200_EUR_03-04-2024_1627.pdf 2024-04-03 13:38 - 2024-04-26 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 2024-04-03 13:38 - 2024-04-26 15:02 - 000000000 ____D C:\Program Files\HWiNFO64 2024-04-03 08:31 - 2024-04-03 08:31 - 000000000 ____D C:\Users\ghost\Downloads\dism-gui-130 2024-04-03 06:40 - 2024-04-03 06:40 - 000000000 ____D C:\Users\ghost\AppData\Roaming\StarMoney64 2024-04-03 06:40 - 2024-04-03 06:40 - 000000000 ____D C:\Users\ghost\AppData\LocalLow\Shield 2024-04-03 06:40 - 2024-04-03 06:40 - 000000000 ____D C:\ProgramData\StarFinanz 2024-04-03 06:38 - 2024-04-03 06:40 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2024-04-03 05:47 - 2024-04-03 05:47 - 000000000 ____D C:\Users\ghost\AppData\Local\gtk-3.0 2024-04-03 05:45 - 2024-04-03 05:55 - 000000000 ____D C:\Users\ghost\AppData\Roaming\GnuCash 2024-04-03 05:44 - 2024-04-03 05:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash 2024-04-03 05:44 - 2024-04-03 05:44 - 000000000 ____D C:\Program Files (x86)\gnucash 2024-04-03 05:28 - 2024-04-08 19:31 - 000000000 ____D C:\Program Files\simplewall 2024-04-03 05:28 - 2024-04-03 05:28 - 000000888 _____ C:\Users\ghost\Desktop\simplewall.lnk 2024-04-03 05:28 - 2024-04-03 05:28 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\simplewall 2024-04-03 05:28 - 2024-04-03 05:28 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Henry++ 2024-04-03 03:42 - 2024-04-22 21:44 - 000000000 ____D C:\Program Files\Mozilla Firefox 2024-04-03 03:24 - 2024-04-27 22:41 - 000000000 ____D C:\Users\ghost\AppData\Local\UnrealEngine 2024-04-03 03:24 - 2024-04-03 03:24 - 000000000 ____D C:\Users\ghost\AppData\Local\Tempest 2024-03-31 05:24 - 2024-04-01 18:19 - 000000000 ____D C:\Users\ghost\AppData\Local\Ubisoft Game Launcher 2024-03-31 05:24 - 2024-03-31 05:24 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2024-03-31 05:24 - 2024-03-31 05:24 - 000000000 ____D C:\ProgramData\Ubisoft 2024-03-31 05:24 - 2024-03-31 05:24 - 000000000 ____D C:\Program Files (x86)\Ubisoft 2024-03-30 16:32 - 2024-03-30 16:32 - 000000000 ____D C:\Users\ghost\AppData\Local\bunkus.org 2024-03-30 16:31 - 2024-03-30 16:31 - 000000000 ____D C:\Users\ghost\AppData\Roaming\HandBrake 2024-03-30 16:04 - 2024-03-30 16:05 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\ZombieDriverHD 2024-03-29 15:58 - 2024-03-29 15:58 - 000000000 ____D C:\Users\ghost\AppData\Local\STAR WARS Battlefront II 2024-03-29 05:27 - 2024-04-13 06:37 - 112492544 _____ C:\WINDOWS\system32\config\SOFTWARE.rhk 2024-03-29 05:27 - 2024-04-13 06:37 - 008790016 _____ C:\Users\ghost\NTUSER.rhk 2024-03-29 05:27 - 2024-04-13 06:37 - 000053248 _____ C:\WINDOWS\system32\config\SECURITY.rhk 2024-03-29 05:23 - 2024-03-29 05:23 - 000000000 ____D C:\Users\ghost\AppData\Roaming\WiseUpdate ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2024-04-28 23:03 - 2024-02-15 21:04 - 000000000 ____D C:\ProgramData\Adguard 2024-04-28 22:57 - 2023-12-10 21:24 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-04-28 22:48 - 2024-02-28 19:52 - 000000000 ____D C:\Users\ghost\AppData\Local\Malwarebytes 2024-04-28 22:42 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-04-28 22:42 - 2023-12-09 04:28 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-04-28 22:38 - 2024-02-29 12:47 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Notepad++ 2024-04-28 22:38 - 2024-02-28 17:45 - 000000000 ____D C:\Program Files (x86)\Steam 2024-04-28 22:37 - 2023-12-11 04:08 - 000000000 ____D C:\Users\ghost\AppData\Local\CrashDumps 2024-04-28 22:36 - 2024-03-01 15:49 - 000000000 ____D C:\Program Files\CCleaner 2024-04-28 22:32 - 2024-02-28 17:39 - 000000000 ____D C:\Users\ghost\AppData\Roaming\eM Client 2024-04-28 22:03 - 2024-02-28 22:03 - 000000000 ____D C:\ProgramData\SecTaskMan 2024-04-28 22:00 - 2023-12-09 04:49 - 000000000 ____D C:\Users\ghost\AppData\Local\D3DSCache 2024-04-28 21:46 - 2024-02-29 19:57 - 000000000 ____D C:\Users\ghost\AppData\Roaming\VidCoder 2024-04-28 21:46 - 2023-12-09 04:47 - 001759482 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-04-28 21:46 - 2023-12-09 04:27 - 000000000 ____D C:\WINDOWS\INF 2024-04-28 21:43 - 2024-02-29 19:58 - 000000000 ____D C:\Users\ghost\AppData\Local\IsolatedStorage 2024-04-28 21:43 - 2024-02-28 14:15 - 000000000 ____D C:\Users\ghost\AppData\Local\KeePassXC 2024-04-28 21:40 - 2024-02-29 16:15 - 000000442 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2024-04-28 21:39 - 2024-02-28 17:27 - 000000000 ____D C:\ProgramData\VMware 2024-04-28 21:39 - 2024-02-21 14:14 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK 2024-04-28 21:39 - 2024-02-15 21:06 - 000000000 ____D C:\Program Files\AdGuard 2024-04-28 21:39 - 2023-12-09 04:54 - 000000000 ____D C:\Users\ghost\AppData\Local\LogiOptionsPlus 2024-04-28 21:39 - 2023-12-09 04:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-04-28 21:39 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\ServiceState 2024-04-28 21:39 - 2021-09-29 23:08 - 000012288 ___SH C:\DumpStack.log.tmp 2024-04-28 21:03 - 2024-02-21 14:17 - 005694160 _____ C:\WINDOWS\system32\rtp.db 2024-04-28 21:03 - 2023-12-09 04:25 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2024-04-28 20:59 - 2023-05-30 11:48 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\eM Client 2024-04-28 20:16 - 2024-02-29 12:29 - 000012627 _____ C:\WINDOWS\storelibdebug.txt 2024-04-28 18:42 - 2024-02-21 14:18 - 000000000 ____D C:\Users\Public\Security Sessions 2024-04-28 18:33 - 2024-02-29 15:57 - 000002599 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSL.lnk 2024-04-28 18:33 - 2023-12-09 04:47 - 000000000 ____D C:\Users\ghost\AppData\Local\Packages 2024-04-28 18:33 - 2023-12-09 04:47 - 000000000 ____D C:\ProgramData\Packages 2024-04-28 18:33 - 2023-12-09 04:28 - 000000000 ___HD C:\Program Files\WindowsApps 2024-04-28 18:33 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-04-28 18:27 - 2024-02-29 15:13 - 000001495 _____ C:\Users\ghost\Desktop\PowerShell 7 (x64).lnk 2024-04-28 18:26 - 2024-02-21 14:16 - 000000000 ____D C:\ProgramData\Avira 2024-04-28 18:26 - 2023-12-09 04:28 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-04-28 18:21 - 2024-02-21 14:16 - 000000000 ____D C:\Program Files (x86)\Avira 2024-04-28 18:20 - 2023-05-30 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2024-04-28 18:16 - 2023-12-09 04:39 - 000000000 ____D C:\Users\ghost 2024-04-28 18:16 - 2023-12-09 04:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-04-28 15:23 - 2024-02-28 17:11 - 000000000 ____D C:\Users\ghost\AppData\Local\DisplayFusion 2024-04-28 15:22 - 2023-12-09 04:49 - 000000000 ____D C:\Users\ghost\AppData\Local\PlaceholderTileLogoFolder 2024-04-28 12:27 - 2023-12-09 04:39 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-04-28 12:27 - 2021-09-29 23:09 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-04-28 07:37 - 2023-12-09 04:49 - 000000000 ____D C:\Users\ghost\AppData\Local\AMD 2024-04-28 07:33 - 2024-02-28 14:28 - 000003152 _____ C:\WINDOWS\system32\Tasks\StartCN 2024-04-28 07:33 - 2023-12-09 04:35 - 000000000 ____D C:\Program Files\AMD 2024-04-28 07:30 - 2023-05-30 12:23 - 000000000 ____D C:\AMD 2024-04-27 20:41 - 2024-02-29 21:48 - 000001154 _____ C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeraCopy.lnk 2024-04-27 20:41 - 2024-02-28 22:05 - 000000000 ____D C:\Users\ghost\AppData\Roaming\TeraCopy 2024-04-27 19:20 - 2023-05-30 16:45 - 000000000 ____D C:\Users\ghost\.MakeMKV 2024-04-27 19:15 - 2024-02-28 16:55 - 000000000 ____D C:\ProgramData\AomeiBR 2024-04-27 14:11 - 2024-02-28 18:42 - 000189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2024-04-27 14:11 - 2024-02-28 18:42 - 000189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2024-04-27 14:11 - 2024-02-28 18:42 - 000075136 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe 2024-04-27 10:24 - 2024-02-28 16:58 - 000000000 ____D C:\Program Files (x86)\AOMEI OneKey Recovery 1.7.1 2024-04-27 10:23 - 2024-03-28 22:59 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant 2024-04-27 10:23 - 2024-02-28 17:01 - 000000000 ____D C:\ProgramData\AOMEIPA 2024-04-27 10:23 - 2024-02-28 16:59 - 000000428 _____ C:\WINDOWS\SysWOW64\Amok.dat 2024-04-27 10:23 - 2024-02-28 16:56 - 000000624 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat 2024-04-27 10:23 - 2023-05-31 06:36 - 000001024 ____H C:\OKTAG.BIN 2024-04-27 10:23 - 2023-05-30 21:26 - 000001024 ____H C:\AMTAG.BIN 2024-04-27 10:22 - 2024-02-28 17:02 - 000000432 _____ C:\WINDOWS\SysWOW64\Upgrade.dat 2024-04-27 10:22 - 2024-02-28 17:02 - 000000208 _____ C:\WINDOWS\SysWOW64\PaBakConfig.dat 2024-04-27 10:22 - 2024-02-28 17:01 - 000004878 _____ C:\WINDOWS\PAGa4.dat 2024-04-27 10:22 - 2024-02-28 17:01 - 000000000 ____D C:\ProgramData\boost_interprocess 2024-04-27 10:22 - 2024-02-28 16:56 - 000000432 _____ C:\WINDOWS\SysWOW64\winsevr.dat 2024-04-27 10:19 - 2023-05-30 17:09 - 000001024 ____H C:\SYSTAG.BIN 2024-04-27 08:34 - 2024-02-28 22:18 - 000000000 ____D C:\Users\ghost\AppData\Roaming\XYplorer 2024-04-27 07:33 - 2024-02-28 19:06 - 000000000 ____D C:\Users\ghost\AppData\Roaming\VMware 2024-04-27 07:33 - 2024-02-28 19:06 - 000000000 ____D C:\Users\ghost\AppData\Local\VMware 2024-04-26 18:44 - 2024-02-29 12:54 - 000000000 ____D C:\Users\ghost\AppData\Local\Plex Media Server 2024-04-26 18:01 - 2024-02-29 12:54 - 000001087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server.lnk 2024-04-26 15:31 - 2024-02-28 14:16 - 000002776 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2024-04-26 15:31 - 2023-12-09 04:49 - 000003118 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-636087272-42344311-1300616916-1001 2024-04-26 15:02 - 2023-12-31 04:08 - 000000000 ____D C:\Users\ghost\AppData\Roaming\vlc 2024-04-26 14:49 - 2023-12-09 04:56 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-04-26 14:49 - 2023-12-09 04:56 - 000002209 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-04-26 10:28 - 2023-05-30 11:47 - 000000000 ___RD C:\Users\ghost\OneDrive 2024-04-26 06:40 - 2024-02-28 22:52 - 000000995 _____ C:\Users\Public\Desktop\AnyStream.lnk 2024-04-26 06:31 - 2022-07-03 21:15 - 000000000 ____D C:\WINDOWS\TempInst 2024-04-25 21:38 - 2023-12-09 04:35 - 000000000 ____D C:\ProgramData\A-Volute 2024-04-25 20:17 - 2024-02-28 14:06 - 000000000 ____D C:\Users\ghost\AppData\Local\AMD_Common 2024-04-25 17:27 - 2023-12-09 04:48 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32 2024-04-25 17:27 - 2023-12-09 04:48 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64 2024-04-25 16:56 - 2023-12-09 04:25 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-04-25 16:40 - 2024-03-28 23:48 - 000000000 ____D C:\Users\ghost\AppData\Roaming\XnViewMP 2024-04-25 16:24 - 2024-02-28 19:51 - 000239576 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2024-04-25 09:38 - 2024-02-29 10:00 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2024-04-25 09:38 - 2024-02-28 14:16 - 000002227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-04-25 09:33 - 2024-02-29 12:57 - 000000000 ____D C:\Users\ghost\AppData\Local\Plex 2024-04-24 21:50 - 2023-12-09 04:35 - 000000000 ____D C:\WINDOWS\system32\SONiX 2024-04-24 14:29 - 2024-03-28 16:30 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\MMC 2024-04-24 11:57 - 2023-12-09 04:28 - 000000000 ____D C:\ProgramData\USOPrivate 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___SD C:\WINDOWS\system32\UNP 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___SD C:\WINDOWS\system32\lxss 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___SD C:\WINDOWS\system32\F12 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___RD C:\WINDOWS\PrintDialog 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\UUS 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\SystemResources 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\SystemApps 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\migwiz 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\BrowserCore 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-04-24 08:40 - 2023-12-09 04:25 - 000000000 ____D C:\WINDOWS\servicing 2024-04-24 08:34 - 2023-12-09 04:37 - 003214336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-04-23 15:03 - 2024-03-02 22:20 - 000000000 ____D C:\Users\ghost\AppData\Roaming\obs-studio 2024-04-23 15:02 - 2024-02-28 22:00 - 000000000 ____D C:\Users\ghost\AppData\Roaming\mIRC 2024-04-23 15:00 - 2023-05-30 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyMP4 2024-04-23 13:50 - 2023-12-09 04:28 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2024-04-23 13:50 - 2022-07-03 21:16 - 000000000 ____D C:\Program Files\Microsoft Office 2024-04-23 08:26 - 2024-02-28 19:44 - 000002513 _____ C:\Users\Public\Desktop\O&O Defrag.lnk 2024-04-23 08:26 - 2024-02-28 19:44 - 000000000 ____D C:\Program Files\OO Software 2024-04-23 08:26 - 2023-05-30 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software 2024-04-22 22:01 - 2023-12-09 04:53 - 000000000 ____D C:\ProgramData\Package Cache 2024-04-22 22:00 - 2024-02-15 21:06 - 000001949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdGuard.lnk 2024-04-22 22:00 - 2024-02-15 21:06 - 000000975 _____ C:\Users\Public\Desktop\AdGuard.lnk 2024-04-22 21:48 - 2023-12-10 21:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-04-22 21:44 - 2023-12-10 21:24 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-04-22 09:29 - 2024-02-28 22:11 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Wise Care 365 2024-04-22 09:29 - 2023-05-30 11:48 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\Scanned Documents 2024-04-22 09:23 - 2023-06-01 08:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365 2024-04-21 19:27 - 2024-03-01 15:49 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2024-04-21 17:19 - 2024-02-29 12:59 - 000000000 ____D C:\Users\ghost\AppData\Roaming\AIMP 2024-04-21 13:30 - 2023-05-30 17:06 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2024-04-21 09:10 - 2024-03-01 15:49 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2024-04-21 09:10 - 2024-03-01 15:49 - 000003376 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2024-04-20 07:41 - 2023-12-09 04:56 - 000000000 ____D C:\Program Files (x86)\Google 2024-04-20 07:39 - 2024-02-29 11:14 - 000001118 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk 2024-04-20 07:39 - 2024-02-29 11:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management 2024-04-20 07:39 - 2024-02-29 11:00 - 000000000 ____D C:\Program Files\Calibre2 2024-04-19 20:42 - 2024-03-04 13:00 - 000000000 ____D C:\Users\ghost\MediathekView 2024-04-19 15:39 - 2023-10-27 16:48 - 000232280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll 2024-04-18 10:54 - 2024-03-06 13:55 - 107397120 _____ C:\WINDOWS\system32\config\software.amg 2024-04-17 17:43 - 2024-03-04 12:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediathekView 2024-04-17 17:43 - 2024-03-04 12:58 - 000000000 ____D C:\Program Files\MediathekView 2024-04-17 16:06 - 2024-03-01 18:30 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Process Hacker 2 2024-04-17 16:01 - 2024-02-29 22:58 - 000000000 ____D C:\ProgramData\Windows Master Setup 2024-04-17 16:01 - 2023-12-09 04:54 - 000000000 ____D C:\Users\ghost\AppData\Roaming\logioptionsplus 2024-04-17 15:57 - 2024-02-28 22:11 - 000000000 ____D C:\Program Files (x86)\Wise 2024-04-17 10:16 - 2024-02-28 14:28 - 002959928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe 2024-04-16 15:29 - 2024-02-28 17:34 - 000000000 ____D C:\Users\ghost\AppData\Roaming\FileZilla 2024-04-16 09:50 - 2023-06-03 17:57 - 000000000 ____D C:\Users\ghost\.ssh 2024-04-15 22:27 - 2024-02-29 11:00 - 000000000 ____D C:\Users\ghost\AppData\Roaming\calibre 2024-04-15 22:27 - 2023-06-09 13:45 - 000000000 ____D C:\Users\ghost\Calibre-Bibliothek 2024-04-15 21:50 - 2024-03-04 17:42 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Word 2024-04-15 16:34 - 2023-12-09 04:50 - 000000000 ____D C:\Users\ghost\AppData\Local\Publishers 2024-04-15 07:51 - 2024-02-29 17:30 - 000001928 _____ C:\Users\ghost\Desktop\Subtitle Edit.lnk 2024-04-15 07:51 - 2024-02-29 13:14 - 000000000 ____D C:\Program Files\Subtitle Edit 2024-04-15 07:51 - 2023-05-30 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit 2024-04-14 19:24 - 2023-05-30 11:44 - 000000000 ___SD C:\Users\ghost\AppData\Roaming\Microsoft\Credentials 2024-04-14 13:18 - 2024-02-29 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerShell 2024-04-13 11:15 - 2023-12-09 04:35 - 000000000 ____D C:\ProgramData\Lenovo 2024-04-13 11:15 - 2022-07-03 21:15 - 000000000 ____D C:\Program Files\Lenovo 2024-04-13 11:12 - 2023-12-09 04:48 - 000000000 ____D C:\ProgramData\Nahimic 2024-04-13 08:42 - 2023-12-09 04:25 - 001572864 _____ C:\WINDOWS\system32\config\DEFAULT.bak 2024-04-13 08:42 - 2023-12-09 04:25 - 000131072 ____N C:\WINDOWS\system32\config\SAM.bak 2024-04-13 06:29 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2024-04-12 14:41 - 2024-02-28 14:15 - 000000000 ____D C:\Users\ghost\AppData\Roaming\KeePassXC 2024-04-12 01:46 - 2024-03-28 17:54 - 002708984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2024-04-12 01:46 - 2024-03-28 17:54 - 000710248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2024-04-12 01:46 - 2024-03-28 17:54 - 000263784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll 2024-04-12 01:46 - 2024-03-28 17:54 - 000218616 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2024-04-12 01:46 - 2024-03-28 17:54 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2024-04-12 01:46 - 2024-03-28 17:54 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2024-04-12 01:46 - 2024-03-28 17:54 - 000108136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe 2024-04-12 01:46 - 2024-03-28 17:54 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe 2024-04-12 01:19 - 2024-03-28 23:05 - 000000871 _____ C:\Users\ghost\Desktop\TagScanner.lnk 2024-04-12 01:19 - 2024-03-28 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TagScanner 2024-04-12 01:19 - 2024-03-28 23:05 - 000000000 ____D C:\Program Files\TagScanner 2024-04-12 01:18 - 2024-02-28 21:59 - 000000000 ____D C:\ProgramData\TEMP 2024-04-12 01:17 - 2024-02-28 21:59 - 000000939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZ CD Audio Converter.lnk 2024-04-12 01:17 - 2024-02-28 21:59 - 000000000 ____D C:\Program Files\EZ CD Audio Converter 2024-04-11 18:49 - 2024-03-28 23:48 - 000001730 _____ C:\Users\ghost\Desktop\XnView MP.lnk 2024-04-11 18:49 - 2024-03-28 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView MP 2024-04-11 18:49 - 2024-03-28 23:48 - 000000000 ____D C:\Program Files\XnViewMP 2024-04-10 20:16 - 2024-03-28 23:02 - 000000000 ____D C:\Users\ghost\AppData\Local\FileZilla 2024-04-10 19:48 - 2021-09-29 23:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-04-09 19:59 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2024-04-09 19:59 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-04-09 19:50 - 2023-12-09 05:10 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-04-09 19:47 - 2023-12-09 05:10 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-04-09 19:46 - 2024-02-28 17:01 - 000000000 ____D C:\Program Files\dotnet 2024-04-09 11:19 - 2024-02-29 12:47 - 000000000 ____D C:\Program Files\Notepad++ 2024-04-09 09:16 - 2024-02-28 22:25 - 000000000 ____D C:\Users\ghost\AppData\Roaming\WinRAR 2024-04-06 22:18 - 2024-02-29 11:40 - 000000000 ____D C:\Users\ghost\AppData\Roaming\EasyAntiCheat 2024-04-05 17:23 - 2024-02-28 18:22 - 000000000 ____D C:\Program Files\Electronic Arts 2024-04-05 15:57 - 2024-02-29 12:44 - 000001076 _____ C:\Users\Public\Desktop\Configure FileMenu Tools.lnk 2024-04-05 15:57 - 2023-05-30 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileMenu Tools 2024-04-04 08:21 - 2023-12-09 04:40 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-04-04 08:21 - 2023-12-09 04:40 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-03-31 05:25 - 2023-05-30 11:48 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\My Games 2024-03-30 16:45 - 2024-02-28 22:18 - 000000000 ____D C:\Program Files (x86)\XYplorer 2024-03-30 16:31 - 2024-02-29 12:58 - 000000000 ____D C:\Program Files (x86)\AIMP 2024-03-30 16:29 - 2024-02-29 12:47 - 000000888 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2024-03-30 00:41 - 2023-05-30 11:48 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\Image-Line 2024-03-30 00:31 - 2023-06-09 20:56 - 000000000 ____D C:\Users\ghost\Downloads\incomplete 2024-03-30 00:31 - 2023-06-09 20:56 - 000000000 ____D C:\Users\ghost\Downloads\complete 2024-03-29 23:19 - 2024-02-29 16:15 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubuntu-22.04 ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2024-01-01 13:30 - 2024-01-01 13:30 - 000000273 _____ () C:\ProgramData\fontcacheev1.dat 2003-10-06 10:21 - 2003-10-06 10:21 - 000000000 ____H () C:\ProgramData\sdpsenv.dat 2024-04-06 22:18 - 2024-04-06 22:21 - 000000169 _____ () C:\Users\ghost\AppData\Roaming\BattleBitConfig.ini 2024-04-16 15:26 - 2024-04-26 19:25 - 000000128 _____ () C:\Users\ghost\AppData\Roaming\winscp.rnd 2024-04-16 15:07 - 2024-04-16 20:19 - 000000128 _____ () C:\Users\ghost\AppData\Local\PUTTY.RND 2024-04-13 17:41 - 2024-04-13 17:41 - 000000017 _____ () C:\Users\ghost\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
|
29.04.2024, 09:31
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eingehende Verbindung mit svchost.exe (Malewarebytes ) Es fehlt immer noch die Addition.txt
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.04.2024, 09:51
| #6 |
| | Eingehende Verbindung mit svchost.exe (Malewarebytes ) Addition Teil 1 Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
durchgeführt von ghost (28-04-2024 23:15:34)
Gestartet von D:\Multimedia\Downloads
Microsoft Windows 11 Pro Version 23H2 22631.3527 (X64) (2023-12-09 02:47:35)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-636087272-42344311-1300616916-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-636087272-42344311-1300616916-503 - Limited - Disabled)
Gast (S-1-5-21-636087272-42344311-1300616916-501 - Limited - Disabled)
ghost (S-1-5-21-636087272-42344311-1300616916-1001 - Administrator - Enabled) => C:\Users\ghost
jmrod (S-1-5-21-636087272-42344311-1300616916-1009 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-636087272-42344311-1300616916-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Avira Security (Enabled - Up to date) {ECF452C3-6EC5-5C1F-754D-F6203DD491E1}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
AdGuard (HKLM\...\{A8CDCD01-B65F-4169-A3A9-F13EEBA31ED3}) (Version: 7.17.4709.0 - Adguard Software Limited) Hidden
AdGuard (HKLM-x32\...\{a3d8c7bf-71f5-4be7-96d5-f29d13e0adc5}) (Version: 7.17.4709.0 - Adguard Software Limited)
Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.94 - Hulubulu Software)
AIMP (HKLM-x32\...\AIMP) (Version: 5.30.2541 - Artem Izmaylov)
Amazon Appstore (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\com.amazon.venezia) (Version: release-60.24.1.0.210299.0_683610 - amazon.com)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.01.25.342 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.124 - Advanced Micro Devices, Inc.) Hidden
AMD Privacy View (HKLM\...\{D8E24EA6-807B-48D0-86D6-A9C5E74B8F2C}) (Version: 1.02.0001 - Eyeware Tech SA)
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.26.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.4.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{42e5a8d4-8fb0-48a1-9063-fc159c7566a0}) (Version: 6.01.25.342 - Advanced Micro Devices, Inc.) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 8.6.8.0 - RedFox)
AnyMP4 Blu-ray Player 6.5.58 (HKLM-x32\...\{DF8BE739-832A-482a-8C75-FB9628A6BE6E}_is1) (Version: 6.5.58 - AnyMP4 Studio)
AnyStream (64 bit) (HKLM\...\AnyStream64) (Version: 1.8.8.0 - RedFox)
AOMEI Backupper (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: 7.3.5 - AOMEI International Network Limited.)
AOMEI OneKey Recovery 1.7.1 (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF553690FD}_is1) (Version: - AOMEI International Network Limited.)
AOMEI Partition Assistant 10.3.1 (HKLM-x32\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: 10.3.1 - AOMEI International Network Limited.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15 - tippach engineering)
Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version: - ) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.44.1.19908 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.101.602 - Avira Operations GmbH) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 7.2.0.477 - Avira Operations GmbH) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM\...\{5CE9A3A7-0901-4ED9-BD49-146891154898}) (Version: 7.9.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.23 - Piriform)
ClipboardFusion (HKLM\...\CE862FB9-804D-4D16-98F5-677FA31B647C_is1) (Version: 6.1.0.0 - Binary Fortress Software)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 6.2.0.1813 - Disc Soft Ltd)
Directory Opus (HKLM\...\{6CFA061F-1A4C-4569-963F-2ACFC60F5CAD}_is1) (Version: 13.3 - GPSoftware)
DisplayFusion (HKLM\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 10.1.2.0 - Binary Fortress Software)
Dolby Vision Provisioning Utility (HKLM-x32\...\provisiondolbyvision1_1-20200601_is1) (Version: 1.7.4.4 (2023 October Data a) - Lenovo Group Limited)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.180.0.5693 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{c3d1a34e-884e-4029-acbf-94684808334d}) (Version: 13.180.0.5693 - Electronic Arts)
EasyUEFI (HKLM\...\EasyUEFI_is1) (Version: 5.5 - Hasleo Software.)
eM Client (HKLM-x32\...\{A5D710A6-3BEC-4139-B39D-C5D29C43E5F5}) (Version: 9.2.2157.0 - eM Client Inc.)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2404.2771 - Avira Operations GmbH) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 11.5.2 - Poikosoft)
FileMenu Tools 8.4.1 (HKLM\...\FileMenuTools_is1) (Version: 8.4.1 - LopeSoft)
FileZilla Pro 3.66.5 (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\FileZilla Pro) (Version: 3.66.5 - Tim Kosse)
FL Studio 21 (HKLM-x32\...\FL Studio 21) (Version: 21.2.3.4004 - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Geany 2.0 (HKLM\...\Geany) (Version: 2.0 - The Geany developer team)
Geany-Plugins 2.0 (HKLM\...\Geany-Plugins) (Version: 2.0 - The Geany developer team)
GIMP 2.10.36-1 (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\GIMP-2_is1) (Version: 2.10.36 - The GIMP Team)
GnuCash 5.6 (HKLM-x32\...\GnuCash_is1) (Version: 5.6 - GnuCash Development Team)
Google Chrome (HKLM\...\{DD4755AF-D911-3417-8470-0FA19F98008B}) (Version: 124.0.6367.92 - Google LLC)
HandBrake 1.7.3 (HKLM-x32\...\HandBrake) (Version: 1.7.3 - )
HWiNFO64 (HKLM\...\HWiNFO64_is1) (Version: 8.00 - Martin Malik, REALiX s.r.o.)
Java 8 Update 401 (64-bit) (HKLM\...\{71024AE4-039E-4CA4-87B4-2F64180401F0}) (Version: 8.0.4010.10 - Oracle Corporation)
KeePassXC (HKLM\...\{2D8B88BF-C678-465A-8C59-92DFF9CB311C}) (Version: 2.7.7 - KeePassXC Team)
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.10.0.10 - Lenovo Group Ltd.)
Lenovo Diagnostics Evolution (HKLM\...\LenovoDiagnosticsEvolution_is1) (Version: 5.11.0.40 - LENOVO (UNITED STATES) INC.)
Lenovo Now (HKLM-x32\...\Lenovo Now) (Version: 3.12.2.2 - Lenovo Group Ltd.)
Lenovo Service Bridge (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.16 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.0.75.0 - Lenovo Group Ltd.)
LibreOffice 24.2.0.3 (HKLM\...\{5A433714-C509-4707-BF0C-410D3FBCE8B3}) (Version: 24.2.0.3 - The Document Foundation)
LicenseCrawler 2.10.2822 (HKLM-x32\...\LicenseCrawler_is1) (Version: 2.10.2822 - Martin Klinzmann)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.70.551909 - Logitech)
MakeMKV v1.17.6 (HKLM-x32\...\MakeMKV) (Version: v1.17.6 - GuinpinSoft inc)
Malwarebytes version 5.1.3.110 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.3.110 - Malwarebytes)
MediathekView 14.0.0 (HKLM\...\1927-5045-2127-3394) (Version: 14.0.0 - MediathekView Team)
Microsoft .NET Host - 6.0.29 (x64) (HKLM\...\{E7C485FB-3329-43E3-965B-3DE4B863E1D9}) (Version: 48.116.12053 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.18 (x64) (HKLM\...\{8B68385D-2790-41EE-8D7C-3B82B4DF2E78}) (Version: 56.72.12030 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.29 (x64) (HKLM\...\{724B2734-4B1A-46E2-9333-6D3B83351D02}) (Version: 48.116.12053 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.18 (x64) (HKLM\...\{97B1AA87-A6DA-474C-B607-7627F2D7B98A}) (Version: 56.72.12030 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.29 (x64) (HKLM\...\{014E0350-0B29-483B-9252-8780DEBA0856}) (Version: 48.116.12053 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.18 (x64) (HKLM\...\{2BC88C2F-92B5-4BB0-B40E-EC88F0EEA057}) (Version: 56.72.12030 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.17531.20062 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\{1CDF162C-44C5-32F2-BEE0-A9A6FCDB032F}) (Version: 124.0.2478.67 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 124.0.2478.67 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.070.0407.0003 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.17531.20062 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM\...\{805626FF-2BC9-4567-A71E-A76A470D000A}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM-x32\...\{8d173101-98c1-4e92-97c6-47c6840745a7}) (Version: 6.0.16.32327 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.29 (x64) (HKLM\...\{A0DA3EDD-9C41-491F-A77E-5F90AFDB64B2}) (Version: 48.116.12057 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.29 (x64) (HKLM-x32\...\{54679abd-8ed9-4bd3-8400-7684dd7c6f03}) (Version: 6.0.29.33521 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.18 (x64) (HKLM\...\{F91C5C9A-FDEF-44D0-88D8-40113345FAA7}) (Version: 56.72.12035 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.18 (x64) (HKLM-x32\...\{9926fb6d-a007-472d-b0dc-38d7e8c475e0}) (Version: 7.0.18.33520 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.76 - mIRC Co. Ltd.)
MKVToolNix 83.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 83.0.0 - Moritz Bunkus)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 125.0.2 (x64 de)) (Version: 125.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 124.0.1 - Mozilla)
MusicBee 3.5.8698 (HKLM-x32\...\MusicBee) (Version: 3.5.8698 - Steven Mayall)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.6.5 - Notepad++ Team)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.78 - Nmap Project)
O&O Defrag Professional (HKLM\...\{295D71E4-9E8B-4C2C-8127-921059A6B215}) (Version: 28.0.10005 - O&O Software GmbH)
O&O DiskImage (HKLM\...\{F0DF7F9D-B9F5-411A-882A-52F3435575B5}) (Version: 19.0.109 - O&O Software GmbH)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.1.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17531.20062 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Plex (HKLM-x32\...\Plex) (Version: 1.91.0 - Plex, Inc.)
Plex Media Server 1.40.2.8395 (x64) (HKLM\...\{688e1d8f-188e-49cd-83ca-2669a7e3f8cc}_is1) (Version: 1.40.2.8395 - Plex, Inc.)
Plexamp 4.9.5 (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\46418f0f-cea3-5740-a7e9-a0166db1e7c4) (Version: 4.9.5 - Plex, Inc.)
PowerShell 7-x64 (HKLM\...\{F895A69B-7C3F-49AD-83FC-A87B31EFF8F3}) (Version: 7.4.2.0 - Microsoft Corporation)
PowerToys (Preview) (HKLM\...\{8ED268A9-7DBE-4B5B-B7FA-78E95BBFFA6A}) (Version: 0.80.1 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{54a636d2-7a27-48a2-aa5c-3f5c9a93954d}) (Version: 0.80.1 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
PuTTY release 0.81 (64-bit) (HKLM\...\{DDC95F26-92B1-4546-9678-5DC68DF76BA0}) (Version: 0.81.0.0 - Simon Tatham)
QNAP Qfinder Pro (HKLM-x32\...\QNAP_FINDER) (Version: 7.10.2.0125 - QNAP Systems, Inc.)
Raspberry Pi Imager (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Raspberry Pi Imager) (Version: 1.8.5 - Raspberry Pi Ltd)
Revo Uninstaller Pro 5.2.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.2.6 - VS Revo Group, Ltd.)
RyzenMasterSDK (HKLM\...\{F6788715-BF16-4041-B096-A00CC393969B}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
SABnzbd 4.2.2 (HKLM-x32\...\SABnzbd) (Version: 4.2.2 - The SABnzbd-Team)
Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software)
simplewall (HKLM\...\simplewall) (Version: 3.8 - Henry++)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subtitle Edit (HKLM\...\SubtitleEdit_is1) (Version: 4.0.5.0 - Nikse)
TagScanner (64bit) (HKLM\...\TagScanner 6.1.16 (64bit)_is1) (Version: 6.1.16 - Sergey Serkov)
TagScanner (64bit) (HKLM\...\TagScanner_is1) (Version: 6.1.17 - Sergey Serkov)
TeraCopy (HKLM\...\{DF5325DF-1F43-4282-85D5-1CA3353E6B13}) (Version: 3.17 - Code Sector)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.03 - Ghisler Software GmbH)
TrayStatus (HKLM\...\d6b74f60-2e9d-4c60-a8b7-b7d737c44ad4_is1) (Version: 4.8.0.0 - Binary Fortress Software)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 151.1.11048 - Ubisoft)
Ultracopier 2.2.6.8 (HKLM-x32\...\Ultracopier) (Version: 2.2.6.8 - Ultracopier)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.93 - Samsung Electronics CO., LTD.)
USBPcap 1.5.4.0 (HKLM\...\USBPcap) (Version: 1.5.4.0 - Tomasz Mon)
VidCoder (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\VidCoder.Stable) (Version: 9.20.0 - RandomEngy)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Windows Subsystem for Linux (HKLM\...\{877F46EF-614F-4B05-A09D-E15E5B424710}) (Version: 2.1.5.0 - Microsoft Corporation) Hidden
Windows Subsystem for Linux Update (HKLM\...\{F8474A47-8B5D-4466-ACE3-78EAB3BF21A8}) (Version: 5.10.102.1 - Microsoft Corporation)
Windows Update Viewer (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\{3A152885-8378-4FDE-AFCC-85D096B16A1D}_is1) (Version: 0.6.0.0 - Tim Kennedy)
WinMerge 2.16.40.0 x64 (HKLM\...\WinMerge_is1) (Version: 2.16.40.0 - Thingamahoochie Software)
WinRAR 7.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
WinSCP 6.3.2 (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\winscp3_is1) (Version: 6.3.2 - Martin Prikryl)
Wireshark 4.2.4 x64 (HKLM-x32\...\Wireshark) (Version: 4.2.4 - The Wireshark developer community, hxxps://www.wireshark.org)
Wise Care 365 (HKLM-x32\...\Wise Care 365_is1) (Version: 6.6.5 - Lespeed Technology Co., Ltd.)
Wise Program Uninstaller (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: 3.1.9 - Lespeed Technology Co., Ltd.)
XnView MP (x64) (HKLM\...\XnView MP (x64)_is1) (Version: 1.7.1.0 - Pierre-e Gougelet)
XYplorer 25.90 (HKLM-x32\...\XYplorer) (Version: 25.90.0100 - Donald Lessau, Cologne Code Company)
Code:
ATTFilter Chrome apps:
============
YouTube (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\22beb3ec24f58d0ad88b1c7c3b7f745a) (Version: 1.0 - Google\Chrome)
Packages:
=========
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2024-04-28] (Advanced Micro Devices Inc.)
Dolby Vision -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionHDR_2.20302.526.0_x64__rz1tebttyb220 [2024-04-26] (Dolby Laboratories)
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.3.0.0_x86__1sdd7yawvg6ne [2024-04-28] (File-New-Project) [Startup Task]
EZ CD Audio Converter -> C:\Program Files\EZ CD Audio Converter [2024-04-12] ()
FeedLab -> C:\Program Files\WindowsApps\ClevLab.FeedLab_3.1.4.0_x64__qdcg6xvbhrn16 [2024-04-28] (ClevLab) [MS Ad]
FileMenu Tools -> C:\Program Files\LopeSoft\FileMenu Tools [2024-04-05] (LopeSoft)
GitHub -> C:\Program Files\WindowsApps\github.com-8B11BEB2_1.0.0.0_neutral__2t1n1bqhyggy0 [2024-04-14] (github.com)
Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2024-04-28] (Microsoft Corporation)
Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.237.110.0_x86__8wekyb3d8bbwe [2024-04-28] (Microsoft Corporation)
Ink.Handwriting.Main.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.de-DE.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2024-04-28] (Microsoft Corporation)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2403.25.0_x64__k1h2ywk1493x8 [2024-04-28] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-04-02] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21002.0_x64__8wekyb3d8bbwe [2024-04-11] (Microsoft Corporation) [Startup Task]
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.931.0_x64__8wekyb3d8bbwe [2024-04-12] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-28] (Microsoft Corporation)
Microsoft.HEVCVideoExtensions -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.1.452.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-04-09] (Microsoft Corporation)
Microsoft.Windows.Ai.Copilot.Provider -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-28] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24041.33.0_x64__cw5n1h2txyewy [2024-04-28] (Microsoft Windows) [Startup Task]
MSIX Packaging Tool -> C:\Program Files\WindowsApps\Microsoft.MSIXPackagingTool_1.2023.1212.0_x64__8wekyb3d8bbwe [2024-03-20] ()
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.10.1.0_x64__w2gh52qy24etm [2024-04-25] (A-Volute)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.99.5.0_x64__mcm4njqhnhss8 [2024-04-19] (Netflix, Inc.)
Nextgen Reader -> C:\Program Files\WindowsApps\6205NextMatters.NextgenReader_7.0.34.0_x64__dhevqfrzdz4vg [2024-04-11] (Next Matters)
Notepad++ -> C:\Program Files\Notepad++\contextMenu [2024-03-30] (Notepad++)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2024-04-28] (Microsoft Corporation)
Password Manager SafeInCloud -> C:\Program Files\WindowsApps\51041SafeInCloud.PasswordManagerSafeInCloud_24.6.4.0_x86__wh7zearnzvtm6 [2024-04-28] (Andrey Shcherbakov) [Startup Task]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2024-04-28] (Plex)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_11.2404.195.0_x64__8wekyb3d8bbwe [2024-04-25] (Microsoft Corporation) [Startup Task]
PowerToys FileLocksmith Context Menu -> C:\Program Files\PowerToys\WinUI3Apps [2024-04-12] (Microsoft)
PowerToys ImageResizer Context Menu -> C:\Program Files\PowerToys [2024-04-12] (Microsoft)
PowerToys PowerRename Context Menu -> C:\Program Files\PowerToys\WinUI3Apps [2024-04-12] (Microsoft)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.39.283.0_x64__dt26b99r8h8gj [2023-12-09] (Realtek Semiconductor Corp)
Remotedesktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation)
Sysinternals Suite -> C:\Program Files\WindowsApps\Microsoft.SysinternalsSuite_2024.2.1.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation)
Torrex Pro - Torrent Downloader -> C:\Program Files\WindowsApps\BooStudioLLC.TorrexPro_1.4.30.0_x64__b6e429xa66pga [2024-04-28] (Finebits OÜ) [MS Ad] [Startup Task]
Ubuntu 22.04.3 LTS -> C:\Program Files\WindowsApps\CanonicalGroupLimited.Ubuntu22.04LTS_2204.3.63.0_x64__79rhkp1fndgsc [2024-04-28] (Canonical Group Limited)
WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-12-10] (Microsoft Corp.)
WinAppRuntime.Main.1.2-p1 -> C:\Program Files\WindowsApps\microsoftcorporationii.winappruntime.main.1.2-p1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-04-18] (Microsoft Corp.)
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1136.2333.0_x64__8wekyb3d8bbwe [2024-02-16] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.95.533.0_x64__8wekyb3d8bbwe [2024-04-11] (Microsoft Corp.)
WinAppRuntime.Singleton-p1 -> C:\Program Files\WindowsApps\microsoftcorporationii.winappruntime.singleton-p1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-04-18] (Microsoft Corp.)
Windows App Runtime DDLM 2000.609.1413.0-x6-p1 -> C:\Program Files\WindowsApps\microsoft.winappruntime.ddlm.2000.609.1413.0-x6-p1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-04-18] (Microsoft Corporation)
Windows App Runtime DDLM 2000.609.1413.0-x8-p1 -> C:\Program Files\WindowsApps\microsoft.winappruntime.ddlm.2000.609.1413.0-x8-p1_2000.609.1413.0_x86__8wekyb3d8bbwe [2024-04-18] (Microsoft Corporation)
Windows App Runtime DDLM 2000.802.31.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x6_2000.802.31.0_x64__8wekyb3d8bbwe [2023-12-10] (Microsoft Corporation)
Windows App Runtime DDLM 2000.802.31.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x8_2000.802.31.0_x86__8wekyb3d8bbwe [2023-12-10] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x6_4000.964.11.0_x64__8wekyb3d8bbwe [2024-01-12] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x8_4000.964.11.0_x86__8wekyb3d8bbwe [2024-01-12] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-04-24] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-04-24] (Microsoft Windows)
WindowsAppRuntime.1.2-preview1 -> C:\Program Files\WindowsApps\microsoft.windowsappruntime.1.2-preview1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-04-18] (Microsoft Corporation)
WindowsAppRuntime.1.2-preview1 -> C:\Program Files\WindowsApps\microsoft.windowsappruntime.1.2-preview1_2000.609.1413.0_x86__8wekyb3d8bbwe [2024-04-18] (Microsoft Corporation)
Windows-Subsystem für Android™ -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2311.40000.5.0_x64__8wekyb3d8bbwe [2024-04-28] (Microsoft Corp.) [Startup Task]
WinMerge -> C:\Program Files\WinMerge [2024-04-28] (winmerge.org)
WinRAR -> C:\Program Files\WinRAR [2024-04-09] (win.rar GmbH)
WSATools -> C:\Program Files\WindowsApps\54406Simizfo.WSATools_1.0.3.0_x64__f0x555vvp18ze [2024-03-27] (Simone Franco)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{10144713-1526-46C9-88DA-1FB52807A9FF}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.SvgThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{2C28256E-343B-4BB5-AE6C-DB0C297B82D2}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software (Redbrook Pty Ltd) -> GP Software)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{4A2DBA97-B400-43CB-A4B3-C03CB293FC93}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software (Redbrook Pty Ltd) -> GP Software)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{5ea9a442-5352-ed6e-d37f-9d511e7e2caa}\localserver32 -> C:\Program Files\PowerToys\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{60789D87-9C3C-44AF-B18C-3DE2C2820ED3}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.MarkdownPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{729B72CD-B72E-4FE9-BCBF-E954B33FE699}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.QoiPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{77257004-6F25-4521-B602-50ECC6EC62A6}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.StlThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\ghost\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{A0257634-8812-4CE8-AF11-FA69ACAEAFAE}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.GcodePreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{AD856B15-D25E-4008-AFB7-AFAA55586188}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.QoiThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{BB5E5396-CD37-4B96-8A6E-55EB3FCB1D23}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software (Redbrook Pty Ltd) -> GP Software)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{ce58a493-1357-cae0-d669-fe54fb63756c}\localserver32 -> C:\Program Files\OO Software\Defrag\oodtrwnd.exe (O&O Software GmbH -> O&O Software GmbH)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{D8034CFA-F34B-41FE-AD45-62FCBB52A6DA}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.MonacoPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}\InprocServer32 -> C:\Users\ghost\AppData\Local\Programs\WinSCP\DragExt64.dll (Martin Prikryl -> Martin Prikryl)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{F2847CBE-CD03-4C83-A359-1A8052C1B9D5}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.GcodeThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{F35D3F59-EDC8-4DDB-96A1-472211370BBA}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software (Redbrook Pty Ltd) -> GP Software)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{F7757183-C0D1-4EC6-95BC-960171DAAD99}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software (Redbrook Pty Ltd) -> GP Software)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{fc2f3575-b316-ac6e-0e71-05c27fa0611c}\localserver32 -> C:\Users\ghost\AppData\Local\VidCoder.Stable\app-9.20.0\VidCoder.exe (David Rickard -> VidCoder)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{FCDD4EED-41AA-492F-8A84-31A1546226E0}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.SvgPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{FFD45BA7-06D8-4945-8848-A2DF537AE888}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software (Redbrook Pty Ltd) -> GP Software)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11d2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2099560 2024-02-27] (GP Software (Redbrook Pty Ltd) -> GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11d2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [1018224 2024-02-27] (GP Software (Redbrook Pty Ltd) -> GP Software)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2024-03-30] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2022-09-23] (Poikosoft -> Poikosoft)
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2024-03-12] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-02-28] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers1: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers2: [DaemonShellExtDriveUltra] -> {F0E53CA3-02F8-40AE-9470-309F0309036F} => C:\Program Files\DAEMON Tools Ultra\dtshl64.dll [2024-02-28] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
ContextMenuHandlers2: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2024-04-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2024-03-12] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers2: [OODIDismount] -> {BF5F9978-5B95-4F2E-BB19-5D95234187EE} => C:\Program Files\OO Software\DiskImage\oodishd.dll [2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers2: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [DaemonShellExtImageUltra] -> {B5EBA666-2B94-4C7A-9CAA-A4539F329646} => C:\Program Files\DAEMON Tools Ultra\dtshl64.dll [2024-02-28] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
ContextMenuHandlers3: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2024-04-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [FileMenuTools] -> {C1B2C38F-3DCA-4E3D-BC34-D5B87B636543} => C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools64.dll [2024-03-09] (RUBEN LOPEZ HERNANDEZ -> LopeSoft)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-28] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2024-04-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2024-03-30] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2022-09-23] (Poikosoft -> Poikosoft)
ContextMenuHandlers4: [FileMenuTools] -> {C1B2C38F-3DCA-4E3D-BC34-D5B87B636543} => C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools64.dll [2024-03-09] (RUBEN LOPEZ HERNANDEZ -> LopeSoft)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-02-28] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers4: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [FileMenuTools] -> {C1B2C38F-3DCA-4E3D-BC34-D5B87B636543} => C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools64.dll [2024-03-09] (RUBEN LOPEZ HERNANDEZ -> LopeSoft)
ContextMenuHandlers5: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2024-04-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-02-28] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [FileMenuTools] -> {C1B2C38F-3DCA-4E3D-BC34-D5B87B636543} => C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools64.dll [2024-03-09] (RUBEN LOPEZ HERNANDEZ -> LopeSoft)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-28] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2024-03-12] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2022-04-04] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
Geändert von cosinus (29.04.2024 um 09:57 Uhr) Grund: code tags |
|
29.04.2024, 10:07
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eingehende Verbindung mit svchost.exe (Malewarebytes ) Störende, veraltete oder unnötige Programme deinstallieren Bitte über Programme und Features (appwiz.cpl) deinstallieren:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.04.2024, 10:07
| #8 | |
| | Eingehende Verbindung mit svchost.exe (Malewarebytes )Zitat:
Darf ich vorab fragen warum? Geändert von Ghost_Induct (29.04.2024 um 10:16 Uhr) |
|
29.04.2024, 10:20
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eingehende Verbindung mit svchost.exe (Malewarebytes ) Weil das völlig überflüssige und tw. kontraprodukive Programme sind. adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner bitte wiederholen falls es Funde gab.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.04.2024, 10:32
| #10 |
| | Eingehende Verbindung mit svchost.exe (Malewarebytes ) So scan abgeschlossen. Das ist nur Lenovo. Wenn ich die Lösche gehen wohl einige Programme nicht mehr oder? Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-29-2024
# Duration: 00:00:08
# OS: Windows 11 (Build 22631.3527)
# Scanned: 32108
# Detected: 7
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\ghost\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Preinstalled.LenovoServiceBridge Folder C:\Users\ghost\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
AdwCleaner_Debug.log - [2935 octets] - [29/04/2024 00:05:27]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Und noch etwas wichtiges ....Auf meinem NAS QNAP TS-464 habe ich auch diese eingehenden Zugriffe die aber nicht durch kommen. Hier die Log von QuFirewall: Code:
ATTFilter Deny amount=17,"Interface=All","Ports=","Protocol=Any","Source_IP=Any","Location=","Permission=Deny","Time=1714381200","date=2024-04-29 11:00:00"
Deny amount=13,"Interface=All","Ports=","Protocol=Any","Source_IP=Any","Location=","Permission=Deny","Time=1714377600","date=2024-04-29 10:00:00"
Deny amount=59,"Interface=All","Ports=","Protocol=Any","Source_IP=Any","Location=","Permission=Deny","Time=1714377600","date=2024-04-29 10:00:00"
Deny amount=78,"Interface=All","Ports=","Protocol=Any","Source_IP=Any","Location=","Permission=Deny","Time=1714374000","date=2024-04-29 09:00:00"
Deny amount=12,"Interface=All","Ports=","Protocol=Any","Source_IP=Any","Location=","Permission=Deny","Time=1714374000","date=2024-04-29 09:00:00"
Deny amount=10,"Interface=All","Ports=","Protocol=Any","Source_IP=Any","Location=","Permission=Deny","Time=1714370400","date=2024-04-29 08:00:00"
|
|
29.04.2024, 10:55
| #11 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eingehende Verbindung mit svchost.exe (Malewarebytes )Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.04.2024, 10:58
| #12 | |
| | Eingehende Verbindung mit svchost.exe (Malewarebytes )Zitat:
 unter Einstellungen/Remotedesktop auf aus gestellt. |
|
29.04.2024, 11:02
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eingehende Verbindung mit svchost.exe (Malewarebytes ) Du hast ernsthaft den RDP-Port 3389 frei aus dem Internet offen und wunderst dich dann, dass welche versuchen, sich zu verbinden?!  Das passiert auch nicht mal eben so aus versehen, weil man schon im Router eine Portweiterleitung einrichten muss!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.04.2024, 11:24
| #14 | |
| | Eingehende Verbindung mit svchost.exe (Malewarebytes )Zitat:
Edit: Keine Portfreigaben mehr....alles entfernt und die selbstständigen Portfreigaben für die jeweiligen Geräte deaktiviert. |
|
29.04.2024, 11:29
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eingehende Verbindung mit svchost.exe (Malewarebytes )Zitat:
Jedenfalls hattest du das Tor selbst aufgerissen, nix Malware. Wenn man so einen allgemein bekannten und oft angegriffenen Port 3389 für RDP für das gesamte Internet freigibt, muss man sich nun wirklich nicht wundern, dass da auch irgendwelche Bots versuchen da einzudringen. Ich verschiebe nach Diskussion. 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Eingehende Verbindung mit svchost.exe (Malewarebytes ) |
| .exe, build, c:\windows, eingehende verbindung, folge, folgende, hallo zusammen, helfen, hoffe, html, immer wieder, malewarebytes, meldung, nicht, nichts, scan, scanne, scannen, svchost.exe, system32, verbindung, windows, windows 11, zusammen |
Linear-Darstellung
