Nachtrag:
FFMpeg.exe; ffplay.exe; ffprobe.exe und xul.dll habe ich auf Virustotal überprüft. Die sind negativ.
FRST
Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
durchgeführt von Labor (Administrator) auf DESKTOP-60CSLTH (Hewlett-Packard HP PRODESK 600 G1 TWR) (26-10-2024 14:23:49)
Gestartet von C:\Users\Labor\Desktop\FRST64.exe
Geladene Profile: Labor
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (HT-ITALIA) [Datei ist nicht signiert] C:\Program Files (x86)\Topview\TVLUpd.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileCoAuth.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Atheros) [Datei ist nicht signiert] C:\Windows\SysWOW64\acs.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_dcf94619172aceb0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\Labor\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Labor\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9240512 2017-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1492928 2017-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\Labor\AppData\Local\Microsoft\Teams\Update.exe [2588640 2023-11-08] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (Keine Datei)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-06] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [ACU] => C:\Program Files (x86)\Atheros\ACU.exe [471129 2010-10-01] (Atheros Communications, Inc.) [Datei ist nicht signiert]
HKU\S-1-5-21-2247059201-3811442416-3033440232-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2247059201-3811442416-3033440232-1001\...\Run: [Microsoft Edge Update] => C:\Users\Labor\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateCore.exe [268384 2024-10-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2247059201-3811442416-3033440232-1001\...\Run: [MicrosoftEdgeAutoLaunch_439F8F7D436AB5B8647B984E7D5311D8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854272 2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2247059201-3811442416-3033440232-1001\...\Run: [TVLU] => C:\Program Files (x86)\Topview\TVLUpd.exe [14336 2013-03-01] (HT-ITALIA) [Datei ist nicht signiert]
HKU\S-1-5-21-2247059201-3811442416-3033440232-1001\...\Run: [OpenOffice Updater] => C:\Users\Labor\AppData\Roaming\OpenOffice Updater\Updater.exe [367480 2021-07-28] (Arne Koenig -> ) <==== ACHTUNG
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.218\Installer\chrmstp.exe [2024-01-17] (Google LLC -> Google LLC)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {D0633983-9955-4620-8360-BA7A1F017A56} - System32\Tasks\GoogleUpdateTaskMachineCore{B3341437-5593-4B0B-B1B7-A55D00784F28} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-01] (Google LLC -> Google LLC)
Task: {07AC7BD6-4FFB-4511-8551-AECCCA908C21} - System32\Tasks\GoogleUpdateTaskMachineUA{6C6688D0-C3A5-499A-9D7B-2F70ECC011EB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-01] (Google LLC -> Google LLC)
Task: {52237E4D-D4FD-4CB4-B0F6-E063D14D610B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {AAB2F51A-7CFD-4C5E-8F71-CB90E5759D70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\\/f
Task: {16DE551D-99B2-4B49-B0C7-25B4E8FE34F7} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {69CEFC2B-BA56-43AE-A16B-CE7DE15435F1} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5137472 2023-10-16] (Intel Corporation -> Intel Corporation)
Task: {3D5DE99D-FDB2-4152-9393-143C8CB64CC3} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5137472 2023-10-16] (Intel Corporation -> Intel Corporation)
Task: {C68A0327-C89E-4D08-818F-AB62230A4C1D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {FB6438F1-4B20-4CC3-A104-CB5C4440D16A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {58C3256C-2E3A-4303-9147-997EA6B85153} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3D57D624-99EB-406C-AA6D-C34F8251A10B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5A0B972C-2D8B-4897-BB8A-0250479391DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E794D5EE-76CF-4075-9FDF-001151B28724} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C880F65-5897-4319-B496-410A2F223F0F} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2247059201-3811442416-3033440232-1001Core{F6AAAEBB-86F1-4BE2-B1D5-23C5C808B4DB} => C:\Users\Labor\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2BB2FAD-3077-4621-B074-51268873F90F} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2247059201-3811442416-3033440232-1001UA{2775BE8D-B8E1-4244-9F73-6908BB919914} => C:\Users\Labor\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6B8CDEF-FD4A-492B-8BA1-CDECCBAE7C1A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2024-01-09] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {F77C23BD-2442-4B65-8C58-51F40810E669} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2024-01-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {24F67535-6FF4-408C-97E2-AAF2641342AF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-08-14] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {54BB5420-0F29-4E37-A19D-CD9A1DF6D2FF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-08-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2542D35D-5F10-4A62-8ABB-F2E2AB4D765F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-08-14] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {A8EBEC5A-21B2-4FA4-8C15-C0E3D1F85F68} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-08-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9DD07D3D-475E-48DE-9417-5234C66F79AA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-08-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE181F73-A0FD-42C3-A15B-00BEA729E3A0} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-08-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16C84367-4828-4337-B36B-111CAC6CA743} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-08-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {13294BF9-4D5F-4E1E-A3D6-DC3155A1E81A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-08-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DEE80E94-161E-4BD1-AA2C-0B7E720EC062} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-08-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D3E0A076-7759-4EEE-B9A5-7DB84AE6C7FB} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7461C7F-9602-47E8-8BDB-E6659D508414} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2247059201-3811442416-3033440232-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {2EF40F66-0087-47CB-8616-6A3DB3F7B23E} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\System32\Wscript.exe [170496 2023-10-16] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\//B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.188.1
Tcpip\..\Interfaces\{16d5dd5e-12f4-4448-a8d7-94a0c02a1eea}: [DhcpNameServer] 192.168.188.1
Tcpip\..\Interfaces\{16d5dd5e-12f4-4448-a8d7-94a0c02a1eea}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{30b4dd9e-2b79-4573-815c-472505a352de}: [NameServer] 127.0.0.1
Tcpip\..\Interfaces\{30b4dd9e-2b79-4573-815c-472505a352de}: [DhcpNameServer] 192.168.188.1
Tcpip\..\Interfaces\{30b4dd9e-2b79-4573-815c-472505a352de}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{de595208-b700-40f5-a0a6-5665a30a55fa}: [DhcpNameServer] 192.168.188.1
Tcpip\..\Interfaces\{de595208-b700-40f5-a0a6-5665a30a55fa}: [DhcpDomain] fritz.box
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Labor\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-23]
Edge Extension: (Google Docs Offline) - C:\Users\Labor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-07]
Edge Extension: (Edge relevant text changes) - C:\Users\Labor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-13]
FireFox:
========
FF DefaultProfile: 8qmuuwvp.default
FF ProfilePath: C:\Users\Labor\AppData\Roaming\Mozilla\Firefox\Profiles\8qmuuwvp.default [2023-10-01]
FF ProfilePath: C:\Users\Labor\AppData\Roaming\Mozilla\Firefox\Profiles\m7009yhw.default-release [2024-10-23]
FF Extension: (Video DownloadHelper) - C:\Users\Labor\AppData\Roaming\Mozilla\Firefox\Profiles\m7009yhw.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-01-13]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.19 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Labor\AppData\Local\Google\Chrome\User Data\Default [2024-10-23]
CHR Extension: (Google Docs Offline) - C:\Users\Labor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Labor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-01]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ACS; C:\Windows\SysWOW64\acs.exe [499797 2010-10-01] (Atheros) [Datei ist nicht signiert]
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\121.0.6167.13\remoting_host.exe [74528 2023-12-11] (Google LLC -> Google LLC)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [43784 2023-09-25] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [240392 2023-09-25] (Intel Corporation -> Intel)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe [3514384 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [403576 2021-04-01] (HP Inc. -> HP Inc.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9319296 2024-10-22] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-10-22] (Malwarebytes Inc. -> Malwarebytes)
R2 NativePushService; C:\Users\Labor\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [594320 2023-02-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_dcf94619172aceb0\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe [3851280 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-15] (Realtek Semiconductor Corp -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [41520 2024-01-13] (Microsoft Corporation -> Microsoft)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Miray.HDClone-657B6382; C:\Program Files\HDClone X.4 Free Edition\HDClone.Service.exe [X]
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AsrDrv107; C:\Windows\SysWOW64\Drivers\AsrDrv107.sys [51032 2023-12-27] (ASROCK INC. -> ASRock Incorporation)
S3 athur; C:\Windows\System32\drivers\athurx.sys [1847296 2020-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 hhdserhelp; C:\Windows\System32\drivers\hhdserhelp64.sys [37440 2023-06-19] (HHD SOFTWARE LIMITED -> HHD Software Ltd.)
R3 hhdserial64; C:\Windows\system32\DRIVERS\hhdserial64.sys [57960 2023-06-19] (HHD SOFTWARE LIMITED -> HHD Software Ltd.)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [72168 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47928 2017-11-02] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [231504 2024-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-10-22] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 NDMSHLP; C:\Program Files (x86)\Common Files\HHD Software\Device Monitor\ndmshlp.sys [7632 2005-05-25] (HHD Software) [Datei ist nicht signiert]
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PORTMON; C:\Users\Labor\Desktop\SysinternalsSuite\PORTMSYS.SYS [28656 2024-10-24] (Systems Internals) [Datei ist nicht signiert]
S3 Ser2pl; C:\Windows\system32\DRIVERS\ser2pl64.sys [92160 2008-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-12-08] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WSIMD; C:\Windows\system32\DRIVERS\wsimdx.sys [75776 2009-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 GPU-Z-v2; \??\C:\Users\Labor\AppData\Local\Temp\GPU-Z-v2.sys [X] <==== ACHTUNG
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-10-26 14:23 - 2024-10-26 14:25 - 000026573 _____ C:\Users\Labor\Desktop\FRST.txt
2024-10-26 14:22 - 2024-10-26 14:24 - 000000000 ____D C:\FRST
2024-10-26 14:22 - 2024-10-26 14:20 - 002397696 _____ (Farbar) C:\Users\Labor\Desktop\FRST64.exe
2024-10-24 05:44 - 2024-10-24 05:49 - 000000000 ____D C:\Users\Labor\AppData\Local\Sysinternals
2024-10-24 05:14 - 2024-10-24 05:44 - 000000000 ____D C:\Users\Labor\Desktop\SysinternalsSuite
2024-10-23 03:41 - 2024-10-23 03:41 - 000005334 _____ C:\Users\Labor\Desktop\Malwarebytes Scan-Bericht 2024-10-22 034742.txt
2024-10-22 05:47 - 2024-10-26 13:42 - 000000000 ____D C:\Users\Labor\AppData\Local\Malwarebytes
2024-10-22 05:46 - 2024-10-22 05:46 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-10-22 05:46 - 2024-10-22 05:46 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-10-22 05:45 - 2024-10-22 05:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-10-22 05:45 - 2024-10-22 05:45 - 000000000 ____D C:\Program Files\Malwarebytes
2024-10-21 05:23 - 2024-10-21 05:23 - 000002200 _____ C:\Users\Labor\AppData\Local\recently-used.xbel
2024-10-12 06:05 - 2024-10-12 06:05 - 002638536 _____ C:\Users\Labor\Downloads\Kate Stone BJ.webm
2024-09-26 21:33 - 2024-09-26 21:33 - 000000000 ____D C:\Windows\LastGood.Tmp
2024-09-26 21:27 - 2024-09-06 05:43 - 000121872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2024-09-26 21:27 - 2024-03-26 21:11 - 000059928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2024-09-26 21:27 - 2024-03-26 19:21 - 000060240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2024-09-26 21:23 - 2024-09-06 14:59 - 025312776 _____ C:\Windows\system32\nvidia-pcc.exe
2024-09-26 21:23 - 2024-09-06 14:59 - 002040680 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-09-26 21:23 - 2024-09-06 14:59 - 002040680 _____ C:\Windows\system32\vulkaninfo.exe
2024-09-26 21:23 - 2024-09-06 14:59 - 001584008 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-09-26 21:23 - 2024-09-06 14:59 - 001584008 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-09-26 21:23 - 2024-09-06 14:59 - 001446760 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-09-26 21:23 - 2024-09-06 14:59 - 001446760 _____ C:\Windows\system32\vulkan-1.dll
2024-09-26 21:23 - 2024-09-06 14:59 - 001296744 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-09-26 21:23 - 2024-09-06 14:59 - 001296744 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-09-26 21:23 - 2024-09-06 14:59 - 000477840 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-09-26 21:23 - 2024-09-06 14:59 - 000374280 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-09-26 21:23 - 2024-09-06 14:56 - 001079432 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-09-26 21:23 - 2024-09-06 14:56 - 000669816 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-09-26 21:23 - 2024-09-06 14:56 - 000505992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-09-26 21:23 - 2024-09-06 14:55 - 071847568 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2024-09-26 21:23 - 2024-09-06 14:55 - 002178728 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-09-26 21:23 - 2024-09-06 14:55 - 001629304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-09-26 21:23 - 2024-09-06 14:55 - 001546896 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-09-26 21:23 - 2024-09-06 14:55 - 001202800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-09-26 21:23 - 2024-09-06 14:55 - 001034888 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-09-26 21:23 - 2024-09-06 14:55 - 000856696 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-09-26 21:23 - 2024-09-06 14:55 - 000797216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-09-26 21:23 - 2024-09-06 14:54 - 016199824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-09-26 21:23 - 2024-09-06 14:54 - 014270496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-09-26 21:23 - 2024-09-06 14:54 - 006914056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-09-26 21:23 - 2024-09-06 14:54 - 005349512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-09-26 21:23 - 2024-09-06 14:54 - 003788960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-09-26 21:23 - 2024-09-06 14:54 - 000461456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-09-26 21:23 - 2024-09-06 14:53 - 005910136 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-09-26 21:23 - 2024-09-06 14:53 - 000853536 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-09-26 21:23 - 2024-09-06 14:52 - 007133648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-09-26 21:23 - 2024-09-06 14:52 - 006212848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-09-26 21:22 - 2024-09-26 21:22 - 000001048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk
2024-09-26 21:22 - 2024-09-26 21:22 - 000001036 _____ C:\Users\Public\Desktop\TechPowerUp GPU-Z.lnk
2024-09-26 21:22 - 2024-09-26 21:22 - 000000000 ____D C:\Program Files (x86)\GPU-Z
2024-09-26 21:22 - 2024-09-06 05:43 - 000127247 _____ C:\Windows\system32\nvinfo.pb
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-10-26 14:23 - 2023-09-30 05:28 - 000000000 ____D C:\Program Files (x86)\Google
2024-10-26 14:23 - 2023-05-05 14:28 - 000000000 ____D C:\Windows\SystemTemp
2024-10-26 14:22 - 2023-11-25 12:35 - 000000000 ____D C:\ProgramData\NVIDIA
2024-10-26 14:21 - 2023-09-30 05:29 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-10-26 13:48 - 2023-09-30 05:10 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-10-26 13:46 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-26 08:42 - 2023-09-30 05:23 - 000000000 ____D C:\Users\Labor\AppData\Roaming\Notepad++
2024-10-26 08:32 - 2023-09-30 05:29 - 000000000 __SHD C:\Users\Labor\IntelGraphicsProfiles
2024-10-24 22:31 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-10-24 21:32 - 2023-09-30 05:10 - 000008192 ___SH C:\DumpStack.log.tmp
2024-10-24 21:32 - 2023-09-30 05:10 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-10-24 19:27 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-10-24 06:16 - 2023-12-30 07:38 - 000001424 _____ C:\Windows\system32\default_error_stack-000000-000000.txt
2024-10-24 05:52 - 2023-10-21 05:28 - 000000000 ____D C:\Users\Labor\AppData\Roaming\vlc
2024-10-23 04:33 - 2023-10-01 07:34 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-23 04:28 - 2023-12-12 21:52 - 000000000 ____D C:\Users\Labor\AppData\Local\JDownloader 2.0
2024-10-22 05:53 - 2023-11-25 12:59 - 000000000 ____D C:\Windows\Minidump
2024-10-22 05:46 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-10-22 05:34 - 2023-10-02 21:18 - 000000000 ____D C:\Users\Labor\AppData\Roaming\Loxone
2024-10-21 05:35 - 2024-02-02 22:34 - 000000000 ____D C:\Users\Labor\AppData\Local\babl-0.1
2024-10-21 05:35 - 2023-12-09 06:14 - 000007622 _____ C:\Users\Labor\AppData\Local\resmon.resmoncfg
2024-10-21 04:29 - 2024-02-08 20:29 - 000000000 ____D C:\Users\Labor\Desktop\passrecenc
2024-10-19 18:45 - 2023-10-12 05:11 - 000000000 ____D C:\Program Files\RUXIM
2024-10-19 06:20 - 2023-09-30 05:13 - 000000000 ____D C:\Users\Labor
2024-10-19 06:09 - 2023-10-01 07:31 - 000004096 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2247059201-3811442416-3033440232-1001UA{2775BE8D-B8E1-4244-9F73-6908BB919914}
2024-10-19 06:09 - 2023-10-01 07:31 - 000004032 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2247059201-3811442416-3033440232-1001Core{F6AAAEBB-86F1-4BE2-B1D5-23C5C808B4DB}
2024-10-19 06:09 - 2023-09-30 05:10 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-19 06:09 - 2023-09-30 05:10 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-19 06:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-10-14 05:37 - 2024-03-09 06:22 - 000001210 _____ C:\Users\Labor\Desktop\Command Prompt.lnk
2024-10-12 09:44 - 2024-01-13 16:17 - 000000000 ____D C:\Users\Labor\Downloads\facer
2024-10-11 22:26 - 2023-11-10 21:42 - 000000000 ____D C:\Users\Labor\AppData\Local\CrashDumps
2024-10-09 20:12 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-09-29 06:39 - 2023-09-30 05:29 - 000000000 ____D C:\Intel
2024-09-27 06:01 - 2023-11-25 12:35 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-09-27 05:56 - 2023-11-25 12:55 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2024-09-27 05:30 - 2023-10-07 06:46 - 000000000 ____D C:\Users\Labor\AppData\Local\D3DSCache
2024-09-27 05:29 - 2023-11-25 12:37 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-09-27 05:29 - 2023-11-25 12:37 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-09-27 05:27 - 2023-11-25 12:37 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-09-27 05:27 - 2023-11-25 12:37 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-09-27 05:27 - 2023-11-25 12:37 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-09-27 05:27 - 2023-11-25 12:37 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-09-27 05:27 - 2023-11-25 12:37 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-09-27 05:27 - 2023-11-25 12:33 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-09-27 05:26 - 2023-11-25 12:37 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-09-27 05:23 - 2023-11-25 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-09-27 05:22 - 2023-11-25 12:37 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-09-27 05:22 - 2023-11-25 12:37 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-09-27 05:19 - 2023-12-09 06:40 - 000000000 ____D C:\ProgramData\NVIDIA GPU Computing Toolkit
2024-09-27 05:18 - 2023-10-12 05:28 - 000000000 ____D C:\ProgramData\Package Cache
2024-09-26 21:52 - 2023-11-25 12:55 - 000000000 ____D C:\Users\Labor\AppData\Local\NVIDIA
2024-09-26 21:44 - 2023-09-30 05:16 - 001632088 _____ C:\Windows\system32\PerfStringBackup.INI
2024-09-26 21:44 - 2019-12-07 16:51 - 000706062 _____ C:\Windows\system32\perfh007.dat
2024-09-26 21:44 - 2019-12-07 16:51 - 000142356 _____ C:\Windows\system32\perfc007.dat
2024-09-26 21:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-09-26 21:36 - 2023-12-02 07:36 - 000000000 ____D C:\Users\Labor\Documents\Face
2024-09-26 21:34 - 2023-12-14 05:51 - 000000000 ____D C:\Users\Labor\Downloads\temp
2024-09-26 21:33 - 2023-11-25 12:55 - 000000000 ____D C:\Users\Labor\AppData\LocalLow\NVIDIA
2024-09-26 21:33 - 2023-11-25 12:35 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2024-10-21 05:23 - 2024-10-21 05:23 - 000002200 _____ () C:\Users\Labor\AppData\Local\recently-used.xbel
2023-12-09 06:14 - 2024-10-21 05:35 - 000007622 _____ () C:\Users\Labor\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
testsigning: ==> 'testsigning' ist aktiviert. Prüfung auf eventuelle nicht-signierte Treiber durchführen <==== ACHTUNG
==================== Ende von FRST.txt ========================
Addition folgt
26.10.2024, 14:20
PC mit Raspberry Robin infiziert oder nicht?
Baum-Darstellung