| |
| |||||||
Log-Analyse und Auswertung: Gefälschtes Windows Pop-up mit angeblicher Virus Warnung.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
27.03.2025, 17:11
| #1 |
 |  Gefälschtes Windows Pop-up mit angeblicher Virus Warnung. Hallo liebe community, Kürzlich für eine Person aus meinem Haushalt mit seinem Benutzerkonto an meinem PC. Das Konto hat keine Adminrechte. Sie hat in Microsoft Edge eine unbekannte Webseite (Bing Bildersuche) aufgerufen, die nach einem Zugriff gefragt hat. Den Zugriff hat sie angenommen. Daraufhin sind unten rechts in Windows hintereinander, zwei Pop-ups auf geblockt. Die Pop-ups haben sich als Antivirus Software getarnt Und angeblich ein Virus gefunden. In dem Moment war ich zum Glück dabei Und der Pop-Up wurde nicht angeklickt. Direkt im Anschluss habe ich die Internetverbindung an den PC unterbrochen, die Browserdaten gelöscht, Microsoft Defender und im Anschluss noch Malewarebytes laufen lassen. Beide Programme haben keine Bedrohung gefunden. Nach einem Neustart trat auch kein Pop-up mehr auf. Eine Veränderung ist mir jetzt erst einmal nicht aufgefallen. Meine Frage ist, ob es sich damit erledigt hat oder ob ich noch andere Maßnahmen greifen sollte? Wenn es hilft, könnte ich noch mal versuchen, diese Webseite herauszufinden im Verlauf (den Verlauf habe ich nicht gelöscht). Vielen herzlichen Dank schon mal im Voraus, eine weitere Spende folgt nach Abschluss. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-03-2025
durchgeführt von Admin (Administrator) auf Users-COMPUTE (CSL-Computer GmbH & Co. KG Ultimate) (27-03-2025 17:04:04)
Gestartet von C:\Users\Admin\Downloads\FRST64.exe
Geladene Profile: User2 & Admin
Plattform: Microsoft Windows 11 Pro Version 24H2 26100.3476 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.259.514.0_x64__zpdnekdrzrea0\Spotify.exe <8>
(Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe <2>
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe ->) (Native Instruments GmbH -> ) C:\Program Files\Common Files\Native Instruments\NTK\crashpad_handler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe <2>
(C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe <2>
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries A/S) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe <2>
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\sonar\SteelSeriesSonar.exe
(C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.85\msedgewebview2.exe <12>
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Meta Platforms, Inc. -> Facebook Technologies, LLC) D:\Oculus\Support\oculus-runtime\OVRRedir.exe
(D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Meta Platforms, Inc. -> Facebook Technologies, LLC) D:\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(DriverStore\FileRepository\u0409974.inf_amd64_db5d684bd08db28d\B409690\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0409974.inf_amd64_db5d684bd08db28d\B409690\atieclxx.exe <2>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <46>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(explorer.exe ->) (SteelSeries ApS -> SteelSeries A/S) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe <2>
(explorer.exe ->) (VOICEMOD, INC. SUCURSAL EN ESPAÑA -> Voicemod) D:\Programme\Voicemod Desktop\VoicemodDesktop.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0409974.inf_amd64_db5d684bd08db28d\B409690\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.03.02\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Meta Platforms, Inc. -> Facebook Technologies, LLC) D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe
(services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\ActiveBackupforBusinessAgent\service\Synology Active Backup for Business Service.exe
(services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe
(services.exe ->) (Virtual Desktop, Inc -> Virtual Desktop, Inc.) C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25021.28.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <13>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\consent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.26100.3321_none_a52dfe0d774762b3\TiWorker.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [16864080 2025-03-24] (SteelSeries ApS -> SteelSeries A/S)
HKLM\...\Run: [FWS_FlawlessWidescreen] => C:\Program Files (x86)\Flawless Widescreen\FlawlessWidescreen.exe [2607104 2014-05-30] (Flawless Widescreen) [Datei ist nicht signiert]
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [613048 2023-03-22] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9238408 2025-03-18] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-742015436-2650572314-4209869716-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5010744 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-742015436-2650572314-4209869716-1002\...\Run: [MicrosoftEdgeAutoLaunch_D2D5D3B89CD0B658E56F5D111A67AC3D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291136 2025-03-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5010744 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [Discord] => C:\Users\User1\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37448168 2024-04-10] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [MicrosoftEdgeAutoLaunch_78483AFC51CC79D0D8B0490D05207333] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291136 2025-03-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [155032 2024-05-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14319440 2024-08-26] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-742015436-2650572314-4209869716-1005\...\Run: [Synology Image Assistant] => C:\Program Files\Synology\Synology Image Assistant\Synology Image Assistant.exe [176705744 2024-12-06] (Synology Inc. -> Synology Inc.)
HKU\S-1-5-21-742015436-2650572314-4209869716-1011\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5010744 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-742015436-2650572314-4209869716-1011\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4693088 2025-03-11] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-742015436-2650572314-4209869716-1011\...\Run: [Voicemod] => D:\Programme\Voicemod Desktop\VoicemodDesktop.exe [5760912 2024-01-30] (VOICEMOD, INC. SUCURSAL EN ESPAÑA -> Voicemod)
HKU\S-1-5-21-742015436-2650572314-4209869716-1011\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [155032 2024-05-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-742015436-2650572314-4209869716-1011\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14319440 2024-08-26] (GOG sp. z o.o -> GOG.com)
HKLM\...\Windows x64\Print Processors\sht13cPC: C:\Windows\System32\spool\prtprocs\x64\sht13cpc.dll [101080 2022-01-24] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
AppInit_DLLs: C:\PROGRA~1\VIRTUA~1\VIRTUA~4.DLL => C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Injector64.dll [136056 2024-11-24] (Virtual Desktop, Inc -> Virtual Desktop, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {513AE322-6D0A-4672-936C-247719161EE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {3A1CFF52-860C-493B-962A-FE2D9D6D8540} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1031384 2024-06-20] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {047EDB2C-32B0-484D-A800-4A1D47022060} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1031384 2024-06-20] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {EDFD7886-728D-4E42-A765-459CE842633E} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [184024 2024-06-20] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {8B84C495-9F03-428E-A38A-3C89654BA32B} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [309608 2022-10-17] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {1A2630E1-9C89-4551-BA85-C4025670AC75} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1859944 2022-10-17] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {6CC436D3-6D8B-469B-8DC2-1985EA064F3B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d912e99e9d4e7e => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-12-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {79FE1179-3F19-46DA-9A9C-66581003C688} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-12-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {F61FE449-0FDB-4BA2-A74F-CBD71455BC54} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [152109928 2024-08-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {C24EADE4-3F48-4408-85E5-BDF1FEF879A7} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1261928 2023-12-07] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {DAC8D055-2B2B-42EE-9D0E-5923ADB7344A} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei)
Task: {7D743289-1968-4DC9-8341-0690F3CE7D9E} - System32\Tasks\DropboxSystem\DropboxUpdater\DropboxUpdaterTaskSystem123.0.6299.89{F38539AC-5FEE-4153-8D0A-381A6244F8DF} => C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.89\updater.exe [5895032 2025-02-17] (Dropbox, Inc -> Dropbox, Inc.)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (Keine Datei)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {560A7B0A-1318-4D3F-94F8-0CE5A6BA9A62} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4ED2CF94-FD5C-4D28-87A3-74C52FFE3ABD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F2446D23-EBB2-4EF3-B880-A97AD16F5000} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {54081C89-0D61-4200-86FE-B6FE5AE117B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FD64FA16-EEF1-401D-9082-5FC0727040B5} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1031384 2024-06-20] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {46171060-7BE0-4598-9932-9F7E84F4A0E7} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222760 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2B6CCA9-E5DC-4F64-96F8-5A01B12177B1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Keine Datei) <==== ACHTUNG
Task: {CA93261D-2BC8-4F69-944E-3B8B86189857} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222760 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {57444368-F1B3-4A31-9792-88DB9B1108DE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Keine Datei) <==== ACHTUNG
Task: {4E9394B1-75C0-4F70-91C3-0E30E88579D2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1005 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222760 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A2F4B19-EBAF-41C7-9624-85D62A039111} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1010 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222760 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE149E17-8E67-4BEE-A803-91FB5DA0A9B9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1011 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222760 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB94FD73-4ED1-4706-92FF-A2C87ED0CB7D} - System32\Tasks\OneDrive Startup Task-S-1-5-21-742015436-2650572314-4209869716-1002 => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\OneDriveLauncher.exe /startInstances (Keine Datei)
Task: {EF425A02-6699-408A-BA82-D5C8447DC8A6} - System32\Tasks\OneDrive Startup Task-S-1-5-21-742015436-2650572314-4209869716-1005 => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\OneDriveLauncher.exe /startInstances (Keine Datei)
Task: {631187C2-1094-40F1-9F39-6C827333C715} - System32\Tasks\OneDrive Startup Task-S-1-5-21-742015436-2650572314-4209869716-1011 => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\OneDriveLauncher.exe /startInstances (Keine Datei)
Task: {D09BE782-6E77-46F8-8F33-BE57CDB0410A} - System32\Tasks\Shutdown => C:Windows\System32\shutdown.exe -> -s
Task: {19E4983A-40A6-465A-8D52-5E892A3FF3A6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60632 2024-06-20] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {1DD5B55D-968F-472E-825E-10CF00176621} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324312 2024-06-20] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4d1b61c0-65ba-477f-a851-37f438df3773}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4d1b61c0-65ba-477f-a851-37f438df3773}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{a8007744-234c-4475-986f-575b8d880eea}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{eec00823-27e6-4302-af75-219d8609173e}: [DhcpNameServer] 192.168.178.1
Edge:
=======
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-27]
Edge Extension: (NordVPN - the Fastest VPN proxy for privacy) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fphgeikpdcdcheaochkhldmnfblfogla [2025-03-27]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-27]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-12]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKLM-x32\...\Edge\Extension: [fphgeikpdcdcheaochkhldmnfblfogla]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [Keine Datei]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
U2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [401880 2024-12-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.03.02\atkexComSvc.exe [909160 2024-05-02] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-12-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [503144 2024-09-25] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2023-10-17] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-12-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [678256 2022-12-21] (ASUSTeK COMPUTER INC. -> ASUS)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1134480 2025-03-27] (ASUSTeK Computer Inc. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [5895032 2025-02-17] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [5895032 2025-02-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48528 2025-03-18] (Dropbox, Inc -> Dropbox, Inc.)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\220.4.4126\DropboxElevationService.exe [1659280 2025-03-18] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterInternalService123.0.6299.89; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.89\updater.exe [5895032 2025-02-17] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterService123.0.6299.89; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.89\updater.exe [5895032 2025-02-17] (Dropbox, Inc -> Dropbox, Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [13902952 2024-08-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [960752 2024-07-02] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-10-18] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.035.0223.0003\FileSyncHelper.exe [3534632 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2432608 2023-08-14] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2282320 2024-08-26] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7191888 2024-08-26] (GOG sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-03-05] (HP Inc. -> HP Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4955496 2024-08-08] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9484384 2025-03-21] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-08] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NTKDaemonService; C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe [17119968 2023-09-25] (Native Instruments GmbH -> Native Instruments GmbH)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.035.0223.0003\OneDriveUpdaterService.exe [3881808 2025-03-24] (Microsoft Corporation -> Microsoft Corporation)
S3 OVRLibraryService; D:\Oculus\Support\oculus-librarian\OVRLibraryService.exe [146616 2025-03-13] (Meta Platforms, Inc. -> Facebook Technologies, LLC)
R2 OVRService; D:\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [428728 2025-03-13] (Meta Platforms, Inc. -> Facebook Technologies, LLC)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [613048 2023-03-22] (geek software GmbH -> geek software GmbH)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2125352 2024-11-22] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559344 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1587712 2025-03-13] (GN Hearing A/S -> )
R2 Synology Active Backup for Business Service; C:\Program Files (x86)\Synology\ActiveBackupforBusinessAgent\service\Synology Active Backup for Business Service.exe [3780816 2025-02-10] (Synology Inc. -> )
R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [356568 2024-10-28] (Synology Inc. -> )
S3 Updater; C:\Program Files\Virtual Desktop Streamer\Updater.exe [1385848 2024-11-25] (Virtual Desktop, Inc -> Virtual Desktop, Inc.)
R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [11465592 2024-10-12] (Virtual Desktop, Inc -> Virtual Desktop, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [36040 2024-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R2 AMDRyzenMasterDriverV22; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [60576 2024-06-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_66bdd11a4e97edd1\amdsafd.sys [112840 2024-05-02] (AMD Test Build -> Advanced Micro Devices)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0409974.inf_amd64_db5d684bd08db28d\B409690\amdkmdag.sys [106158496 2024-12-04] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [63008 2024-05-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2023-10-10] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [58936 2024-09-24] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2024-12-16] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2024-12-16] (Microsoft Corporation) [Datei ist nicht signiert]
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [34920 2025-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2023-10-10] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 e2fnexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2fn.inf_amd64_d9445744f52b5b9b\e2fn.sys [1410688 2024-02-17] (Intel Corporation -> Intel Corporation)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-16] (Microsoft Windows -> Microsoft Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54888 2024-07-02] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [278944 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140744 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-03-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19672 2023-12-10] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 MTKBTFilterx64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [361472 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1617920 2024-03-06] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [73400 2024-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2024-07-09] (Oculus VR, LLC -> Facebook Inc.)
R3 rtucx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtucx22x64.inf_amd64_a6eb3abe5befec7d\rtucx22x64.sys [1876424 2024-04-24] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [43568 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_7a086649438f4409\SteelSeries-Sonar-VAD.sys [95400 2024-08-07] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R3 vdvad_WaveExtensible; C:\WINDOWS\System32\drivers\vdvad.sys [44936 2024-05-24] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
R3 vdvge; C:\WINDOWS\System32\drivers\vdvge.sys [75832 2024-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Virtual Desktop, Inc.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2024-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\mvvad.sys [48144 2023-08-30] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-03-05] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601520 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
R3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-12-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-03-27 17:04 - 2025-03-27 17:04 - 000039040 _____ C:\Users\Admin\Downloads\FRST.txt
2025-03-27 17:03 - 2025-03-27 17:04 - 000000000 ____D C:\FRST
2025-03-27 17:03 - 2025-03-27 17:03 - 000745650 _____ C:\WINDOWS\system32\perfh007.dat
2025-03-27 17:03 - 2025-03-27 17:03 - 000158752 _____ C:\WINDOWS\system32\perfc007.dat
2025-03-27 17:03 - 2025-03-27 17:03 - 000000000 ____D C:\Users\Admin\AppData\Roaming\com.adobe.dunamis
2025-03-27 17:03 - 2025-03-27 17:03 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Adobe
2025-03-27 17:03 - 2025-03-27 17:03 - 000000000 ____D C:\Users\Admin\AppData\Local\SolidDocuments
2025-03-27 17:03 - 2025-03-27 17:03 - 000000000 ____D C:\Users\Admin\.ms-ad
2025-03-27 17:02 - 2025-03-27 17:03 - 002404352 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2025-03-27 17:02 - 2025-03-27 17:03 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2025-03-27 17:01 - 2025-03-27 17:01 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Dropbox
2025-03-27 17:00 - 2025-03-27 17:01 - 000000000 ____D C:\ProgramData\Oculus
2025-03-27 17:00 - 2025-03-27 17:00 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Oculus
2025-03-27 16:59 - 2025-03-27 17:00 - 000000000 ____D C:\Users\Admin\AppData\Roaming\asus_framework
2025-03-27 16:59 - 2025-03-27 16:59 - 000000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2025-03-27 16:59 - 2025-03-27 16:59 - 000000000 ____D C:\Users\Admin\AppData\Local\Comms
2025-03-26 14:07 - 2025-03-26 14:07 - 000112749 _____ C:\Users\User2\Downloads\April 2024.pdf
2025-03-26 14:07 - 2025-03-26 14:07 - 000106460 _____ C:\Users\User2\Downloads\Juni 2024.pdf
2025-03-26 14:07 - 2025-03-26 14:07 - 000087749 _____ C:\Users\User2\Downloads\März 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000122445 _____ C:\Users\User2\Downloads\Dezember 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000113834 _____ C:\Users\User2\Downloads\November 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000111219 _____ C:\Users\User2\Downloads\August 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000111170 _____ C:\Users\User2\Downloads\September 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000109451 _____ C:\Users\User2\Downloads\Oktober 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000109438 _____ C:\Users\User2\Downloads\Juli 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000106339 _____ C:\Users\User2\Downloads\Mai 2024.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000090737 _____ C:\Users\User2\Downloads\Februar 2025.pdf
2025-03-26 14:06 - 2025-03-26 14:06 - 000088470 _____ C:\Users\User2\Downloads\Januar 2025.pdf
2025-03-26 13:54 - 2025-03-26 13:54 - 000044728 _____ C:\Users\User2\Downloads\Verdienstbescheinigung # 117 SGB XII.pdf
2025-03-26 12:41 - 2025-03-26 12:41 - 000000000 ____D C:\Users\User2\AppData\Local\SynologyDrive
2025-03-26 12:40 - 2025-03-26 12:41 - 029089792 _____ C:\Users\User2\Downloads\AusweisApp-2.3.1.msi
2025-03-25 22:45 - 2025-03-25 22:45 - 000000000 ____D C:\Users\User2\Downloads\Elterngeld Antrag
2025-03-22 16:55 - 2025-03-25 22:54 - 000000000 ____D C:\Users\User1\AppData\Local\SynologyDrive
2025-03-22 16:55 - 2025-03-22 16:55 - 000001360 _____ C:\Users\Public\Desktop\Synology Drive Client.lnk
2025-03-22 16:55 - 2025-03-22 16:55 - 000000000 ____D C:\Users\Admin\AppData\Local\SynologyDrive
2025-03-22 16:54 - 2025-03-22 16:54 - 072353192 _____ (Synology) C:\Users\User1\Downloads\Synology Drive Client-3.5.1-16102-x86.exe
2025-03-20 19:30 - 2025-03-20 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2025-03-18 12:02 - 2025-03-18 12:02 - 000048528 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2025-03-14 14:39 - 2025-03-14 14:39 - 000000000 ____D C:\Users\User2\Downloads\Fotos User2 Arbeit
2025-03-14 14:27 - 2025-03-14 14:35 - 1191397142 _____ C:\Users\User2\Downloads\ZIP Fotos User2.zip
2025-03-09 21:59 - 2025-03-09 21:59 - 000000000 ____D C:\WINDOWS\Windows.SystemToast.PresenceSensing.OnlookerDetection
2025-03-09 19:51 - 2025-03-27 16:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-09 19:49 - 2025-03-09 19:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\DropboxSystem
2025-03-09 19:49 - 2025-03-09 19:49 - 000000000 ____D C:\Program Files\Dropbox
2025-03-05 20:47 - 2025-03-05 20:47 - 000070484 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-03-05 20:47 - 2025-03-05 20:47 - 000070484 _____ C:\WINDOWS\system32\ctac.json
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-03-27 17:05 - 2024-03-12 15:26 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2025-03-27 17:04 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-27 17:04 - 2022-12-18 15:04 - 000000000 ____D C:\Program Files\ASUS
2025-03-27 17:03 - 2024-12-17 19:26 - 001729504 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-27 17:03 - 2024-12-16 21:46 - 000000000 ____D C:\Users\Admin
2025-03-27 17:03 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-03-27 17:03 - 2024-03-12 15:26 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2025-03-27 17:02 - 2024-03-12 15:27 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2025-03-27 17:01 - 2024-08-27 18:49 - 000000000 ____D C:\Users\Admin\AppData\Local\Steam
2025-03-27 17:01 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-27 17:01 - 2024-03-17 17:44 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2025-03-27 17:01 - 2024-03-12 17:38 - 000000000 ____D C:\Program Files (x86)\Steam
2025-03-27 17:01 - 2024-03-12 15:27 - 000000000 ____D C:\Users\Admin\AppData\Local\Dropbox
2025-03-27 17:00 - 2024-12-16 21:46 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows
2025-03-27 17:00 - 2024-07-09 18:10 - 000000000 ____D C:\Users\Admin\AppData\Local\Oculus
2025-03-27 17:00 - 2024-04-24 17:21 - 000000000 ____D C:\Users\Admin\AppData\Local\Voicemod
2025-03-27 17:00 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-27 17:00 - 2024-03-12 15:27 - 000000000 ____D C:\Users\Admin\AppData\Local\PlaceholderTileLogoFolder
2025-03-27 17:00 - 2024-03-12 15:26 - 000000000 ____D C:\Users\Admin\AppData\Local\AMD
2025-03-27 17:00 - 2024-01-06 10:36 - 000000000 ____D C:\Users\User2\AppData\Roaming\Dropbox
2025-03-27 17:00 - 2023-08-12 16:10 - 000000000 ____D C:\Users\User2\AppData\Local\Dropbox
2025-03-27 16:59 - 2024-12-16 22:39 - 000003130 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2025-03-27 16:59 - 2024-12-16 22:39 - 000003122 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2025-03-27 16:59 - 2024-12-16 22:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-27 16:59 - 2024-12-16 22:38 - 000015038 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-03-27 16:59 - 2024-12-16 21:46 - 000000000 ____D C:\WINDOWS\system32\SteelSeries
2025-03-27 16:59 - 2024-07-13 09:30 - 000000000 ____D C:\Users\User2\AppData\Roaming\asus_framework
2025-03-27 16:59 - 2024-07-13 09:30 - 000000000 ____D C:\Users\User2\AppData\Local\Oculus
2025-03-27 16:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-03-27 16:59 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-27 16:59 - 2024-02-25 14:37 - 000000000 ____D C:\Users\User2\AppData\Local\Malwarebytes
2025-03-27 16:59 - 2024-02-25 14:37 - 000000000 ____D C:\Users\User2\AppData\Local\CrashDumps
2025-03-27 16:59 - 2024-02-20 17:06 - 000000000 ____D C:\ProgramData\ActiveBackupforBusinessAgent
2025-03-27 16:59 - 2022-12-18 14:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-03-27 16:59 - 2022-12-18 14:43 - 001173024 _____ C:\WINDOWS\system32\wpbbin.exe
2025-03-27 16:59 - 2022-12-18 14:43 - 001134480 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2025-03-27 16:59 - 2022-12-18 14:43 - 000012288 ___SH C:\DumpStack.log.tmp
2025-03-26 14:08 - 2024-04-01 08:21 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2025-03-26 11:46 - 2024-12-16 22:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-26 11:21 - 2022-12-27 09:59 - 000000000 ____D C:\Users\User2\AppData\Local\D3DSCache
2025-03-26 10:41 - 2022-12-18 14:43 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-26 10:41 - 2022-12-18 14:43 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-03-26 10:33 - 2024-06-14 10:21 - 000000000 ____D C:\Users\User2\AppData\Roaming\steelseries-gg-client
2025-03-26 10:32 - 2022-12-27 10:00 - 000000000 ___RD C:\Users\User2\OneDrive
2025-03-25 22:54 - 2024-12-31 15:41 - 000000000 ____D C:\Users\User1\AppData\Roaming\Synology Image Assistant
2025-03-25 22:54 - 2024-07-08 13:51 - 000000000 ____D C:\Users\User1\AppData\Roaming\asus_framework
2025-03-25 22:53 - 2024-02-22 13:44 - 000000000 ____D C:\Users\User1\AppData\Local\Malwarebytes
2025-03-25 21:34 - 2024-02-27 14:12 - 000000000 ____D C:\Users\User1\AppData\Local\CrashDumps
2025-03-25 21:34 - 2023-03-04 16:13 - 000000000 ____D C:\Users\User1\AppData\Roaming\Dropbox
2025-03-25 21:34 - 2023-03-04 16:13 - 000000000 ____D C:\Users\User1\AppData\Local\Dropbox
2025-03-25 21:34 - 2022-12-19 13:11 - 000000000 ___RD C:\Users\User1\OneDrive
2025-03-25 21:33 - 2024-11-19 19:26 - 000000000 ____D C:\Users\User1\AppData\Roaming\Oculus Remote Desktop
2025-03-25 21:33 - 2024-07-09 18:24 - 000000000 ____D C:\Users\User1\AppData\Local\Oculus
2025-03-25 21:33 - 2024-03-12 17:43 - 000000000 ___RD C:\Users\User1\iCloudDrive
2025-03-25 21:32 - 2023-12-21 17:29 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-03-24 22:16 - 2024-03-17 16:30 - 000000000 ____D C:\Users\User1\AppData\Roaming\obsidian
2025-03-24 21:13 - 2024-12-16 22:39 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1011
2025-03-24 21:13 - 2024-12-16 22:39 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1005
2025-03-24 21:13 - 2024-12-16 22:39 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-742015436-2650572314-4209869716-1002
2025-03-24 21:13 - 2024-12-16 22:39 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-03-24 21:13 - 2023-12-21 17:29 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-23 14:28 - 2022-12-30 13:54 - 000000000 ____D C:\Users\User2\AppData\Local\AMD_Common
2025-03-23 13:46 - 2024-12-16 21:46 - 000000000 ____D C:\Users\User2\AppData\Roaming\Microsoft\Spelling
2025-03-23 12:56 - 2022-12-27 09:59 - 000000000 ____D C:\Users\User2\AppData\Local\Packages
2025-03-22 17:17 - 2024-02-20 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2025-03-22 17:17 - 2024-02-20 16:48 - 000000000 ____D C:\Program Files (x86)\Synology
2025-03-22 16:59 - 2022-12-19 13:10 - 000000000 ____D C:\Users\User1\AppData\Local\Packages
2025-03-22 16:59 - 2022-12-18 14:48 - 000000000 ____D C:\ProgramData\Packages
2025-03-22 16:57 - 2024-12-16 22:39 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-03-22 16:57 - 2023-03-17 23:51 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-20 19:30 - 2023-03-04 16:13 - 000000000 ____D C:\Program Files (x86)\Dropbox
2025-03-18 19:53 - 2022-12-22 17:18 - 002897472 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-03-18 19:53 - 2022-12-22 17:18 - 000788008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2025-03-18 19:53 - 2022-12-22 17:18 - 000267816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-03-18 19:53 - 2022-12-22 17:18 - 000243264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-03-18 19:53 - 2022-12-22 17:18 - 000153152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-03-18 19:53 - 2022-12-22 17:18 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-03-18 19:53 - 2022-12-22 17:18 - 000075304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-03-18 19:52 - 2022-12-21 13:08 - 000000000 ____D C:\Users\User1\AppData\Local\AMD_Common
2025-03-15 22:20 - 2024-12-16 22:36 - 000306312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-15 22:20 - 2024-12-16 22:36 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2025-03-15 22:19 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-03-15 22:19 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-15 22:19 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-15 20:00 - 2022-12-19 13:10 - 000000000 ____D C:\Users\User1\AppData\Local\D3DSCache
2025-03-12 20:50 - 2024-12-16 22:39 - 003346432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-03-09 21:59 - 2024-04-01 17:37 - 000000000 ____D C:\WINDOWS\InboxApps
2025-03-09 21:59 - 2024-04-01 17:37 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-03-09 21:59 - 2024-04-01 17:36 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-03-09 21:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-03-09 21:59 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-03-09 20:06 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-03-09 20:01 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2025-03-09 19:58 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-03-09 19:58 - 2024-02-22 13:43 - 000022120 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2025-03-07 17:36 - 2024-12-16 22:39 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-07 17:36 - 2024-12-16 22:39 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-05 22:25 - 2024-12-16 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2025-03-05 22:25 - 2023-01-09 11:36 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2025-03-05 20:34 - 2022-12-18 14:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-03-04 19:18 - 2025-02-06 21:21 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-742015436-2650572314-4209869716-1011
2025-03-04 19:18 - 2025-02-06 21:21 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-742015436-2650572314-4209869716-1005
2025-03-04 19:18 - 2025-02-06 21:21 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-742015436-2650572314-4209869716-1002
2025-03-02 23:00 - 2022-12-21 13:17 - 000000000 ____D C:\Users\User1\AppData\Roaming\steelseries-gg-client
2025-02-28 23:16 - 2023-03-01 21:44 - 000000000 ____D C:\Users\User1\AppData\Roaming\DeepL_SE
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Geändert von Lovecraftian (27.03.2025 um 17:28 Uhr) |
| Themen zu Gefälschtes Windows Pop-up mit angeblicher Virus Warnung. |
| angeblich, anschluss, antivirus, benutzerkonto, defender, frage, gelöscht, getarnt, herzlichen, interne, internetverbindung, microsoft, microsoft edge, neustart, pop-up fenster, pop-up nachricht, pop-ups, programme, rechts, software, unbekannte, verbindung, verlauf, virus, warnung, webseite, windows, zugriff |
Baum-Darstellung