Windows 10: Win32/Woreflint.A!cl Meldung Hallo zusammen,
ich habe die Meldung von Windows Defender erhalten, dass ein Win32/Woreflint.A!cl gefunden wurde. Defender hat die Datei wohl in die Quarantäne verschoben und ich habe diese entfernt.
Komisch ist, dass nach einem Neustart mein Onedrive plötzlich mein Passwort haben möchte und etwas mit einer Datei im Tresor sei.
Ich habe bedenken, dass meine Daten abgegriffen werden sollen.
Vielen Dank für die Unterstützung Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-03-2023
durchgeführt von sasch (Administrator) auf DESKTOP-GAMING (02-04-2023 12:57:44)
Gestartet von C:\Users\sasch\Downloads
Geladene Profile: sasch
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.2728 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(C:\Program Files (x86)\STRATO\HiDrive\HiDrive.App.exe ->) (STRATO AG -> STRATO AG) C:\Program Files (x86)\STRATO\HiDrive\HiDrive.Hub.exe
(C:\Program Files (x86)\STRATO\HiDrive\HiDrive.App.exe ->) (STRATO AG -> STRATO AG) C:\Program Files (x86)\STRATO\HiDrive\HiDrive.Sync.exe
(C:\Program Files (x86)\STRATO\HiDrive\HiDrive.App.exe ->) (STRATO AG -> STRATO AG) C:\Program Files (x86)\STRATO\HiDrive\HiDrive.UI.exe
(C:\Program Files (x86)\STRATO\HiDrive\HiDrive.UI.exe ->) (STRATO AG) [Datei ist nicht signiert] C:\Users\sasch\AppData\Local\Temp\HiDrive.UI\HiDrive UI.exe <4>
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\QmlRenderer.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCopyAccelerator.exe
(C:\Users\sasch\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\sasch\AppData\Local\Programs\Opera GX\96.0.4693.117\opera_crashreporter.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe
(DriverStore\FileRepository\u0389794.inf_amd64_b7be4af85ac37a6e\B389490\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0389794.inf_amd64_b7be4af85ac37a6e\B389490\atieclxx.exe
(explorer.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\AMD\ANR\AMDNoiseSuppression.exe
(explorer.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(explorer.exe ->) (HP Inc -> HP Inc.) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Users\sasch\Downloads\MBSetup.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.62\msedgewebview2.exe <6>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\sasch\AppData\Local\Programs\Opera GX\opera.exe <25>
(explorer.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(explorer.exe ->) (STRATO AG -> STRATO AG) C:\Program Files (x86)\STRATO\HiDrive\HiDrive.App.exe
(explorer.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Program Files\Wondershare\PDFelement9\PENotify.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0389794.inf_amd64_b7be4af85ac37a6e\B389490\atiesrxx.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe <8>
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (STRATO AG -> STRATO AG) C:\Program Files (x86)\STRATO\HiDrive\Updater\HiDriveUpdateService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x64.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <3>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x64.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x64.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> TODO: <Company name>) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe
(svchost.exe ->) (HP Inc -> HP Inc.) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.061.0319.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_4.5.9.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [185384 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKU\S-1-5-21-398375125-1413370495-1598437943-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2631048 2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-398375125-1413370495-1598437943-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-398375125-1413370495-1598437943-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\sasch\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-398375125-1413370495-1598437943-1001\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3769248 2019-03-19] (HP Inc -> HP Inc.)
HKU\S-1-5-21-398375125-1413370495-1598437943-1001\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [155544 2022-08-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-398375125-1413370495-1598437943-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3050080 2023-03-25] (Skutta, Kristjan -> )
HKU\S-1-5-21-398375125-1413370495-1598437943-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-398375125-1413370495-1598437943-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13734376 2023-02-28] (GOG Sp. z o.o. -> GOG.com)
HKLM\...\Print\Monitors\HP CD11 Status Monitor: C:\Windows\system32\hpinkstsCD11LM.dll [391992 2019-03-15] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\PEPrinterMonitor.dll [285232 2022-11-08] (Wondershare Technology Co.,Ltd -> Wondershare Software)
HKLM\Software\...\AppCompatFlags\Custom\XWING95.EXE: [{43b2876b-3e34-4e6e-ac3f-4da816b782e0}.sdb] -> Star Wars X-Wing 95 Compatibility Fix
HKLM\Software\...\AppCompatFlags\Custom\XWINGTIE.EXE: [{43b2876b-3e34-4e6e-ac3f-4da816b782e0}.sdb] -> Star Wars X-Wing 95 Compatibility Fix
HKLM\Software\...\AppCompatFlags\InstalledSDB\{43b2876b-3e34-4e6e-ac3f-4da816b782e0}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{43b2876b-3e34-4e6e-ac3f-4da816b782e0}.sdb [2020-10-26]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.147\Installer\chrmstp.exe [2023-03-30] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wondershare PEScreenshot.lnk [2022-12-03]
ShortcutTarget: Wondershare PEScreenshot.lnk -> C:\Program Files\Wondershare\PDFelement9\PENotify.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wondershare PEToolbox.lnk [2022-12-03]
ShortcutTarget: Wondershare PEToolbox.lnk -> C:\Program Files\Wondershare\PDFelement9\PENotify.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
Startup: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HiDrive.lnk [2023-04-02]
ShortcutTarget: HiDrive.lnk -> C:\Program Files (x86)\STRATO\HiDrive\HiDrive.App.exe (STRATO AG -> STRATO AG)
Startup: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wondershare PEScreenshot.lnk [2022-12-03]
ShortcutTarget: Wondershare PEScreenshot.lnk -> C:\Program Files\Wondershare\PDFelement9\PENotify.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
Startup: C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wondershare PEToolbox.lnk [2022-12-03]
ShortcutTarget: Wondershare PEToolbox.lnk -> C:\Program Files\Wondershare\PDFelement9\PENotify.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0486ED98-BA08-4323-AD3D-0EDFF1A827E4} - System32\Tasks\Opera GX scheduled Autoupdate 1640273637 => C:\Users\sasch\AppData\Local\Programs\Opera GX\launcher.exe [2637208 2023-03-23] (Opera Norway AS -> Opera Software)
Task: {0A098056-CFE5-4C2F-AA7D-C0D6B8490EC7} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183736 2023-03-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {1A73F721-D72D-47C0-87FB-6DECA65E6E6A} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1644330143 => C:\Users\sasch\AppData\Local\Programs\Opera GX\launcher.exe [2637208 2023-03-23] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\sasch\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {1AB55250-08B7-428A-82D6-C4D99D5E8F8B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168840 2023-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F6D2FE4-5F98-4363-8D1D-1EBCB1B7451B} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1241448 2021-10-13] (ASUSTeK Computer Inc. -> ASUS)
Task: {2279CCCA-53AB-4A07-93D6-F5F3ECA56787} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {3D6A18A7-EAC0-463C-8982-6E2859BE2187} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26296280 2023-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C448706-7722-495F-9CC4-D926B28F3E8D} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {4DBCD049-33EF-4910-A90F-0BFEA1A6A42E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2021-12-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {52C74BD4-D0C3-46A6-AC84-829016927279} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [109697976 2021-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {57542128-47D1-4FA9-8174-756673C4E1E0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2023-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {5DC6765F-58DB-4DD3-A9C6-096241F4B0A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-21] (Google LLC -> Google LLC)
Task: {668DE804-AAE0-4AF4-9ECE-D42781C3D794} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [59832 2023-03-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {7565CB34-50E3-4F33-AE8A-819A0E6B3D25} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2245560 2021-11-26] (ASUSTeK Computer Inc. -> ASUS)
Task: {8683D7C7-1DFB-4B46-9DDA-6284F2D23A1A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {A628920E-62E8-42F2-B5CC-D2E99E30B790} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-398375125-1413370495-1598437943-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196728 2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A88FFBCE-22B2-4716-B0CB-9C6AF87BC777} - System32\Tasks\ASUS\ArmouryAIOFanServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe [764152 2021-06-10] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {AA08E9EC-9277-4B0D-B1CD-B0C663D2FD97} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [44733352 2021-11-01] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {AB3759C9-858B-43D7-A58A-7E405290889B} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196728 2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7F0BA0B-7EBA-470E-AE30-7A224CD2AA6A} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei)
Task: {C0F4CB86-6B92-4640-BD5F-F4E2F3894116} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2023-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C848CCFD-1B65-4144-97B2-97779C4D6FD4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {C95A14D2-049A-4748-9F1C-4AF92D13C469} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-21] (Google LLC -> Google LLC)
Task: {CA63B9DA-C1F2-440D-A353-904225030773} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [114952 2021-11-26] (ASUSTeK Computer Inc. -> ASUS)
Task: {CCB393FB-E067-42F4-B646-A6535BF00CD3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26296280 2023-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFCC7AC4-81D7-44B9-9B5A-5C131124616B} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2023-03-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {F02CFA90-E288-405C-B06B-0D4F4263B5C1} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d7f97dfed4e49b => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2021-12-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {F2983A43-01E4-440E-B248-6DC6352766F7} - System32\Tasks\G2MUploadTask-S-1-5-21-398375125-1413370495-1598437943-1001 => C:\Users\sasch\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-23] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {F9AAF3C5-C901-479E-ADD0-AA1C56BE404F} - System32\Tasks\G2MUpdateTask-S-1-5-21-398375125-1413370495-1598437943-1001 => C:\Users\sasch\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-23] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {FC8C3284-4489-4661-A50B-089035190C72} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-398375125-1413370495-1598437943-1001.job => C:\Users\sasch\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-398375125-1413370495-1598437943-1001.job => C:\Users\sasch\AppData\Local\GoToMeeting\19950\g2mupload.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{58286191-2633-4d20-bcbd-a5add0b01ccb}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\sasch\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-30]
Edge HomePage: Default -> hxxp://www.google.de/
Edge Extension: (Youtube Video Downloader) - C:\Users\sasch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gjndphdopaigpbbhdlgphjgfccacnbja [2021-10-30]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\sasch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-03-10]
Edge Extension: (MyJDownloader Browser Erweiterung) - C:\Users\sasch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ieapabanbplofifeaapjocpaogdhncdd [2021-10-30]
FireFox:
========
FF DefaultProfile: q1snl18i.default
FF ProfilePath: C:\Users\sasch\AppData\Roaming\Mozilla\Firefox\Profiles\q1snl18i.default [2021-05-08]
FF ProfilePath: C:\Users\sasch\AppData\Roaming\Mozilla\Firefox\Profiles\wzhqhflt.default-release [2022-03-18]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-03-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\sasch\AppData\Local\Google\Chrome\User Data\Default [2023-04-02]
CHR Notifications: Default -> hxxps://web.telegram.org; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.de/
CHR Extension: (MyJDownloader Browser Erweiterung) - C:\Users\sasch\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-12-21]
CHR Extension: (Google Docs Offline) - C:\Users\sasch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\sasch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-21]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-398375125-1413370495-1598437943-1001) Opera GXStable - "C:\Users\sasch\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [382112 2022-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe [457544 2021-10-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2021-12-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [179488 2021-09-16] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2021-12-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [655728 2021-12-25] (ASUSTeK Computer Inc. -> ASUS)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512728 2023-03-23] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [614432 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [238632 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [84008 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S2 CorsairUniwillService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueUniwillService.exe [108072 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-03-06] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.061.0319.0003\FileSyncHelper.exe [3416968 2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2317800 2023-02-28] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178728 2023-02-28] (GOG Sp. z o.o. -> GOG.com)
R2 HiDriveMaintenanceService; C:\Program Files (x86)\STRATO\HiDrive\Updater\HiDriveUpdateService.exe [1030392 2022-07-07] (STRATO AG -> STRATO AG)
R3 iCUEDevicePluginHost; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe [462888 2023-01-20] (Corsair Memory, Inc. -> Corsair)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3683496 2021-11-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 MagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [347576 2021-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4490376 2020-09-18] (Logitech Inc -> Logitech)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.061.0319.0003\OneDriveUpdaterService.exe [3801464 2023-04-01] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2020-09-02] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2579840 2022-09-09] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1574512 2023-02-13] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [347576 2021-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [226976 2023-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15549240 2023-03-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [36248 2022-10-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [27256 2022-01-27] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R2 AMDRyzenMasterDriverV20; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [48328 2023-03-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0389794.inf_amd64_b7be4af85ac37a6e\B389490\amdkmdag.sys [100102520 2023-03-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [34384 2021-10-21] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43192 2021-09-16] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63008 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47032 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [22968 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2023-04-02] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49608 2023-03-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [495896 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-04-02 12:57 - 2023-04-02 12:58 - 000036676 _____ C:\Users\sasch\Downloads\FRST.txt
2023-04-02 12:57 - 2023-04-02 12:58 - 000000000 ____D C:\FRST
2023-04-02 12:55 - 2023-04-02 12:56 - 002379264 _____ (Farbar) C:\Users\sasch\Downloads\FRST64.exe
2023-04-02 12:48 - 2023-04-02 12:48 - 002649088 _____ (Malwarebytes) C:\Users\sasch\Downloads\MBSetup (1).exe
2023-04-02 12:47 - 2023-04-02 12:47 - 000000000 ____D C:\Users\sasch\AppData\Local\mbam
2023-04-02 12:45 - 2023-04-02 12:45 - 002649088 _____ (Malwarebytes) C:\Users\sasch\Downloads\MBSetup.exe
2023-04-02 12:43 - 2023-04-02 12:43 - 000000000 ____D C:\Users\sasch\AppData\Local\system_backup_gui
2023-04-02 12:28 - 2023-04-02 12:58 - 000000000 ____D C:\Windows\SysWOW64\lock.lock
2023-04-02 12:18 - 2023-04-02 12:18 - 000002521 _____ C:\Windows\PWCMDLST.BAK
2023-04-02 11:07 - 2023-04-02 11:07 - 000002173 _____ C:\Users\Public\Desktop\WISO Steuer 2023.lnk
2023-04-02 11:07 - 2023-04-02 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer 2023
2023-04-02 10:59 - 2023-04-02 11:00 - 654663888 _____ C:\Users\sasch\Downloads\WISOSteuer2023.exe
2023-04-02 10:34 - 2023-04-02 12:17 - 000000000 ____D C:\Users\sasch\AppData\Roaming\QtProject
2023-04-02 10:33 - 2023-04-02 12:44 - 000000000 ____D C:\Program Files\MiniTool ShadowMaker
2023-04-02 10:33 - 2023-04-02 12:43 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12
2023-04-02 10:33 - 2021-03-09 18:41 - 000037336 _____ C:\Windows\system32\pwdrvio.sys
2023-04-02 10:33 - 2019-11-08 10:15 - 003600896 _____ C:\Windows\system32\pwNative.exe
2023-04-02 10:33 - 2019-11-08 10:15 - 000012504 _____ C:\Windows\system32\pwdspio.sys
2023-04-02 10:32 - 2023-04-02 10:32 - 003253376 _____ (MiniTool Software Limited ) C:\Users\sasch\Downloads\pw1207-free-online.exe
2023-04-02 09:34 - 2023-04-02 09:34 - 000000000 ____D C:\Users\sasch\Downloads\TUF-B450-PLUS-GAMING-ASUS-4003
2023-04-02 09:33 - 2023-03-13 12:44 - 016779264 ____N C:\Users\sasch\Downloads\TUF-B450-PLUS-GAMING-ASUS-4003.CAP
2023-04-02 09:33 - 2022-03-02 18:47 - 000128088 ____N C:\Users\sasch\Downloads\BIOSRenamer.exe
2023-04-02 09:32 - 2023-04-02 09:32 - 011341072 _____ C:\Users\sasch\Downloads\TUF-B450-PLUS-GAMING-ASUS-4003.zip
2023-04-02 09:14 - 2023-04-02 12:27 - 000003116 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2023-03-31 16:21 - 2023-03-31 16:21 - 000147055 _____ C:\Users\sasch\OneDrive\Dokumente\Stempel.pdf
2023-03-29 16:57 - 2023-04-02 12:27 - 000003108 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2023-03-26 15:44 - 2023-03-26 15:44 - 000000000 ____D C:\Users\sasch\AppData\Local\REDEngine
2023-03-26 15:44 - 2023-03-26 15:44 - 000000000 ____D C:\Users\sasch\AppData\Local\CD Projekt Red
2023-03-26 15:25 - 2023-03-26 15:25 - 000001463 _____ C:\Users\Public\Desktop\Cyberpunk 2077.lnk
2023-03-26 15:25 - 2023-03-26 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]
2023-03-26 13:49 - 2023-03-26 15:25 - 000000000 ____D C:\ProgramData\GOG.com
2023-03-26 13:49 - 2023-03-26 13:49 - 000001212 _____ C:\Users\Public\Desktop\GOG GALAXY.lnk
2023-03-26 13:49 - 2023-03-26 13:49 - 000000000 ____D C:\Users\sasch\AppData\Local\GOG.com
2023-03-26 13:49 - 2023-03-26 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2023-03-26 13:49 - 2023-03-26 13:49 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2023-03-26 13:48 - 2023-03-26 13:49 - 000515560 _____ (GOG Sp. z o.o.) C:\Users\sasch\Downloads\GOG_Galaxy_Cyberpunk_2077.exe
2023-03-25 22:50 - 2023-03-25 22:50 - 000000000 ____D C:\Users\sasch\AppData\LocalLow\DefaultCompany
2023-03-25 12:39 - 2023-03-25 12:39 - 000000000 ____D C:\Users\sasch\AppData\Local\QmlRenderer
2023-03-25 12:10 - 2023-03-25 12:10 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Corsair
2023-03-25 11:43 - 2023-03-25 11:43 - 000003484 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2023-03-25 11:43 - 2023-03-25 11:43 - 000002620 _____ C:\Windows\system32\Tasks\AMDRyzenMasterSDKTask
2023-03-25 11:43 - 2023-03-25 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2023-03-25 11:43 - 2023-03-25 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2023-03-25 11:42 - 2023-03-22 18:52 - 002194808 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-03-25 11:42 - 2023-03-22 18:52 - 002194808 _____ C:\Windows\system32\vulkaninfo.exe
2023-03-25 11:42 - 2023-03-22 18:52 - 001629048 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-03-25 11:42 - 2023-03-22 18:52 - 001629048 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-03-25 11:42 - 2023-03-22 18:52 - 001510032 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-03-25 11:42 - 2023-03-22 18:52 - 001510032 _____ C:\Windows\system32\vulkan-1.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 001241184 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 001241184 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 000801144 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 000714616 _____ C:\Windows\system32\hiprt0200064.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 000678264 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 000606072 _____ C:\Windows\system32\GameManager64.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 000547744 _____ C:\Windows\system32\libsmi_guest.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 000542032 _____ C:\Windows\system32\dgtrayicon.exe
2023-03-25 11:42 - 2023-03-22 18:51 - 000541048 _____ C:\Windows\system32\libsmi_host.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 000502176 _____ C:\Windows\system32\EEURestart.exe
2023-03-25 11:42 - 2023-03-22 18:51 - 000360824 _____ C:\Windows\system32\clinfo.exe
2023-03-25 11:42 - 2023-03-22 18:51 - 000206240 _____ C:\Windows\system32\mantle64.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 000185760 _____ C:\Windows\system32\mantleaxl64.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 000163232 _____ C:\Windows\SysWOW64\mantle32.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 000147360 _____ C:\Windows\SysWOW64\mantleaxl32.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 000051064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2023-03-25 11:42 - 2023-03-22 18:51 - 000047952 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2023-03-25 11:42 - 2023-03-22 18:50 - 000183712 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2023-03-25 11:42 - 2023-03-22 18:50 - 000146808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2023-03-25 11:42 - 2023-03-22 18:49 - 001547600 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2023-03-25 11:42 - 2023-03-22 18:49 - 000948048 _____ (AMD) C:\Windows\system32\atieclxx.exe
2023-03-25 11:42 - 2023-03-22 18:49 - 000535416 _____ C:\Windows\system32\atieah64.exe
2023-03-25 11:42 - 2023-03-22 18:49 - 000472952 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2023-03-25 11:42 - 2023-03-22 18:49 - 000404344 _____ C:\Windows\SysWOW64\atieah32.exe
2023-03-25 11:42 - 2023-03-22 18:49 - 000266104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2023-03-25 11:42 - 2023-03-22 18:49 - 000226680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2023-03-25 11:42 - 2023-03-22 18:49 - 000210088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2023-03-25 11:42 - 2023-03-22 18:49 - 000195960 _____ (AMD) C:\Windows\system32\atimuixx.dll
2023-03-25 11:42 - 2023-03-22 18:49 - 000173024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2023-03-25 11:42 - 2023-03-22 18:49 - 000144208 _____ C:\Windows\system32\atidxx64.dll
2023-03-25 11:42 - 2023-03-22 18:49 - 000118136 _____ C:\Windows\SysWOW64\atidxx32.dll
2023-03-25 11:42 - 2023-03-22 18:49 - 000074656 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2023-03-25 11:42 - 2023-03-22 18:48 - 100645240 _____ C:\Windows\system32\amd_comgr.dll
2023-03-25 11:42 - 2023-03-22 18:48 - 084675960 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2023-03-25 11:42 - 2023-03-22 18:48 - 000524152 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-03-25 11:42 - 2023-03-22 18:48 - 000389496 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-03-25 11:42 - 2023-03-22 18:48 - 000142200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2023-03-25 11:42 - 2023-03-22 18:48 - 000118136 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2023-03-25 11:42 - 2023-03-22 18:47 - 000138064 _____ C:\Windows\system32\amdxc64.dll
2023-03-25 11:42 - 2023-03-22 18:47 - 000113488 _____ C:\Windows\SysWOW64\amdxc32.dll
2023-03-25 11:42 - 2023-03-22 18:46 - 007200160 _____ C:\Windows\system32\amdsmi.exe
2023-03-25 11:42 - 2023-03-22 18:45 - 002265936 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsasrv64.dll
2023-03-25 11:42 - 2023-03-22 18:45 - 001320272 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsacli64.dll
2023-03-25 11:42 - 2023-03-22 18:45 - 001048952 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdsacli32.dll
2023-03-25 11:42 - 2023-03-22 18:44 - 000943008 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2023-03-25 11:42 - 2023-03-22 18:44 - 000770936 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2023-03-25 11:42 - 2023-03-22 18:44 - 000470904 _____ C:\Windows\system32\amdlogum.exe
2023-03-25 11:42 - 2023-03-22 18:43 - 000166968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2023-03-25 11:42 - 2023-03-22 18:43 - 000136408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2023-03-25 11:42 - 2023-03-22 18:42 - 001725512 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2023-03-25 11:42 - 2023-03-22 18:42 - 001399976 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-03-25 11:42 - 2023-03-22 18:41 - 016174416 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2023-03-25 11:42 - 2023-03-22 18:41 - 000568144 _____ C:\Windows\system32\amdgfxinfo64.dll
2023-03-25 11:42 - 2023-03-22 18:41 - 000431952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2023-03-25 11:42 - 2023-03-22 18:40 - 004364152 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdadlx64.dll
2023-03-25 11:42 - 2023-03-22 18:40 - 004170104 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdadlx32.dll
2023-03-25 11:42 - 2023-03-22 18:40 - 000567712 _____ C:\Windows\system32\amdmiracast.dll
2023-03-25 11:42 - 2023-03-22 18:40 - 000167008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2023-03-25 11:42 - 2023-03-22 18:40 - 000136408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2023-03-25 11:42 - 2023-03-22 18:39 - 000176928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2023-03-25 11:42 - 2023-03-22 18:39 - 000151032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2023-03-25 11:42 - 2023-03-22 18:08 - 094918528 _____ C:\Windows\system32\amdxc64.so
2023-03-25 11:42 - 2023-03-22 18:08 - 030284712 _____ C:\Windows\system32\hiprt02000_amd.hipfb
2023-03-25 11:42 - 2023-03-22 18:08 - 022879832 _____ C:\Windows\system32\hiprt02000_nv.fatbin
2023-03-25 11:42 - 2023-03-22 18:08 - 002170168 _____ C:\Windows\system32\oro_compiled_kernels.fatbin
2023-03-25 11:42 - 2023-03-22 18:08 - 001464232 _____ C:\Windows\system32\oro_compiled_kernels.hipfb
2023-03-25 11:42 - 2022-08-12 21:25 - 000054704 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ANR-bgproc-Lib.dll
2023-03-25 11:42 - 2022-05-31 19:49 - 000059920 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdxe.sys
2023-03-25 11:38 - 2023-03-25 11:38 - 045484328 _____ (AMD Inc.) C:\Users\sasch\Downloads\amd-software-adrenalin-edition-23.3.2-minimalsetup-230322_web.exe
2023-03-22 07:30 - 2023-03-22 07:30 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2023-03-22 07:30 - 2023-03-22 07:30 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2023-03-20 12:03 - 2023-03-20 12:15 - 000001176 _____ C:\Users\Public\Desktop\iCUE.lnk
2023-03-20 12:03 - 2023-03-20 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
2023-03-20 11:57 - 2023-03-20 11:59 - 1198374912 _____ C:\Users\sasch\Downloads\iCUESetup_4.33.138_release.msi
2023-03-20 08:22 - 2023-03-20 08:22 - 000143779 _____ C:\Users\sasch\Downloads\Leasingübernahme Porsche Taycan Seidenstadt Bau - L&A Management Holding OHG.pdf
2023-03-16 22:16 - 2023-03-16 22:16 - 000026568 _____ C:\Users\sasch\Downloads\Umsätze (1).pdf
2023-03-15 18:11 - 2023-03-15 18:11 - 000422183 _____ C:\Users\sasch\Downloads\pv-gingst-dv-202302-2023-90015592-de3-22-016-d33250.pdf
2023-03-15 02:10 - 2023-03-15 02:10 - 000856504 _____ (Advanced Micro Devices) C:\Windows\system32\Device.dll
2023-03-15 02:10 - 2023-03-15 02:10 - 000061368 _____ (Advanced Micro Devices) C:\Windows\system32\Platform.dll
2023-03-14 21:43 - 2023-03-14 21:43 - 000000000 ___HD C:\$WinREAgent
2023-03-14 19:07 - 2023-03-14 19:07 - 000037754 _____ C:\Users\sasch\Downloads\Police_91025435141_14.03.2023.pdf
2023-03-12 23:23 - 2023-03-12 23:23 - 000048328 _____ (Advanced Micro Devices) C:\Windows\system32\AMDRyzenMasterDriver.sys
2023-03-11 17:06 - 2023-03-11 17:06 - 000000000 ____D C:\Users\sasch\AppData\Local\XboxGameStudios
2023-03-08 17:22 - 2023-03-08 17:22 - 000135939 _____ C:\Users\sasch\Downloads\Dokumente_08032023 (1).zip
2023-03-08 15:54 - 2023-03-08 15:54 - 000136434 _____ C:\Users\sasch\Downloads\Dokumente_08032023.zip
2023-03-08 15:46 - 2023-03-08 15:46 - 000187160 _____ C:\Users\sasch\Downloads\Kreditrahmenerhöhung.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-04-02 12:55 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-04-02 12:50 - 2020-08-29 12:03 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-02 12:34 - 2021-03-27 10:58 - 001723308 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-02 12:34 - 2019-12-07 16:51 - 000743838 _____ C:\Windows\system32\perfh007.dat
2023-04-02 12:34 - 2019-12-07 16:51 - 000150260 _____ C:\Windows\system32\perfc007.dat
2023-04-02 12:34 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-04-02 12:28 - 2021-09-08 12:13 - 000000000 ____D C:\Users\sasch\AppData\Roaming\hidrive.ui
2023-04-02 12:28 - 2020-08-29 09:33 - 000000000 ___RD C:\Users\sasch\OneDrive
2023-04-02 12:27 - 2021-03-27 10:52 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-02 12:27 - 2021-03-27 10:48 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-02 12:27 - 2020-12-31 22:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-04-02 12:27 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2023-04-02 12:27 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-02 12:18 - 2020-10-22 20:02 - 000000000 ____D C:\Program Files (x86)\Steam
2023-04-02 12:18 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-04-02 12:12 - 2021-07-10 13:45 - 000000000 ____D C:\Users\sasch\AppData\Local\JDownloader 2.0
2023-04-02 11:13 - 2022-03-13 09:32 - 000000000 ____D C:\Users\sasch\OneDrive\Dokumente\steuer
2023-04-02 11:07 - 2020-09-06 09:58 - 000000000 ____D C:\Users\sasch\AppData\Local\Buhl
2023-04-02 11:07 - 2020-09-06 09:48 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH
2023-04-02 11:06 - 2020-09-06 09:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-04-02 11:06 - 2020-09-06 09:58 - 000000000 ____D C:\Program Files (x86)\WISO
2023-04-02 10:10 - 2021-03-27 10:48 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-04-02 07:30 - 2021-12-25 12:57 - 000000000 ____D C:\Program Files\ASUS
2023-04-02 07:28 - 2020-08-29 20:59 - 000000000 ____D C:\Users\sasch\AppData\Local\D3DSCache
2023-04-01 20:07 - 2023-01-17 08:10 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-01 20:07 - 2020-09-06 08:14 - 000002279 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-04-01 20:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-01 20:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-04-01 06:25 - 2022-06-20 18:16 - 000002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-01 06:25 - 2021-12-11 19:49 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-398375125-1413370495-1598437943-1001
2023-04-01 06:25 - 2021-06-18 17:32 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-04-01 06:25 - 2021-03-27 10:52 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-03-31 08:40 - 2022-08-20 06:33 - 000005718 _____ C:\GetDeviceStatus.xml
2023-03-30 19:51 - 2020-10-28 19:28 - 000000000 ____D C:\Users\sasch\AppData\Local\GoToMeeting
2023-03-30 16:01 - 2022-09-01 15:46 - 000005233 _____ C:\GetDeviceCap.xml
2023-03-30 16:01 - 2021-12-21 19:46 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-03-28 16:33 - 2020-08-29 09:32 - 000000000 ____D C:\Users\sasch\AppData\Local\Packages
2023-03-28 07:47 - 2020-08-29 09:25 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-03-27 20:41 - 2021-12-23 17:34 - 000004234 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1640273637
2023-03-27 20:41 - 2021-12-23 17:33 - 000001482 _____ C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2023-03-27 06:58 - 2021-03-27 10:48 - 000451104 _____ C:\Windows\system32\FNTCACHE.DAT
2023-03-27 06:58 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-03-26 15:25 - 2020-08-29 09:39 - 000000000 ____D C:\ProgramData\Package Cache
2023-03-26 11:16 - 2022-09-04 21:11 - 000000550 _____ C:\QueryAllDevice.xml
2023-03-25 12:50 - 2020-10-22 20:10 - 000000000 ____D C:\Users\sasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-03-25 12:34 - 2020-08-29 09:38 - 000000000 ____D C:\Users\sasch\AppData\Local\AMD
2023-03-25 11:43 - 2022-06-19 18:28 - 000000000 ____D C:\ProgramData\AMD
2023-03-25 11:43 - 2022-06-19 18:26 - 000003152 _____ C:\Windows\system32\Tasks\StartCN
2023-03-25 11:43 - 2022-06-19 18:26 - 000003072 _____ C:\Windows\system32\Tasks\StartDVR
2023-03-25 11:43 - 2021-10-08 16:20 - 000000000 ____D C:\Windows\system32\AMD
2023-03-25 11:43 - 2020-08-29 09:38 - 000000000 ____D C:\Program Files\AMD
2023-03-25 11:42 - 2021-05-13 20:49 - 000000000 ____D C:\Program Files (x86)\AMD
2023-03-25 11:40 - 2020-08-29 09:38 - 000000000 ____D C:\AMD
2023-03-25 11:38 - 2021-10-08 16:16 - 000000000 ____D C:\Users\sasch\AppData\Local\AMD_Common
2023-03-25 11:36 - 2022-09-16 20:43 - 000000000 ____D C:\Users\sasch\AppData\Local\Ubisoft Game Launcher
2023-03-25 11:36 - 2021-11-19 14:01 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2023-03-25 11:36 - 2020-08-29 12:37 - 000000000 ____D C:\Program Files (x86)\Origin Games
2023-03-24 16:09 - 2022-10-12 08:31 - 000002078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-03-24 16:09 - 2022-10-12 08:31 - 000002066 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-03-24 16:09 - 2021-03-27 10:52 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-03-23 21:00 - 2020-08-29 12:12 - 000000000 ____D C:\Program Files\Microsoft Office
2023-03-22 18:51 - 2022-06-19 18:24 - 000459640 _____ C:\Windows\SysWOW64\GameManager32.dll
2023-03-22 18:51 - 2022-06-19 18:24 - 000043744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2023-03-22 18:49 - 2022-06-19 18:24 - 002028368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2023-03-22 18:49 - 2022-06-19 18:24 - 001547600 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2023-03-22 18:42 - 2022-06-19 18:24 - 000231736 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2023-03-22 18:42 - 2022-06-19 18:24 - 000187456 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2023-03-22 07:30 - 2022-10-21 14:01 - 000079352 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-03-22 07:30 - 2022-10-21 14:01 - 000062928 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-03-22 07:30 - 2021-11-18 20:21 - 000165328 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-03-22 07:30 - 2020-08-30 14:19 - 002786768 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-03-22 07:30 - 2020-08-30 14:19 - 000476624 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-03-22 07:30 - 2020-08-30 14:19 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2023-03-22 07:30 - 2020-08-30 14:19 - 000202192 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-03-22 07:30 - 2020-08-30 14:19 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-03-22 07:22 - 2021-03-27 10:52 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-22 07:22 - 2021-03-27 10:52 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-20 14:53 - 2021-10-17 17:13 - 000000000 ____D C:\Users\sasch\AppData\Local\ElevatedDiagnostics
2023-03-16 07:46 - 2022-09-04 21:11 - 000000228 _____ C:\SetMatrixLEDScript.xml
2023-03-15 07:28 - 2022-06-19 18:26 - 003031136 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe
2023-03-14 21:50 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-14 21:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-03-14 21:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-03-14 21:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-03-14 21:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-03-14 21:48 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-03-14 21:47 - 2021-03-27 10:48 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-03-14 21:43 - 2020-08-29 20:46 - 000000000 ____D C:\Windows\system32\MRT
2023-03-14 21:43 - 2020-08-29 12:34 - 000000000 ____D C:\Program Files (x86)\Origin
2023-03-14 21:43 - 2020-08-29 12:33 - 000000000 ____D C:\ProgramData\Origin
2023-03-14 21:41 - 2020-08-29 20:46 - 153620824 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-03-14 19:08 - 2020-08-29 11:16 - 000000000 ____D C:\ProgramData\Packages
2023-03-12 22:26 - 2021-03-27 10:49 - 000000000 ____D C:\Users\sasch
2023-03-11 17:06 - 2022-09-25 14:50 - 000000000 ____D C:\Users\sasch\OneDrive\Dokumente\My Games
2023-03-08 15:28 - 2021-12-25 12:54 - 000000000 ____D C:\Program Files (x86)\ASUS
2023-03-05 11:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-12-31 22:57 - 2020-12-31 22:57 - 000006656 _____ () C:\Users\sasch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ======================== |