Alle Konten gehackt, Trojan.Multi.Penguish.b, Trojan.Win32.Hosts.Gen, Fremder zugriff auf PC? Guten Tag Trojan Board community,
Ich denke oder bin mir ziemlich sicher das ich mir ein Trojaner eingefangen habe. Alles hat vor ca. 2 Monaten angefangen als nach und nach auf so ziemlich alle meine Konten Fremde Geräte zugriff hatten oder es zumindest versuchten, nichtmal 2FA hilf dort. Ich hatte natürlich sofort ein Windows Virenscan gemacht aber der findete nichts, also dachte ich das meine Passwörter eben einmal geklaut wurden und damit hat sichs. Gestern hatte ich herausgefunden das es so nicht sein kann, weil die "Hacker" irgendwie die EA Konto 2FA codes von meiner G-Mail auslesen konnten, obwohl kein unbekanntes Gerät zugriff auf dieses hatte. Daraufhin habe ich das Kaspersky Virus Removal Tool runtergeladen um dann einen vollständigen Scan über Nacht zu starten. Als ich dann morgens früh aufgewacht waren, sind mir erstmal sofort 2 kritische Sicherheitswarnungen von zwei meiner Google Konten aufgrund verdächtiger Aktivität ins Auge gesprungen, und diese verdächtige Aktivität kam laut Google von MEINEM Pc aus (Da dies das einzige Gerät war welches automatisch abgemeldet wurde). Kaspersky hatte durch den Scan in C:\Windows\System32\drivers\etc\hosts, C:\Windows\System32\drivers\etc\hosts.tmp, C:\Windows\System32\drivers\etc\hosts.rollback und C:\Users\marce\AppData\Local\Packages\TheDebianProject.DebianGNULinux_76v4gfsz19hv4\LocalState\rootfs\etc\hosts den Trojaner Trojan.Win32.Hosts.gen gefunden und in C:\Users\marce\AppData\Roaming\Hq_Control\SftTree_IX86_U_60.dll hatte es HEUR:Trojan.Multi.Penguish.b gefunden, mittlerweile sind die Hosts Dateien zurückgesetzt und die dll in Quarantäne. (Und noch eine crdownload Datei, aber nach meinem Wissens sind die eh Datenmüll)Ich habe aber Angst das es noch mehr Dateien gibt die der Antivirus nicht gefunden hat, deswegen richte ich mich jetzt en euch. Ich hätte gerne noch die Kaspersky Report Datei angehängt, aber da sie die enc1 Endung hat und die hier bei der Erlaubten Dateierweiterungen nicht aufgeführt wird, konnte ich es leider nicht. Und ein Screenshot davon kann ich leider auch nicht hochladen, da es mir nur diese Fehlermeldung ganz oft anzeigt "PHP User Warning: is_dir(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (/var/www/vhosts/trojaner-board.de/:/tmp/) in ..../includes/functions_file.php on line 60"
Ich muss mein Hilfersuch in mehrere Beiträge aufteilen da die Log Dateien sehr groß sind.
Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08.2024
durchgeführt von marce (Administrator) auf LAPTOP-ATC5R52J (ASUSTeK COMPUTER INC. TUF Gaming FX705DT_FX705DT) (14-08-2024 09:47:51)
Gestartet von C:\Users\marce\Downloads\FRST64.exe
Geladene Profile: marce
Plattform: Microsoft Windows 10 Home Version 22H2 19045.4651 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AO Kaspersky Lab -> AO Kaspersky Lab) C:\Users\marce\AppData\Local\Temp\{a1f18aa8-4dff-4f49-bd35-8c1a16b3f315}\e4881c05.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exeF
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\AlwaysOnTop\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\ColorPicker\PowerToys.ColorPickerUI.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\PowerOCR\PowerToys.PowerOCR.exe
(Discord Inc. -> Discord Inc.) C:\Users\marce\AppData\Local\DiscordCanary\app-1.0.431\DiscordCanary.exe <6>
(DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\marce\AppData\Local\Microsoft\OneDrive\24.146.0721.0003\Microsoft.SharePoint.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (SIA AVB Disc Soft -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\Aura Wallpaper Service\AuraWallpaperService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe <2>
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> ) C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_6e87d9907e09ff6b\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SIA AVB Disc Soft -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
(services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2429.10.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ) C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.9.4.0_x64__qmba6cd70vzyy\ArmouryCrate.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2407.1001.1.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-07-09] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [GaomonTablet] => C:\Users\marce\AppData\Roaming\GaomonTablet\GaomonTablet.exe [2154696 2021-05-11] (GUANZHOU GAOMON ELECTRONIC TECHNOLOGY CO.,LTD . -> Guangzhou Gaomon Technology Co., Ltd.)
HKLM-x32\...\Run: [Skiller PRO+] => C:\Program Files (x86)\Skiller PRO+\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies) [Datei ist nicht signiert]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\RunOnce: [d7a61eef-1cba-464a-923f-acc7191775b4] => "C:\Users\marce\AppData\Local\Temp\{1d3bbcd6-b811-4c5a-8cfe-5fe369d47c17}\d7a61eef-1cba-464a-923f-acc7191775b4.cmd" (Keine Datei) <==== ACHTUNG
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Discord] => C:\Users\marce\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4407656 2024-07-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36729320 2024-08-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\marce\AppData\Local\Microsoft\Teams\Update.exe [2591296 2024-01-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [PreMiD] => C:\Users\marce\AppData\Roaming\PreMiD\PreMiD.exe [126285312 2021-02-21] (GitHub, Inc.) [Datei ist nicht signiert]
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1832968 2024-08-05] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (Keine Datei) <==== ACHTUNG
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [DiscordCanary] => C:\Users\marce\AppData\Local\DiscordCanary\Update.exe [1525096 2022-07-14] (Discord Inc. -> GitHub)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Opera GX Stable] => C:\Users\marce\AppData\Local\Programs\Opera GX\launcher.exe [2273696 2024-06-18] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\marce\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46247680 2024-08-04] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [71185664 2024-08-04] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3380840 2024-08-13] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\marce\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2023-09-18] (Now.gg, INC -> now.gg, Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [MicrosoftEdgeAutoLaunch_6A7EFD9FB16063B23C21C72578A008BC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3814968 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Lunar Client] => C:\Users\marce\AppData\Local\Programs\lunarclient\Lunar Client.exe [176849464 2024-08-10] (Moonsworth, LLC -> Moonsworth LLC)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13991760 2024-04-25] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [6021896 2024-06-19] (Tonec Inc. -> Tonec Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482400 2024-06-27] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Microsoft.Lists] => C:\Users\marce\AppData\Local\Microsoft\OneDrive\24.146.0721.0003\Microsoft.SharePoint.exe [1025552 2024-08-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [AF_uuid_2139460] => 216ccfc5-56a2-4254-9ac1-ac0f5d0f2beb (Keine Datei)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [AF_counter_2139460] => 1 (Keine Datei)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\127.0.6533.100\Installer\chrmstp.exe [2024-08-08] (Google LLC -> Google LLC)
AppInit_DLLs: C:\PROGRA~1\VIRTUA~1\VIRTUA~4.DLL => C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Injector64.dll [132520 2021-01-09] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
Startup: C:\Users\marce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-11-28]
ShortcutTarget: Twitch.lnk -> C:\Users\marce\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {111E9450-D29A-4936-B036-BBB5D7EBFA6D} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusHotkey.exe [324960 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {AC43ECFE-A103-45D2-96A4-52DA6DF57432} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusUpdateChecker.exe [792296 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {34BBEF4F-D3EB-497B-8BE2-495560998244} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [313192 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {A4120DC2-72F5-4ACA-A917-54A5476A4D44} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1898344 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {CBC06814-F46D-4C73-BA22-68934E6D7BA5} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d66fb738d40797 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-08-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {84D11694-9BBB-42D1-88C9-38C6B4909D1B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-08-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {AFA59341-1E23-4DC4-A27E-196D304A6398} - System32\Tasks\ASUS\Aura Wallpaper Service => C:\Program Files\ASUS\Aura Wallpaper Service\Aura Wallpaper Service.exe [2103408 2023-05-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {301A9B7B-89BA-4686-9C02-B8431BD06142} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2023-07-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {297A174C-824B-42C8-AE45-FF596F7AD52E} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei)
Task: {4ABCDE3B-7E71-4564-A944-F6950F5C97A3} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe [5097936 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B31FA52E-C1E3-4F1E-97D9-B448A8F1C2A5} - System32\Tasks\DSB Notification => C:\Program Files\ASUS\DSB Notification\DSBNotification.exe [782216 2019-01-28] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {2A30ED9B-F45F-4FFF-A27C-BF574326F4ED} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{C6F48DCB-FF55-497E-9162-04B454445745} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC)
Task: {4063069A-7DCA-4D8B-9A2F-92257D26A05B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28584424 2024-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E32B778-03E7-4E2F-8693-661A4C1FB402} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28584424 2024-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {1515B75C-2CB7-43A8-84EB-811A773B7BB6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312288 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DC887E4-27F2-4659-B772-9336A118E2C8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312288 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {57004B5F-3F6D-4C61-A507-76A7B5413A45} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [182240 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {797E53C3-1FC1-45E9-AB78-BE80BBE2B5D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {701AF646-EBF7-4A74-A4DD-B2D407394953} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F7E01F17-D0CB-4FEC-A402-45A9123598CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0D14F71C-E9CE-4C86-A68F-E772803EDA91} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2390B1B9-0CFC-474A-8E8B-E07600BC1B5F} - System32\Tasks\nefarius_HidHide_Updater => C:\Program Files\Nefarius Software Solutions\HidHide\x64\nefarius_HidHide_Updater.exe --background --log-level info (Keine Datei)
Task: {FDE915FB-96FC-4984-8251-464C3591F69B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {62C0AF75-084C-4486-BE18-FEDECCBAFD04} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BE53276-A64C-4716-ABD5-F2B555DD669E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {DE6A011A-13FD-4269-BE91-E60D612A8771} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {058E972B-0F02-4959-AFFB-F7C947EB7789} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {81CB18A6-35DD-41D2-ACB1-9B4DC3C51E4C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A72DCB3-45C1-41B4-B986-77BC77A87535} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {41C816BA-A8E5-410F-922E-E0C7D541B59F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F8CC03F-FB42-4418-8ED9-73ED8D98BE65} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BACF90A-FE8C-40A7-BB44-FB8C15A1A0D4} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1665594722 => C:\Users\marce\AppData\Local\Programs\Opera GX\launcher.exe [2273696 2024-06-18] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\marce\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {317010CE-1626-48E3-8E42-E9437DE905D5} - System32\Tasks\Opera GX scheduled Autoupdate 1664471426 => C:\Users\marce\AppData\Local\Programs\Opera GX\launcher.exe [2273696 2024-06-18] (Opera Norway AS -> Opera Software)
Task: {E60DE1E9-628C-4DF5-8569-39322BCFDB38} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2370056 2024-08-05] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {265D324F-C874-4852-9D4A-EC824D4FA62A} - System32\Tasks\PowerToys\Autorun for marce => C:\Program Files\PowerToys\PowerToys.exe [1087936 2023-01-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A3D1E78-F43F-4F42-9052-2224BC879AA1} - System32\Tasks\RtkAudUService64_BG => C:\Windows\system32\RtkAudUService64.exe [862192 2019-02-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0553770d-67ed-47e7-b31c-e215500dfcb2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0553770d-67ed-47e7-b31c-e215500dfcb2}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\64259445A51224F6870273539303024585: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\64259445A51224F6870273539303024585: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\64259445A51224F6870273539303024585: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\75C414E40225943484142544027574: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\75C414E40225943484142544027574: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\75C414E40225943484142544027574: [DhcpDomain] fritz.box
Edge:
=======
Edge Profile: C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-18]
Edge Extension: (PreMiD) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\agjnjboanicjcpenljmaaigopkgdnihi [2024-07-18]
Edge Extension: (AutoDraw for skribbl.io) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bpnefockcbbpkbahgkkacjmebfheacjb [2023-05-14]
Edge Extension: (FrankerFaceZ) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2021-12-21]
Edge Extension: (Return YouTube Dislike) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2024-04-24]
Edge Extension: (Google Docs Offline) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-01]
Edge Extension: (BetterTTV) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2024-06-24]
Edge Extension: (Netflix Party is now Teleparty) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\igbncjcgfkfnfgbaieiimpfkobabmkce [2024-07-06]
Edge Extension: (Edge relevant text changes) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-03]
Edge Extension: (Video DownloadHelper) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmkaglaafmhbcpleggkmaliipiilhldn [2024-06-24]
Edge Extension: (IDM Integration Module) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2024-07-18]
Edge Extension: (VidSync) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\magpalppgpekmbgkamakkiiafbldipne [2021-12-21]
Edge Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-07-18]
Edge Extension: (Ears: Bass Boost, EQ Any Audio!) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nfdfiepdkbnoanddpianalelglmfooik [2023-05-14]
Edge HKU\S-1-5-21-136319151-2595665921-3748062372-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2024-06-19]
FireFox:
========
FF HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\marce\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\marce\AppData\Roaming\IDM\idmmzcc5 [2024-06-24] [] [ist nicht signiert]
FF HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-19] []
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default [2024-08-14]
CHR DownloadDir: C:\Users\marce\Downloads
CHR Notifications: Default -> hxxps://aternos.org; hxxps://community.citra-emu.org; hxxps://play.geforcenow.com; hxxps://web.telegram.org
CHR Extension: (PreMiD) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\agjnjboanicjcpenljmaaigopkgdnihi [2024-07-26]
CHR Extension: (BetterTTV) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2024-06-18]
CHR Extension: (Videochat Extension - IP Locator for Omegle) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\alchldmijhnnapijdmchpkdeikibjgoi [2024-08-05]
CHR Extension: (AutoDraw for skribbl.io) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpnefockcbbpkbahgkkacjmebfheacjb [2024-07-26]
CHR Extension: (uBlock Origin) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-08-05]
CHR Extension: (FrankerFaceZ) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-11-26]
CHR Extension: (Return YouTube Dislike) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2024-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-24]
CHR Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-08-07]
CHR Extension: (Behind The Overlay) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljipkdpcjbmhkdjjmbbaggebcednbbme [2024-01-06]
CHR Extension: (Video DownloadHelper) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2024-08-09]
CHR Extension: (VidSync) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\magpalppgpekmbgkamakkiiafbldipne [2020-11-26]
CHR Extension: (Ears: Bass Boost, EQ Any Audio!) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfdfiepdkbnoanddpianalelglmfooik [2023-04-26]
CHR Extension: (IDM Integration Module) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-08-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2024-08-04]
CHR Profile: C:\Users\marce\AppData\Local\Google\Chrome\User Data\System Profile [2024-08-13]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-06-19]
CHR HKU\S-1-5-21-136319151-2595665921-3748062372-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-06-19]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-06-19]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-136319151-2595665921-3748062372-1001) Opera GXStable - "C:\Users\marce\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2704864 2024-05-26] (PROXIMA BETA PTE. LIMITED -> ANTICHEATEXPERT.COM)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-06-28] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-08-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\AsusAppService\AsusAppService.exe [1199464 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [502120 2023-11-22] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-08-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe [563152 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe [1377744 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSwitch\AsusSwitch.exe [650704 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe [5097936 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [865744 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 Aura Wallpaper Service; C:\Program Files\ASUS\Aura Wallpaper Service\AuraWallpaperService.exe [735856 2023-05-29] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 BandaiNamcoLauncherService; C:\Program Files (x86)\BandaiNamcoLauncher\Launcher\BridgeService\BandaiNamcoLauncherService.exe [150240 2023-11-08] (BANDAI NAMCO Online Inc. -> BNO)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2568840 2024-07-25] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18663720 2024-06-15] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13995624 2024-07-31] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4937312 2024-06-27] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
R2 DTSAPO3Service; C:\WINDOWS\System32\DTS\PC\APO3x\DTSAPO3Service.exe [223640 2019-09-03] (DTS, Inc. -> )
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [13772392 2024-08-13] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2024-06-11] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [960752 2024-07-14] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [8459408 2021-12-31] (Int3 Software AB -> Int3 Software AB)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348880 2024-04-25] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178064 2024-04-25] (GOG sp. z o.o -> GOG.com)
S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [635968 2023-03-21] (Gameforge 4D GmbH -> )
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlideXService; C:\Program Files\ASUS\GlideX\GlideXService.exe [720568 2022-06-21] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 GlideXServiceExt; C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe [229568 2022-06-21] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-08-07] (HP Inc. -> HP Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11193088 2024-08-04] (Logitech Inc -> Logitech, Inc.)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-07-11] (The Document Foundation -> The Document Foundation)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-29] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_6e87d9907e09ff6b\Display.NvContainer\NVDisplay.Container.exe [1274888 2024-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2370056 2024-08-05] (Overwolf Ltd -> Overwolf LTD)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [146688 2024-08-04] (Facebook Technologies, LLC -> Facebook Technologies, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [418048 2024-08-04] (Facebook Technologies, LLC -> Facebook Technologies, LLC)
S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.2.11\ProtonVPNService.exe [474824 2024-03-27] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.2.11\ProtonVPN.WireGuardService.exe [474312 2024-03-27] (Proton AG -> ProtonVPN)
S2 RefreshRateService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [40672 2021-09-10] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek Computer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [6792176 2024-07-07] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2065880 2024-06-14] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 ucldr_blueprotocol_jp; C:\Program Files\Common Files\Wellbia.com\ucldr_blueprotocol_jp.exe [5552168 2023-06-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 Updater; C:\Program Files\Virtual Desktop Streamer\Updater.exe [1122216 2021-01-09] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9730864 2024-07-09] (Riot Games, Inc. -> Riot Games, Inc.)
R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [1962920 2020-12-01] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
S2 HidHideWatchdog.exe; "C:\Program Files\Nefarius Software Solutions\HidHide\x64\HidHideWatchdog.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1896736 2024-05-27] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [59344 2023-11-22] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSAIO.sys [49208 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusWmiAcpi.sys [49064 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 BadlionAnticheat; C:\Windows\system32\drivers\BadlionAnticheat.sys [1178120 2023-06-01] (Microsoft Windows Hardware Compatibility Publisher -> <Turtle Entertainment>)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2024-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2024-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EQU8_HELPER_19; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [38032 2021-10-02] (Int3 Software AB -> )
U3 f8b263be; C:\WINDOWS\System32\Drivers\f8b263be.sys [377392 2024-08-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2022-05-18] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 HidHide; C:\WINDOWS\System32\drivers\HidHide.sys [59088 2023-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 HoYoProtect; C:\WINDOWS\system32\HoYoKProtect.sys [3686568 2024-07-05] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
R2 IDMWFP; C:\WINDOWS\System32\drivers\idmwfp.sys [173736 2023-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Tonec Inc.)
R0 klupd_f8b263bea_arkmon; C:\WINDOWS\System32\Drivers\klupd_f8b263bea_arkmon.sys [396040 2024-08-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_f8b263bea_klark; C:\WINDOWS\System32\Drivers\klupd_f8b263bea_klark.sys [362464 2024-08-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_f8b263bea_klbg; C:\WINDOWS\System32\Drivers\klupd_f8b263bea_klbg.sys [198720 2024-08-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_f8b263bea_mark; C:\WINDOWS\System32\Drivers\klupd_f8b263bea_mark.sys [265416 2024-08-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-30] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2024-02-09] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
R3 logi_audio_surround; C:\WINDOWS\System32\DriverStore\FileRepository\logi_audio.inf_amd64_ef292d87e6baed60\logi_audio_surround.sys [44200 2024-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-03-06] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-23] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-03-06] (Logitech Inc -> Logitech)
S1 lsibuoug; C:\WINDOWS\system32\drivers\lsibuoug.sys [52512 2024-08-14] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [75280 2022-01-02] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2022-01-02] (Oculus VR, LLC -> Facebook Inc.)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.2.11\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R2 SignalRgbDriver; C:\WINDOWS\System32\Drivers\SignalRgbDriver.sys [19984 2024-01-11] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2022-04-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 vdvad_WaveExtensible; C:\WINDOWS\System32\drivers\vdvad.sys [41072 2020-10-02] (Virtual Desktop, Inc. -> Virtual Desktop)
R3 vdvge; C:\WINDOWS\System32\drivers\vdvge.sys [77864 2020-10-02] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [39676808 2024-07-09] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [249400 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [19600 2021-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [48136 2021-08-12] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-08-08] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602504 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29592 2024-06-24] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [215864 2024-03-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 equ8_helper; \??\C:\WINDOWS\system32\DRIVERS\equ8_helper.sys [X]
S3 NEProtect; \??\D:\SteamLibrary\steamapps\common\Once Human\NEProtect.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-08-14 09:47 - 2024-08-14 09:50 - 000052493 _____ C:\Users\marce\Downloads\FRST.txt
2024-08-14 09:47 - 2024-08-14 09:49 - 000000000 ____D C:\FRST
2024-08-14 09:46 - 2024-08-14 09:46 - 002397184 _____ (Farbar) C:\Users\marce\Downloads\FRST64.exe
2024-08-13 20:40 - 2024-08-13 21:03 - 000000000 ____D C:\KVRT2020_Data
2024-08-13 20:38 - 2024-08-13 20:39 - 111720816 _____ (AO Kaspersky Lab) C:\Users\marce\Downloads\KVRT.exe
2024-08-13 19:49 - 2024-08-13 19:49 - 000000000 _____ C:\Users\marce\OneDrive\Desktop\Neues Textdokument (2).txt
2024-08-10 21:19 - 2024-08-10 21:19 - 001204704 _____ C:\Users\marce\Downloads\InventoryProfilesNext-fabric-1.21-2.0.4.jar
2024-08-10 21:17 - 2024-08-10 21:17 - 000084190 _____ C:\Users\marce\Downloads\justenoughbreeding-fabric-1.21-1.2.4.jar
2024-08-10 21:13 - 2024-08-10 21:13 - 000006188 _____ C:\Users\marce\Downloads\clientcrafting-fabric-1.21-1.8.jar
2024-08-07 22:46 - 2024-08-07 22:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-08-07 15:43 - 2024-08-07 15:43 - 000000000 ____D C:\Users\marce\AppData\Local\UniCompactView
2024-08-07 15:37 - 2024-08-07 15:37 - 000000000 ____D C:\Users\marce\AppData\Roaming\Netease
2024-08-07 15:30 - 2024-08-07 15:30 - 000000000 ____D C:\Users\marce\AppData\Roaming\CC
2024-08-07 15:29 - 2024-08-07 15:29 - 000000000 ____D C:\Users\marce\AppData\Local\UniSDK_FirstOpen
2024-08-07 15:09 - 2024-08-07 15:09 - 000000000 ____D C:\Users\marce\AppData\Local\UniSDK
2024-08-07 00:44 - 2024-08-07 00:44 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-08-07 00:43 - 2024-08-07 00:43 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (Preview).lnk
2024-08-05 17:41 - 2024-08-05 17:41 - 000000223 _____ C:\Users\marce\OneDrive\Desktop\Overwatch® 2.url
2024-08-04 16:05 - 2024-08-04 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-08-04 16:05 - 2024-08-04 16:05 - 000000000 ____D C:\Program Files\LGHUB
2024-07-26 21:55 - 2024-07-26 21:55 - 000000000 ____D C:\WINDOWS\system32\compatrel
2024-07-26 21:42 - 2024-07-26 21:42 - 000000000 ____D C:\Users\marce\AppData\LocalLow\sokpop
2024-07-26 21:37 - 2024-07-26 21:40 - 000000000 ____D C:\Users\marce\Downloads\Compressed
2024-07-26 18:02 - 2024-07-26 18:02 - 000000223 _____ C:\Users\marce\OneDrive\Desktop\Once Human.url
2024-07-25 00:24 - 2024-07-25 00:24 - 000000000 ____D C:\ProgramData\Battle.net_components
2024-07-18 18:16 - 2024-07-18 18:15 - 012188099 _____ C:\Users\marce\OneDrive\Desktop\Portfolio Marcel ***** Latein.pdf
2024-07-18 18:15 - 2024-07-18 18:15 - 012188099 _____ C:\Users\marce\Downloads\Portfolio mit Bilder (1).pdf
2024-07-18 18:13 - 2024-07-18 18:13 - 012181765 _____ C:\Users\marce\Downloads\Portfolio mit Bilder.pdf
2024-07-18 18:08 - 2024-07-18 18:08 - 017681985 _____ C:\Users\marce\OneDrive\Dokumente\Portfolio Marcel *****.odt
2024-07-18 18:08 - 2024-07-18 18:08 - 000393549 _____ C:\Users\marce\OneDrive\Dokumente\Portfolio Marcel ***** PDF.pdf
2024-07-18 16:31 - 2024-07-18 18:04 - 017681967 _____ C:\Users\marce\OneDrive\Dokumente\Unbenannt 1.odt
2024-07-18 16:21 - 2024-07-18 16:21 - 001076952 _____ C:\Users\marce\Downloads\Gescanntes Dokument 2024-07-18 um 16.20.20.pdf
2024-07-18 15:27 - 2024-07-18 15:27 - 000000000 ____D C:\Users\marce\AppData\LocalLow\Temp
2024-07-18 15:26 - 2024-07-18 15:26 - 012005255 _____ C:\Users\marce\Downloads\portfolio bilder.pdf
2024-07-18 15:10 - 2024-07-18 15:10 - 000000000 ____D C:\Users\marce\AppData\Roaming\LibreOffice
2024-07-18 15:10 - 2024-07-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 24.2
2024-07-18 15:09 - 2024-07-18 15:09 - 000000000 ____D C:\Program Files\LibreOffice
2024-07-18 15:07 - 2024-07-18 15:09 - 364859392 _____ C:\Users\marce\Downloads\LibreOffice_24.2.5_Win_x86-64.msi
2024-07-18 15:06 - 2024-07-18 15:06 - 012284295 _____ C:\Users\marce\Downloads\B5 ŁRKUNDUN - DAS WILL ICHkk.docx.pdf
2024-07-16 18:47 - 2024-07-16 18:47 - 000000000 ____D C:\Users\marce\AppData\LocalLow\biggaming
2024-07-16 18:21 - 2024-07-16 18:21 - 000000223 _____ C:\Users\marce\OneDrive\Desktop\Contingency Plan.url
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-08-14 09:52 - 2020-11-26 06:50 - 000000000 ____D C:\Users\marce\AppData\Local\D3DSCache
2024-08-14 09:42 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-14 09:18 - 2022-07-18 18:25 - 000000000 ____D C:\Users\marce\AppData\Roaming\discordcanary
2024-08-14 09:16 - 2022-07-18 18:25 - 000002341 _____ C:\Users\marce\OneDrive\Desktop\Discord Canary.lnk
2024-08-14 09:16 - 2022-07-18 18:25 - 000000000 ____D C:\Users\marce\AppData\Local\DiscordCanary
2024-08-14 09:13 - 2020-12-31 22:00 - 000000000 ____D C:\Users\marce\AppData\Local\ElevatedDiagnostics
2024-08-14 08:50 - 2024-06-27 19:17 - 000000000 ____D C:\Users\marce\AppData\Roaming\Hq_Control
2024-08-14 08:50 - 2021-04-16 00:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-08-14 00:09 - 2021-04-16 00:12 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2024-08-13 21:14 - 2024-03-04 18:09 - 000000000 ____D C:\Users\marce\AppData\Local\LGHUB
2024-08-13 21:14 - 2023-09-09 10:02 - 000000000 ____D C:\Users\marce\AppData\Roaming\G HUB
2024-08-13 21:10 - 2021-04-16 00:49 - 000478006 _____ C:\WINDOWS\system32\perfh011.dat
2024-08-13 21:10 - 2021-04-16 00:49 - 000132884 _____ C:\WINDOWS\system32\perfc011.dat
2024-08-13 21:10 - 2021-04-16 00:12 - 002333496 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-08-13 21:10 - 2019-12-07 16:50 - 000744968 _____ C:\WINDOWS\system32\perfh007.dat
2024-08-13 21:10 - 2019-12-07 16:50 - 000150354 _____ C:\WINDOWS\system32\perfc007.dat
2024-08-13 21:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-08-13 21:05 - 2021-01-12 18:03 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-08-13 21:05 - 2020-08-11 10:10 - 000000000 ____D C:\Program Files\ASUS
2024-08-13 21:03 - 2023-09-22 18:52 - 000000000 ____D C:\Users\marce\AppData\Roaming\asus_framework
2024-08-13 21:03 - 2023-01-19 23:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2024-08-13 21:03 - 2021-01-15 14:55 - 000000000 ____D C:\Users\marce\AppData\Local\Oculus
2024-08-13 21:03 - 2020-11-26 06:50 - 000000000 ____D C:\Users\marce\AppData\Local\CrashDumps
2024-08-13 21:03 - 2020-08-11 10:06 - 000000000 ____D C:\ProgramData\NVIDIA
2024-08-13 21:02 - 2021-04-16 00:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-08-13 21:02 - 2021-04-16 00:04 - 000008192 ___SH C:\DumpStack.log.tmp
2024-08-13 21:02 - 2020-11-26 07:06 - 000000000 ____D C:\Program Files (x86)\Steam
2024-08-13 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-08-13 21:02 - 2019-12-07 11:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2024-08-13 20:24 - 2020-11-26 06:51 - 000000000 ____D C:\Users\marce\AppData\Local\NVIDIA Corporation
2024-08-13 19:13 - 2021-11-28 14:31 - 000000000 ____D C:\ProgramData\EA Desktop
2024-08-13 16:43 - 2020-11-29 21:11 - 000000000 ____D C:\Users\marce\AppData\Roaming\.minecraft
2024-08-13 16:39 - 2021-04-29 22:06 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-08-13 16:35 - 2023-02-04 13:55 - 000002325 _____ C:\Users\marce\OneDrive\Desktop\FTB App.lnk
2024-08-13 16:35 - 2022-07-15 18:57 - 000002325 _____ C:\Users\marce\OneDrive\Desktop\CurseForge.lnk
2024-08-13 16:35 - 2022-05-12 19:38 - 000002325 _____ C:\Users\marce\OneDrive\Desktop\Valorant Tracker.lnk
2024-08-13 16:35 - 2022-04-26 16:51 - 000002325 _____ C:\Users\marce\OneDrive\Desktop\ValoPlant.lnk
2024-08-13 16:34 - 2021-04-29 22:05 - 000000000 ____D C:\Users\marce\AppData\Local\Overwolf
2024-08-13 16:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-08-12 21:44 - 2021-10-16 12:04 - 000000000 ____D C:\Users\marce\AppData\Roaming\lunarclient
2024-08-10 20:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-08-10 18:28 - 2024-06-01 19:43 - 000001399 _____ C:\Users\marce\OneDrive\Desktop\Roblox Player.lnk
2024-08-10 18:28 - 2022-12-26 15:46 - 000001227 _____ C:\Users\marce\OneDrive\Desktop\Roblox Studio.lnk
2024-08-10 18:28 - 2022-12-26 15:46 - 000000000 ____D C:\Users\marce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-08-10 17:13 - 2021-12-13 18:57 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-136319151-2595665921-3748062372-1001
2024-08-10 17:13 - 2021-04-16 00:12 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-136319151-2595665921-3748062372-1001
2024-08-10 17:13 - 2021-04-16 00:05 - 000002397 _____ C:\Users\marce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-08-10 17:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-08-10 17:07 - 2020-12-03 06:05 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-08-08 21:16 - 2019-10-23 21:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-08-08 21:14 - 2021-12-18 02:35 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-08-08 21:14 - 2020-11-26 06:59 - 000002241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-08-08 00:15 - 2021-04-16 00:05 - 000000000 ____D C:\Users\marce
2024-08-07 22:46 - 2024-06-14 21:50 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-08-07 00:43 - 2019-10-23 21:38 - 000000000 ____D C:\Program Files\Microsoft Office
2024-08-06 20:24 - 2024-03-12 17:40 - 000000000 ____D C:\Users\marce\AppData\Roaming\lghub
2024-08-06 13:23 - 2023-11-26 15:50 - 000000000 ____D C:\Users\marce\AppData\Roaming\launcher
2024-08-05 21:32 - 2021-03-26 21:09 - 000000000 ____D C:\Users\marce\AppData\Local\Blizzard Entertainment
2024-08-05 21:28 - 2022-09-17 17:15 - 000000000 ____D C:\Program Files\Riot Vanguard
2024-08-05 20:29 - 2020-12-24 11:55 - 000000000 ____D C:\Users\marce\AppData\Roaming\PreMiD
2024-08-05 18:46 - 2024-06-26 11:50 - 000001350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HidHide Configuration Client.lnk
2024-08-05 18:46 - 2023-05-19 23:40 - 000001988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Feather Launcher.lnk
2024-08-05 18:46 - 2023-02-02 17:06 - 000002633 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aura Wallpaper Creator.lnk
2024-08-05 18:46 - 2022-02-13 23:25 - 000000000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Oculus.lnk
2024-08-05 18:46 - 2022-02-02 00:45 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2024-08-05 18:46 - 2020-12-31 05:46 - 000014343 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2024-08-05 18:46 - 2020-12-28 05:46 - 000019783 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2024-08-05 18:46 - 2020-12-10 15:01 - 000020408 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2024-08-05 18:46 - 2020-12-08 17:01 - 000020953 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2024-08-05 18:46 - 2020-11-29 21:13 - 000001944 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk
2024-08-05 18:46 - 2019-10-23 21:41 - 000002539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-08-05 18:46 - 2019-10-23 21:41 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-08-05 18:45 - 2021-01-12 17:43 - 000000000 ____D C:\ProgramData\Riot Games
2024-08-05 18:12 - 2023-04-24 17:16 - 000000037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Gameforge Client.url
2024-08-05 18:12 - 2021-01-01 05:00 - 000010535 _____ C:\ProgramData\DisplaySessionContainer16.log_backup1
2024-08-05 18:12 - 2020-12-30 05:26 - 000012916 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2024-08-05 18:12 - 2020-12-29 04:44 - 000009147 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2024-08-04 17:03 - 2024-03-19 19:20 - 000000000 ____D C:\Users\marce\AppData\Roaming\riot-client-ux
2024-08-04 16:07 - 2022-01-02 01:39 - 000000000 ____D C:\Program Files\Oculus
2024-08-04 15:49 - 2024-02-16 19:18 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-08-04 15:49 - 2022-10-22 16:17 - 000108024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-08-04 15:49 - 2022-10-22 16:17 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-08-04 15:49 - 2021-11-19 17:15 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-08-04 15:49 - 2020-11-28 10:16 - 002799096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-08-04 15:49 - 2020-11-28 10:16 - 000755304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-08-04 15:49 - 2020-11-28 10:16 - 000222712 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-08-04 15:49 - 2020-11-28 10:16 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-08-04 15:45 - 2021-04-16 00:12 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-08-04 15:45 - 2021-04-16 00:12 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-07-26 21:56 - 2021-04-16 00:04 - 000640376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-07-26 21:55 - 2023-12-23 20:30 - 000000000 ____D C:\WINDOWS\InboxApps
2024-07-26 21:55 - 2021-04-20 15:33 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-07-26 21:54 - 2024-06-24 19:51 - 000000000 ____D C:\Users\marce\AppData\Roaming\DMCache
2024-07-26 17:39 - 2024-07-13 19:50 - 000000000 ____D C:\Users\marce\AppData\Roaming\rsilauncher
2024-07-25 00:25 - 2021-03-26 21:11 - 000000000 ____D C:\Users\marce\AppData\Local\Battle.net
2024-07-25 00:25 - 2021-03-26 21:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2024-07-18 15:46 - 2021-04-16 00:12 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2024-07-18 15:46 - 2021-04-16 00:12 - 000003756 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2024-07-18 15:27 - 2020-11-26 06:50 - 000000000 ____D C:\Users\marce\AppData\Local\Packages
2024-07-18 15:25 - 2020-12-08 16:50 - 000000000 ____D C:\Users\marce\AppData\Roaming\Microsoft\Teams
2024-07-18 15:21 - 2020-12-20 23:19 - 000000000 ____D C:\Users\marce\AppData\Roaming\Microsoft\Word
2024-07-18 15:15 - 2021-01-15 13:14 - 000000000 ____D C:\Users\marce\AppData\Roaming\Microsoft\Excel
2024-07-16 18:43 - 2021-01-15 16:08 - 000000000 ____D C:\ProgramData\Virtual Desktop
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-01-27 09:20 - 2021-01-27 09:20 - 000000124 _____ () C:\Users\marce\AppData\Roaming\debug.log
2024-01-11 11:26 - 2024-01-11 11:26 - 000000016 _____ () C:\Users\marce\AppData\Roaming\obs-virtualcam.txt
2022-08-30 18:37 - 2022-08-30 18:37 - 000001004 _____ () C:\Users\marce\AppData\Roaming\tof_launcher.reg
2021-06-12 14:23 - 2021-06-12 14:23 - 000000353 _____ () C:\Users\marce\AppData\Local\karboncalligraphyrc
2021-06-02 19:24 - 2021-06-12 14:17 - 000002711 _____ () C:\Users\marce\AppData\Local\krita-sysinfo.log
2021-06-02 19:24 - 2021-06-12 14:25 - 000002375 _____ () C:\Users\marce\AppData\Local\krita.log
2021-06-12 14:25 - 2021-06-12 14:25 - 000000039 _____ () C:\Users\marce\AppData\Local\kritadisplayrc
2021-06-02 19:24 - 2021-06-12 14:25 - 000016636 _____ () C:\Users\marce\AppData\Local\kritarc
2022-07-20 12:23 - 2022-07-20 16:22 - 000000128 _____ () C:\Users\marce\AppData\Local\PUTTY.RND
2023-07-03 01:33 - 2023-07-03 01:33 - 000004981 _____ () C:\Users\marce\AppData\Local\recently-used.xbel
2021-05-12 15:11 - 2024-06-25 16:24 - 000007629 _____ () C:\Users\marce\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
14.08.2024, 10:27
Baum-Darstellung