Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Diskussionsforum (https://www.trojaner-board.de/diskussionsforum/)
-   -   Eingehende Verbindung mit svchost.exe (Malewarebytes ) (https://www.trojaner-board.de/209260-eingehende-verbindung-svchost-exe-malewarebytes.html)

Ghost_Induct 28.04.2024 21:47
Eingehende Verbindung mit svchost.exe (Malewarebytes )
 
Hallo zusammen,

ich bekomme immer wieder von Malewarebytes folgende Meldung:

HTML-Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Datum des Schutzereignisses: 28.04.2024
Uhrzeit des Schutzereignisses: 22:42
Protokolldatei: c822b420-059f-11ef-ab31-6c2408d1cfeb.json

-Softwaredaten-
Version: 5.1.3.110
Komponentenversion: 1.0.1219
Version des Aktualisierungspakets: 1.0.84000
Lizenz: Premium

-Systemdaten-
Betriebssystem: Windows 11 (Build 22631.3527)
CPU: x64
Dateisystem: NTFS
Benutzer: System

-Einzelheiten zu blockierten Websites-
Bösartige Website: 1
, C:\Windows\System32\svchost.exe, Blockiert, -1, -1, 0.0.0, ,

-Website-Daten-
Kategorie: Compromised
Domäne:
IP-Adresse: 210.245.120.108
Port: 3389
Typ: Eingehend
Datei: C:\Windows\System32\svchost.exe



(end)
Avira und Malewarebytes meckern aber nicht beim Scannen der Datei.

Es ist nur Malewarebytes das mir das anzeigt.

Virustotal hat auch nichts angezeigt.

Hab die IP mal Lokalisiert und gesehen das es Vietnam ist.....scheiße was und wie hab ich mir da eingefangen?

Ich hoffe ihr könnt mir helfen.

cosinus 29.04.2024 08:24
FRST-Logs fehlen...

Ghost_Induct 29.04.2024 08:54
Sry hab ich vergessen.
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
durchgeführt von ghost (Administrator) auf LENOVO-LEGION (LENOVO 82NW) (28-04-2024 23:12:45)
Gestartet von D:\Multimedia\Downloads\FRST64.exe
Geladene Profile: ghost
Plattform: Microsoft Windows 11 Pro Version 23H2 22631.3527 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\Adguard.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(A-Volute SAS -> A-Volute) C:\Users\ghost\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\ClipboardFusion\ClipboardFusion.exe
(Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusion.exe
(Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\TrayStatus\TrayStatus.exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\AMD\ANR\AMDNoiseSuppression.exe
(C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
(C:\Program Files\DisplayFusion\DisplayFusion.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionHookApp32.exe
(C:\Program Files\DisplayFusion\DisplayFusion.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionHookApp64.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> com.logitech) C:\ProgramData\Logishrd\LogiOptionsPlus\logi_ai_prompt_builder\LogiAiPromptBuilder.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (DroidMonkey Apps, LLC -> ) C:\Program Files\KeePassXC\keepassxc-proxy.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2311.40000.5.0_x64__8wekyb3d8bbwe\WsaClient\WsaClient.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2311.40000.5.0_x64__8wekyb3d8bbwe\WSACrashUploader\WSACrashUploader.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe <6>
(C:\ProgramData\Logishrd\LogiOptionsPlus\logi_ai_prompt_builder\LogiAiPromptBuilder.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\msedgewebview2.exe <6>
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\FnHotkeyCapsLKNumLK.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0402338.inf_amd64_d4de815aa579b06a\B402197\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402338.inf_amd64_d4de815aa579b06a\B402197\atieclxx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <22>
(services.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\AdguardSvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0402338.inf_amd64_d4de815aa579b06a\B402197\atiesrxx.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionService.exe
(services.exe ->) (CODE SECTOR PTY LTD -> ) C:\Program Files\TeraCopy\TeraCopyService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(services.exe ->) (GuinpinSoft inc) [Datei ist nicht signiert] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\LenovoUtilityService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2311.40000.5.0_x64__8wekyb3d8bbwe\WsaService\WsaService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(services.exe ->) (O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_699082c7b7897e92\RtkAudUService64.exe <2>
(services.exe ->) (VMware Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2311.40000.5.0_x64__8wekyb3d8bbwe\WsaClient\WsaClient.exe
(svchost.exe ->) (21E1B422-257A-44A2-9C8F-379165856473 -> ) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.10.1.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(svchost.exe ->) (QNAP Systems, Inc. -> ) C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
(vmcompute.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\vmwp.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
konnte nicht auf den Prozess zugreifen -> vmmemWSA

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_699082c7b7897e92\RtkAudUService64.exe [1618808 2022-11-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [OODITRAY.EXE] => C:\Program Files\OO Software\DiskImage\ooditray.exe [8070928 2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adguard] => C:\Program Files\AdGuard\Adguard.exe [7180504 2024-04-19] (Adguard Software Limited -> Adguard Software Limited)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951048 2021-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114112 2024-02-12] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QfinderPro] => C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe [6498128 2024-01-24] (QNAP Systems, Inc. -> QNAP)
HKLM-x32\...\Run: [Avira Security startup helper] => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259040 2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Installer\setup.exe [7136720 2024-04-28] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [] => [X]
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [DAEMON Tools Ultra Automount] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [583264 2024-02-28] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45380000 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [DisplayFusion] => C:\Program Files\DisplayFusion\DisplayFusion.exe [335320 2023-10-05] (Binary Fortress Software Ltd -> Binary Fortress Software)
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [TrayStatus] => C:\Program Files\TrayStatus\TrayStatus.exe [314320 2023-09-01] (Binary Fortress Software Ltd -> Binary Fortress Software)
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [145336 2023-08-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Run: [ClipboardFusion] => C:\Program Files\ClipboardFusion\ClipboardFusion.exe [311768 2023-09-01] (Binary Fortress Software Ltd -> Binary Fortress Software)
HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Policies\system: [shell] explorer.exe <==== ACHTUNG
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Windows x64\Print Processors\us016PC: C:\Windows\System32\spool\prtprocs\x64\us016pc.dll [61736 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\us016 Langmon: C:\WINDOWS\system32\us016lm.dll [40744 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\124.0.6367.92\Installer\chrmstp.exe [2024-04-26] (Google LLC -> Google LLC)
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {59F78804-8E60-45C9-AB24-9CC4F48BD513} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {47A87E9D-175B-4340-9E72-7F4D14E43EB9} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {23E767E5-070F-49D1-B16A-770051AD1124} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183512 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {1F1D5DA9-AAA1-42B8-95CF-EAF6CB673DA8} - System32\Tasks\AMDScoSupportTypeUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E8635269-7BAD-4B63-8688-8EF3AE43EB4B} - System32\Tasks\Avira\System Speedup\Delayed Startup\ghost\1 => C:\Program Files\KeePassXC\KeePassXC.exe [5480656 2024-03-09] (DroidMonkey Apps, LLC -> KeePassXC Team)
Task: {B435AC21-67E0-44B7-B627-6429CDF0404C} - System32\Tasks\Avira\System Speedup\SecurityTestScheduler => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259040 2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {4F12227F-6A34-412F-93E5-E42407164EBE} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\System32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {1135264D-1FF2-4F86-B7FE-3765B8B945D8} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {1135264D-1FF2-4F86-B7FE-3765B8B945D8} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {1135264D-1FF2-4F86-B7FE-3765B8B945D8} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {003B7E78-8EA3-41A6-89AC-A65F42C2A756} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259040 2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {21A0BE17-BFA7-41C9-A848-B89983BD0835} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1775072 2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {03C60F47-4959-4FD3-8D6A-52982A5CB6A2} - System32\Tasks\Avira_Security_Update => C:\Windows\System32\net.exe [81920 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {D0F97725-4E32-4265-B089-7250B291D695} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [36867040 2024-04-28] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {824EAC5E-FD66-43A8-99B8-3D9518E573F2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E6C41D01-8537-4651-A3D4-9643CB545D00} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "9b4bed59-fe04-4433-9157-2976f6e02612" --version "6.23.11010" --silent
Task: {EFA17480-555F-461B-BC00-22048E470F8B} - System32\Tasks\CCleanerSkipUAC - ghost => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9E7443A6-F7A6-4D40-8049-2010F76D71B4} - System32\Tasks\eM Client Database Backup (S-1-5-21-636087272-42344311-1300616916-1001) => C:\Program Files (x86)\eM Client\MailClient.exe [263760 2023-10-10] (eM Client s.r.o. -> eM Client s.r.o.)
Task: {FBC2EAF5-8B33-48EF-A5A0-CF8EA0A4778D} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6425.0{793F9EAD-C7B1-4A59-A94B-E330BDD6AB03} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC)
Task: {F9ACEAB8-B8A9-4F58-A8FB-F38DC9937E2E} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [1741136 2024-01-24] (QNAP Systems, Inc. -> )
Task: {EF9711D8-C7F3-4EAE-9F1B-D89459B659DC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {BE33A794-1062-4DCF-8EA5-E82B16D8050C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {19C0047F-346A-4B7E-8B26-1C7B6FB5426E} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [102400 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {CFDADDE2-20DC-4751-A70F-E8BF62E03286} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6ba878d8-bb95-4b93-9180-33b40e9a0b16 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {31475E0D-3E2B-4E52-956F-C7940CA458B2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8776f4d1-fb5d-4362-9642-f6ea8336c339 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {B8582CC2-72D2-4F53-9BE3-7CCC11E62946} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ac430654-2ee5-4e64-aa3d-eb69171c43c5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {FEC87B5F-40A9-44A2-A80D-85ABBDF3B9DF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b185c72d-cc15-476c-8ade-91f4adedf0d3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {8F5A3CC0-89C9-4EEA-B933-300A137EBCE2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e409663f-8cb9-4824-b48c-7079dff95852 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {05E97E01-3FE1-416E-A6BB-D028F50A0DAF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-636087272-42344311-1300616916-1001 => C:\Users\ghost\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2024-04-15] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {14C4AD13-1FB6-4D43-BF32-8F1644F88A66} - System32\Tasks\Lenovo\LenovoNowLauncher => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.exe [1634728 2024-01-26] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/task
Task: {0C18AD9B-5692-429B-A32D-A327E95342FF} - System32\Tasks\Lenovo\LenovoNowQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [1522088 2024-01-26] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/QuarterlyLaunch
Task: {EC86254A-9273-470C-B969-33E332F9A201} - System32\Tasks\Lenovo\LenovoNowTask => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [1522088 2024-01-26] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\$(EventData)
Task: {5C8C9574-4D1E-4C6D-988D-DEF98F130977} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
Task: {D12E4CC4-A586-4884-8631-70AE1DA2C827} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90600 2023-11-02] (Lenovo -> Lenovo Group Ltd.) -> C:\windows\system32\drivers\Lenovo\udc\Service\/onidle
Task: {26E677A9-A286-4B55-8E48-19DBDC16D209} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [185312 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
Task: {834F72D4-E8F5-4954-9931-05838C20CE55} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {1BA74BA4-BBBA-4C42-AC67-4DD914D53FA2} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {79767E76-A251-48AC-A6A4-EAC7CA7ECFCE} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {AFD1C4F8-38D2-4B4B-BEC2-254A84032D5A} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {ECB39FFD-CEBC-4298-893C-D7B2D3C4FA6B} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {88CAE79D-3EE9-4F4C-968C-23A416AEAE2C} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {44716DFF-9989-4892-8C80-72122E73C533} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {2EFB2304-AA11-4A87-867D-337483C054B6} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {AB43F284-09EA-4615-9FDC-84003D85DC4E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {6A41BBC2-8547-4E76-BF25-9B25315BF6E0} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {4151EE70-3D67-48E1-9041-73C669831213} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {B88BF42B-1449-4426-B8E7-443A6F257949} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {08F7638E-C460-4973-8107-34696C32EAE9} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {76E686C2-0C5D-488E-94E1-8DB946649F4B} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\uninstall.exe [365024 2024-03-03] (Lenovo -> Lenovo)
Task: {FBB0FC33-4283-4B25-BA54-FD3F31BD429F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28438712 2024-04-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C12D0511-B5E8-44D6-8F8C-3E965A95D9FB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28438712 2024-04-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {8256EC7B-1BAC-4E1D-9F67-44C0870EE071} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {387246FF-B9D6-49FA-95B1-71BE38001BE9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {783A6548-B471-4A64-9CD3-E314DE519C56} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168928 2024-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6956F840-9B43-44DA-8397-26806E3CD8AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C7C960E-DA9E-45CF-80C5-871B49AFEE7E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B914ED59-58D7-4CE9-99EF-79F38A44388A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {897253B3-3E74-499B-8BDD-28CE13F22AC3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1363BA69-55FE-4D54-A102-11661E5C3EFE} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {1CB88CA2-B510-43FB-BC96-49C0D27E458C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-04-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {FD7A3C32-9AA4-4137-95C5-2C6E712D5129} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-636087272-42344311-1300616916-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-04-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {F7C2DAB7-A7DC-4BF0-8BFD-29134C26C3DF} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [844400 2023-04-13] (A-Volute SAS -> Nahimic)
Task: {BFFE0F41-87E5-44DE-8832-6BFA0C5B4B07} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1105520 2023-04-13] (A-Volute SAS -> Nahimic)
Task: {AB36A674-F7D7-48C7-9785-21CEB45BF06D} - System32\Tasks\NahimicTask32 => C:\Windows\System32\..\SysWOW64\NahimicSvc32.exe [844400 ] (A-Volute SAS -> Nahimic)
Task: {E754E7F1-0CA3-446C-BC14-B65B7C576694} - System32\Tasks\NahimicTask64 => C:\Windows\System32\.\NahimicSvc64.exe [1105520 ] (A-Volute SAS -> Nahimic)
Task: {5D85DFAA-ED16-4A5C-A58F-2B27C37BC7FF} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-11-22] () [Datei ist nicht signiert]
Task: {8C801541-6DCB-48C9-9949-53EC43E1EC6D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4207120 2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {4776AF02-37FB-4BCA-94D6-6A0A1A538C56} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-636087272-42344311-1300616916-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4207120 2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {387D88B2-EE2D-4609-B9AE-B74B59356F42} - System32\Tasks\OO DiskImage {8291e112-6f26-445b-b2ff-37a616ae81ad} => C:\Program Files\OO Software\DiskImage\oodiag.exe [13084432 2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
Task: {C31A328E-07E8-4F60-8F42-CC51CD212E81} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60120 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {5F06D504-CD78-4775-B9E7-678F0E38B0EB} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [323800 2024-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4f2bd305-e8aa-426a-b034-e7810bdd27ab}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4f2bd305-e8aa-426a-b034-e7810bdd27ab}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{4f2bd305-e8aa-426a-b034-e7810bdd27ab}\64259445A51224F68702735323030244D4: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4f2bd305-e8aa-426a-b034-e7810bdd27ab}\64259445A51224F68702735323030244D4: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{4f2bd305-e8aa-426a-b034-e7810bdd27ab}\64259445A51224F68702735393030255A502537486A7: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4f2bd305-e8aa-426a-b034-e7810bdd27ab}\64259445A51224F68702735393030255A502537486A7: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{f0b04d73-8082-4e49-b700-36baf60d1602}: [DhcpNameServer] 150.204.1.2

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-28]
Edge HomePage: Default -> hxxps://www.bing.com/?/ai
Edge StartupUrls: Default -> "hxxps://www.msn.com/de-de/feed"
Edge DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=U549DF&PC=U549&q={searchTerms}
Edge Extension: (Google Übersetzer) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-01-10]
Edge Extension: (Password Manager SafeInCloud) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bfilcmnckjfhldbbkaeofghnhpbehipd [2024-01-10]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-04-10]
Edge Extension: (AdGuard Browser-Assistent) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\calilkfbhgibagenlbchfbiafnacldki [2024-03-28]
Edge Extension: (Avira Password Manager) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2024-02-28]
Edge Extension: (Turn Off the Lights) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fmamkbgpnienhphflfdamlhnljffjdgm [2023-12-09]
Edge Extension: (Google Docs Offline) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
Edge Extension: (Xbox New Tab) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gipflfpkiocnigbpalofdghmpeigegah [2023-12-09]
Edge Extension: (Auto Refresh Plus | Page Monitor) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hgeljhfekpckiiplhkigfehkdpldcggm [2024-01-10]
Edge Extension: (AdBlocker for YouTube™) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\higmhbckajbkjohakkmnlemnekmmhicp [2024-03-01]
Edge Extension: (Dark Reader) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ifoakfbpdcdoeenechcleahebpibofpc [2024-04-11]
Edge Extension: (Tampermonkey) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iikmkjmpaadaobahmlepeloendndfphd [2024-04-10]
Edge Extension: (ChatGPT for Google) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jgjaeacdkonaoafenlfkkkmbaopkbilf [2024-04-28]
Edge Extension: (Edge relevant text changes) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Microsoft Power Automate) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kagpabjoboikccfdghpdlaaopmgpgfdc [2024-02-28]
Edge Extension: (Adblocker für Youtube™) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nipggfgilmoiofmnkbeabghbcaohmjih [2024-03-27]
Edge Extension: (Autofill) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk [2024-02-15]
Edge Extension: (uBlock Origin) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2024-04-10]
Edge Extension: (I don't care about cookies) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oholpbloipjbbhlhohaebmieiiieioal [2023-12-09]
Edge Extension: (SABconnect++) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod [2024-04-28]
Edge Extension: (KeePassXC-Browser) - C:\Users\ghost\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffhmdngciaglkoonimfcmckehcpafo [2024-04-04]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]

FireFox:
========
FF DefaultProfile: eiueytob.default
FF ProfilePath: C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\eiueytob.default [2024-03-30]
FF ProfilePath: C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release [2024-04-28]
FF Homepage: Mozilla\Firefox\Profiles\ixn01s7u.default-release -> hxxps://www.google.com/?ptid=19027681&ptt=8&fpts=0
FF Extension: (Dark Reader) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\addon@darkreader.org.xpi [2024-04-15]
FF Extension: (2FAS - Two Factor Authentication) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\admin@2fas.com.xpi [2024-04-07]
FF Extension: (AdGuard Browser-Assistent) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\browserassistant@adguard.com.xpi [2024-03-28]
FF Extension: (GNOME Shell-Integration) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\chrome-gnome-shell@gnome.org.xpi [2023-12-10]
FF Extension: (Enhancer for YouTube™) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2024-04-26]
FF Extension: (FoxyTab) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\foxytab@eros.man.xpi [2023-12-10]
FF Extension: (GSConnect) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\gsconnect@andyholmes.github.io.xpi [2023-12-10]
FF Extension: (ProxTube) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\ich@maltegoetz.de.xpi [2023-12-10]
FF Extension: (To Google Translate) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2023-12-10]
FF Extension: (I don't care about cookies) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-12-10]
FF Extension: (KeePassXC-Browser) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\keepassxc-browser@keepassxc.org.xpi [2024-04-02]
FF Extension: (Plasma Integration) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\plasma-browser-integration@kde.org.xpi [2023-12-10]
FF Extension: (Download Manager (S3)) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\s3download@statusbar.xpi [2023-12-10]
FF Extension: (SponsorBlock für YouTube – Überspringe gesponserte Videosegmente) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\sponsorBlocker@ajay.app.xpi [2024-03-22]
FF Extension: (Turn Off the Lights) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\stefanvandamme@stefanvd.net.xpi [2024-03-01]
FF Extension: (Kein Name) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\tranquility@ushnisha.com.xpi [2023-12-10]
FF Extension: (uBlock Origin) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\uBlock0@raymondhill.net.xpi [2024-04-10]
FF Extension: (Privacy Possum) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\woop-NoopscooPsnSXQ@jetpack.xpi [2023-12-10]
FF Extension: (حسون) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{1af8a7ba-9a9b-4c9e-a37c-a9ee9f437456}.xpi [2023-12-10]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-04-16]
FF Extension: (Anonymous - I am free) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{283b426b-78c2-48cf-8cd7-8d3fa4dc101f}.xpi [2023-12-10]
FF Extension: (Sahara Sand) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{2ddbcb89-c6c1-4c0e-a146-21ba9bcd99ef}.xpi [2023-12-10]
FF Extension: (Search by Image) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{2e5ff8c8-32fe-46d0-9fc8-6b8986621f3c}.xpi [2024-02-21]
FF Extension: (Sidebery) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{3c078156-979c-498b-8990-85f7987dd929}.xpi [2024-03-12]
FF Extension: (Image Search Options) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{4a313247-8330-4a81-948e-b79936516f78}.xpi [2023-12-10]
FF Extension: (SingleFile) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{531906d3-e22f-4a6c-a102-8057b88a1a63}.xpi [2024-04-19]
FF Extension: (Groovy Blue) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{6149213c-39c0-4bad-8ffa-f0bff06e96f8}.xpi [2023-12-10]
FF Extension: (Audio Equalizer) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{63d150c4-394c-4275-bc32-c464e76a891c}.xpi [2023-12-10]
FF Extension: (Black Shine) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{66c3310d-738e-4975-806f-c2c5952d55c7}.xpi [2023-12-10]
FF Extension: (NoScript) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2024-02-21]
FF Extension: (YouTube High Definition) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2023-12-10]
FF Extension: (alike03's Subscription Info on Steam) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{7d7241f8-5541-4ab7-9c8a-ad15bd3aa4c7}.xpi [2024-04-15]
FF Extension: (NZB Unity) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{96586e48-b9a2-45dd-b1a1-54fa85a97c91}.xpi [2023-12-10]
FF Extension: (Feedbro) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{a9c2ad37-e940-4892-8dce-cd73c6cbbc0c}.xpi [2024-03-28]
FF Extension: (The Solar Eclipse) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{d742d723-c843-413b-89da-56c63162e817}.xpi [2023-12-10]
FF Extension: (DownThemAll!) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2024-02-21]
FF Extension: (Popup Blocker (strict)) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{de22fd49-c9ab-4359-b722-b3febdc3a0b0}.xpi [2024-02-28]
FF Extension: (Foxy Gestures) - C:\Users\ghost\AppData\Roaming\Mozilla\Firefox\Profiles\ixn01s7u.default-release\Extensions\{e839c3f9-298e-4cd0-99e0-464431cb7c34}.xpi [2023-12-10]
FF Plugin: @java.com/DTPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-23] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default [2024-04-28]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Google Übersetzer) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-12-09]
CHR Extension: (Turn Off the Lights) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2023-12-09]
CHR Extension: (Avira Password Manager) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-02-21]
CHR Extension: (Dark Reader) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2024-04-15]
CHR Extension: (I don't care about cookies) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-12-09]
CHR Extension: (Avira Browserschutz) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2024-02-21]
CHR Extension: (Google Docs Offline) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
CHR Extension: (GNOME Shell-Integration) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\gphhapmejobijbbhgpjhcjognlahblep [2024-04-27]
CHR Extension: (Auto Refresh Plus | Page Monitor) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgeljhfekpckiiplhkigfehkdpldcggm [2023-12-09]
CHR Extension: (Similarweb – Traffic-Ranking und Website-Analyse) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2024-04-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-04-12]
CHR Extension: (Chrome Remote Desktop) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2024-04-09]
CHR Extension: (ChatGPT for Google) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjaeacdkonaoafenlfkkkmbaopkbilf [2024-04-27]
CHR Extension: (Autofill) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk [2024-02-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-09]
CHR Extension: (KeePassXC-Browser) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\oboonakemofpalcgghocfoadofidjkkk [2024-04-03]
CHR Extension: (SABconnect++) - C:\Users\ghost\AppData\Local\Google\Chrome\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod [2024-04-24]
CHR Profile: C:\Users\ghost\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-18]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Adguard Service; C:\Program Files\AdGuard\AdguardSvc.exe [806104 2024-04-19] (Adguard Software Limited -> Adguard Software Limited)
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6738360 2024-04-28] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3003584 2024-01-22] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [398816 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [265544 2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [295752 2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
S4 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.5\ABService.exe [1106416 2024-03-12] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe [9728 2024-02-28] (GuinpinSoft inc) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14247904 2024-04-13] (Microsoft Corporation -> Microsoft Corporation)
S4 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [7512672 2024-02-28] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
R2 DisplayFusionService; C:\Program Files\DisplayFusion\DisplayFusionService.exe [335320 2023-10-05] (Binary Fortress Software Ltd -> Binary Fortress Software)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [14991976 2024-04-17] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2023-06-29] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11427672 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11427672 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH)
S4 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncHelper.exe [3507728 2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
S2 GoogleUpdaterInternalService126.0.6425.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6425.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_7d126bda2f653af7\LenovoUtilityService.exe [168776 2024-04-01] (Lenovo -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe [34168 2024-03-03] (Lenovo -> Lenovo)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-01-29] (The Document Foundation -> The Document Foundation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887264 2024-04-26] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\tunnel\MBVpnTunnelService.exe [3073888 2024-02-28] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1930888 2023-04-13] (A-Volute SAS -> Nahimic)
S4 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.070.0407.0003\OneDriveUpdaterService.exe [3848208 2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [13084432 2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3900176 2024-03-12] (O&O Software GmbH -> O&O Software GmbH)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [19145472 2024-04-17] (Logitech Inc -> Logitech, Inc.)
R2 PlexUpdateService; C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe [916248 2024-04-18] (Plex, Inc. -> Plex, Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2024-04-27] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2024-04-27] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeraCopyService.exe; C:\Program Files\TeraCopy\TeraCopyService.exe [317664 2023-06-29] (CODE SECTOR PTY LTD -> )
R2 UDCService; C:\WINDOWS\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72160 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
S3 VmwareAutostartService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-autostart.exe [64960 2024-02-12] (VMware, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [651216 2023-09-11] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
R3 WsaService; C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2311.40000.5.0_x64__8wekyb3d8bbwe\WsaService\WsaService.exe [312832 2024-03-27] (Microsoft Corporation -> )

Ghost_Induct 29.04.2024 09:08
Teil 2 von FRST

Code:
===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [89160 2024-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Limited)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [36736 2023-05-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV20; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [58952 2024-04-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys [113088 2023-04-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0402338.inf_amd64_d4de815aa579b06a\B402197\amdkmdag.sys [100126720 2024-04-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0402263.inf_amd64_1366da2d694c570c\B400781\amdkmdag.sys [106387864 2024-04-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [172928 2024-04-27] (AOMEI International Network Limited -> )
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2023-10-10] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [32176 2024-04-27] (AOMEI International Network Limited -> )
R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [162296 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> RedFox)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [162296 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> RedFox)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [176712 2024-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2024-04-18] (Avira Operations GmbH -> Avira Operations GmbH)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2023-10-10] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2023-05-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [63704 2023-05-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [60784 2023-12-06] (Lenovo -> Lenovo)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218592 2024-02-29] (Microsoft Windows -> Microsoft Corporation)
R2 hcmon; C:\WINDOWS\system32\DRIVERS\hcmon.sys [72144 2023-08-08] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [234312 2024-04-28] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-04-28] (Malwarebytes Inc. -> Malwarebytes)
R3 NahimicBTLink; C:\WINDOWS\System32\drivers\NahimicBTLink.sys [85144 2023-04-13] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85144 2023-04-13] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [115496 2024-04-18] (Avira Operations GmbH -> Avira Operations GmbH)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [77792 2023-10-19] (Nmap Software LLC -> Insecure.Com LLC.)
R0 oodisr; C:\WINDOWS\System32\DRIVERS\oodisr.sys [116888 2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
R0 oodisrh; C:\WINDOWS\System32\DRIVERS\oodisrh.sys [41112 2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
R0 oodivd; C:\WINDOWS\System32\DRIVERS\oodivd.sys [274424 2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
R0 oodivdh; C:\WINDOWS\System32\DRIVERS\oodivdh.sys [60920 2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_92b2eef9fcc25565\rt68cx21x64.sys [779752 2023-12-18] (Realtek Semiconductor Corp. -> Realtek)
R1 rtp1; C:\WINDOWS\System32\DRIVERS\rtp1.sys [411064 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp2; C:\WINDOWS\System32\DRIVERS\rtp2.sys [411064 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28768 2024-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
R3 USBPcap; C:\WINDOWS\system32\DRIVERS\USBPcap.sys [52872 2020-05-22] (Tomasz Moń -> USBPcap)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2024-02-29] (Microsoft Windows -> )
R0 vmci; C:\WINDOWS\System32\drivers\vmci.sys [104888 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [60344 2024-02-12] (VMware, Inc. -> VMware, Inc.)
R3 VMnetAdapter; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [31120 2024-02-12] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [53704 2024-02-12] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R2 VMnetuserif; C:\WINDOWS\system32\DRIVERS\vmnetuserif.sys [30664 2024-02-12] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R2 vmx86; C:\WINDOWS\system32\DRIVERS\vmx86.sys [100776 2024-02-12] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [88976 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2024-02-28] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [33864 2024-02-28] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)
S3 WiseRegNotify; C:\WINDOWS\WiseRegNotify.sys [48472 2024-02-28] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
U4 npcap_wifi; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-04-28 22:15 - 2024-04-28 22:15 - 000000730 _____ C:\Users\ghost\Desktop\Malwarebytes Bericht über blockierte Websites 2024-04-28 194921.txt
2024-04-28 22:15 - 2024-04-28 22:15 - 000000723 _____ C:\Users\ghost\Desktop\Malwarebytes Bericht über blockierte Websites 2024-04-28 161701.txt
2024-04-28 22:06 - 2024-04-28 23:13 - 000000000 ____D C:\FRST
2024-04-28 22:00 - 2024-04-28 22:00 - 000028448 _____ C:\WINDOWS\system32\lc.dat
2024-04-28 21:46 - 2024-04-28 21:46 - 000762024 _____ C:\WINDOWS\system32\perfh007.dat
2024-04-28 21:46 - 2024-04-28 21:46 - 000157682 _____ C:\WINDOWS\system32\perfc007.dat
2024-04-28 21:40 - 2024-04-28 21:40 - 000234312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-04-28 21:40 - 2024-04-28 21:40 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-04-28 18:33 - 2024-04-28 18:33 - 000000000 ____D C:\Program Files\WSL
2024-04-28 18:26 - 2024-04-28 18:26 - 000000000 ____D C:\Program Files\Avira
2024-04-28 18:26 - 2024-04-23 08:51 - 000411064 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp2.sys
2024-04-28 18:26 - 2024-04-23 08:51 - 000411064 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp1.sys
2024-04-28 18:26 - 2024-04-18 09:42 - 000115496 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\netprotection_network_filter.sys
2024-04-28 18:26 - 2024-04-18 09:41 - 000233560 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\BdSentry.sys
2024-04-28 18:23 - 2024-04-28 18:23 - 000067310 _____ C:\Users\ghost\Downloads\bluescreenview.zip
2024-04-28 18:22 - 2024-04-28 18:22 - 000001672 _____ C:\Users\ghost\Downloads\bluescreenview_german.zip
2024-04-28 18:21 - 2024-04-28 18:21 - 000003774 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify
2024-04-28 18:21 - 2024-04-28 18:21 - 000000000 ____D C:\Users\Public\Speedup Sessions
2024-04-28 18:20 - 2024-04-28 18:20 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2024-04-28 18:20 - 2024-04-28 18:20 - 000003708 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater
2024-04-28 18:20 - 2024-04-28 18:20 - 000003480 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2024-04-28 18:20 - 2024-04-28 18:20 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2024-04-28 18:20 - 2024-04-28 18:20 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2024-04-28 18:20 - 2024-04-28 18:20 - 000001157 _____ C:\Users\Public\Desktop\Avira.lnk
2024-04-28 18:11 - 2024-04-28 18:19 - 006738360 _____ (Avira Operations GmbH) C:\Users\ghost\Downloads\avira_de_aps10_3810393873_qlrhcii9dpo4k2snpmvd_wdp.exe
2024-04-28 12:05 - 2024-04-28 12:05 - 000000000 ____D C:\Users\ghost\AppData\Roaming\com.shirogames.evoland
2024-04-28 12:04 - 2024-04-28 12:04 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Macromedia
2024-04-28 11:58 - 2024-04-28 12:00 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Beat Hazard
2024-04-28 11:38 - 2024-04-28 11:39 - 019093186 _____ C:\Users\ghost\Downloads\WM2164.zip
2024-04-28 08:17 - 2024-04-28 08:17 - 000000000 ____D C:\Users\ghost\AppData\Local\Daedalic Entertainment
2024-04-28 07:35 - 2024-04-28 07:35 - 000000000 ____D C:\Users\ghost\AppData\LocalLow\AMD
2024-04-28 07:34 - 2024-04-28 21:39 - 000003114 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2024-04-28 07:34 - 2024-04-28 21:39 - 000003106 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2024-04-28 07:34 - 2024-04-28 07:34 - 000003518 _____ C:\WINDOWS\system32\Tasks\AMDScoSupportTypeUpdate
2024-04-28 07:34 - 2024-04-28 07:34 - 000003484 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2024-04-28 07:34 - 2024-04-28 07:34 - 000002616 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2024-04-28 07:34 - 2024-04-28 07:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2024-04-28 07:33 - 2024-04-28 07:33 - 000003072 _____ C:\WINDOWS\system32\Tasks\StartDVR
2024-04-28 07:33 - 2024-04-28 07:33 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-04-28 07:33 - 2024-04-28 07:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2024-04-28 07:30 - 2024-04-23 18:27 - 002100736 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-04-28 07:30 - 2024-04-23 18:27 - 002100736 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-04-28 07:30 - 2024-04-23 18:27 - 001658992 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-04-28 07:30 - 2024-04-23 18:27 - 001658992 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-04-28 07:30 - 2024-04-23 18:27 - 001465984 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-04-28 07:30 - 2024-04-23 18:27 - 001465984 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 011526256 _____ C:\WINDOWS\system32\amdsmi.exe
2024-04-28 07:30 - 2024-04-23 18:26 - 002221976 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 002130544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 001640960 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 001640960 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 001331536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 001307328 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 001307328 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 001254400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 001055232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 001054296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 000998512 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2024-04-28 07:30 - 2024-04-23 18:26 - 000731248 _____ C:\WINDOWS\system32\hiprt0200064.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 000607744 _____ C:\WINDOWS\system32\GameManager64.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 000535664 _____ C:\WINDOWS\system32\atieah64.exe
2024-04-28 07:30 - 2024-04-23 18:26 - 000502384 _____ C:\WINDOWS\system32\EEURestart.exe
2024-04-28 07:30 - 2024-04-23 18:26 - 000473200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 000460800 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 000404592 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2024-04-28 07:30 - 2024-04-23 18:26 - 000266240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 000226928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 000196208 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 000183920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 000147056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 000138752 _____ C:\WINDOWS\system32\amdxc64.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 000114688 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2024-04-28 07:30 - 2024-04-23 18:26 - 000074864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 105805424 _____ C:\WINDOWS\system32\amd_comgr_2.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 105432688 _____ C:\WINDOWS\system32\amd_comgr.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 089173616 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 018444400 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64_6.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 007559792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 007339520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 000801280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 000678400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 000568432 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 000543344 _____ C:\WINDOWS\system32\dgtrayicon.exe
2024-04-28 07:30 - 2024-04-23 18:25 - 000524912 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 000471048 _____ C:\WINDOWS\system32\amdlogum.exe
2024-04-28 07:30 - 2024-04-23 18:25 - 000432240 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 000389744 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 000360960 _____ C:\WINDOWS\system32\clinfo.exe
2024-04-28 07:30 - 2024-04-23 18:25 - 000176640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 000167248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 000159888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 000145408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 000136688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 000051312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2024-04-28 07:30 - 2024-04-23 18:25 - 000048128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2024-04-28 07:30 - 2024-04-23 18:24 - 021762160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2024-04-28 07:30 - 2024-04-23 18:24 - 001725752 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2024-04-28 07:30 - 2024-04-23 18:24 - 001400208 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2024-04-28 07:30 - 2024-04-23 18:24 - 000567840 _____ C:\WINDOWS\system32\amdmiracast.dll
2024-04-28 07:30 - 2024-04-23 18:24 - 000177056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2024-04-28 07:30 - 2024-04-23 18:24 - 000167136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2024-04-28 07:30 - 2024-04-23 18:24 - 000151200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2024-04-28 07:30 - 2024-04-23 18:24 - 000136576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2024-04-28 07:30 - 2024-04-23 18:24 - 000131472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2024-04-28 07:30 - 2024-04-23 17:44 - 105732976 _____ C:\WINDOWS\system32\amdxc64.so
2024-04-28 07:30 - 2024-04-19 15:40 - 000548968 _____ C:\WINDOWS\system32\libsmi_guest.dll
2024-04-28 07:30 - 2024-04-19 15:40 - 000524288 _____ C:\WINDOWS\system32\libsmi_host.dll
2024-04-28 07:30 - 2024-04-19 15:40 - 000207360 _____ C:\WINDOWS\system32\mantle64.dll
2024-04-28 07:30 - 2024-04-19 15:40 - 000186472 _____ C:\WINDOWS\system32\mantleaxl64.dll
2024-04-28 07:30 - 2024-04-19 15:40 - 000165480 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2024-04-28 07:30 - 2024-04-19 15:40 - 000148992 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2024-04-28 07:30 - 2024-04-19 15:39 - 000210632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2024-04-28 07:30 - 2024-04-19 15:39 - 000187448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2024-04-28 07:30 - 2024-04-19 15:39 - 000174552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2024-04-28 07:30 - 2024-04-19 15:39 - 000157224 _____ C:\WINDOWS\system32\SET2DFE.tmp
2024-04-28 06:59 - 2024-04-28 06:59 - 000000000 ____D C:\Users\ghost\ai_overlay_tmp
2024-04-27 22:41 - 2024-04-27 22:41 - 000000000 ____D C:\Users\ghost\AppData\Local\NVIDIA Corporation
2024-04-27 10:19 - 2024-04-27 10:19 - 000172928 _____ C:\WINDOWS\system32\ammntdrv.sys
2024-04-27 10:19 - 2024-04-27 10:19 - 000032176 _____ C:\WINDOWS\system32\amwrtdrv.sys
2024-04-27 10:19 - 2024-04-27 10:19 - 000000960 _____ C:\Users\Public\Desktop\AOMEI Backupper.lnk
2024-04-27 10:19 - 2024-04-27 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
2024-04-27 10:19 - 2024-04-27 10:19 - 000000000 ____D C:\Program Files (x86)\AOMEI
2024-04-27 10:19 - 2019-05-14 11:28 - 000051120 _____ C:\WINDOWS\system32\ambakdrv.sys
2024-04-27 08:21 - 2024-04-27 08:21 - 000000025 _____ C:\Users\ghost\OneDrive\Dokumente\FMRQPPRTKMH2K727R33THMXWZ.txt
2024-04-26 19:26 - 2024-04-26 19:32 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\Project CARS
2024-04-26 19:26 - 2024-04-26 19:26 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\wmd_symbol_cache
2024-04-26 16:01 - 2024-04-26 16:03 - 000000000 ____D C:\Users\ghost\AppData\Roaming\geany
2024-04-26 15:55 - 2024-04-26 16:03 - 000000000 ____D C:\Program Files\Geany
2024-04-26 15:55 - 2024-04-26 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geany
2024-04-26 15:36 - 2024-04-26 15:36 - 000004166 _____ C:\Users\ghost\OneDrive\Dokumente\DownloadManagerS3.2024.04.26.15.36.32.txt
2024-04-26 10:28 - 2024-04-26 10:28 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\Materialien_zu_Schroedinger_lernt_HTML5_und_CSS
2024-04-25 16:23 - 2024-04-25 16:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-04-25 16:22 - 2024-04-25 16:22 - 000000000 ____D C:\WINDOWS\pss
2024-04-23 15:00 - 2024-04-23 15:00 - 000002100 _____ C:\Users\Public\Desktop\AnyMP4 Blu-ray Player.lnk
2024-04-23 13:51 - 2024-04-23 13:51 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-04-23 11:40 - 2024-04-23 11:40 - 000000000 ____D C:\Users\ghost\AppData\Roaming\FasterThanLight
2024-04-22 21:46 - 2024-04-25 15:39 - 000000128 ___SH C:\WINDOWS\system32\geajqpkwirltyjih.dat
2024-04-22 21:46 - 2024-04-22 21:46 - 000000128 ___SH C:\WINDOWS\system32\cuqkopdfmievdpkq.tbl
2024-04-22 21:45 - 2024-04-22 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo EasyUEFI
2024-04-22 21:45 - 2024-04-22 21:45 - 000000000 ____D C:\Program Files\Hasleo
2024-04-22 13:59 - 2024-04-22 14:03 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Wireshark
2024-04-22 13:57 - 2024-04-24 08:41 - 000624008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-04-22 13:56 - 2024-04-22 13:56 - 000001838 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2024-04-22 13:56 - 2024-04-22 13:56 - 000001826 _____ C:\Users\Public\Desktop\Wireshark.lnk
2024-04-22 13:56 - 2024-04-22 13:56 - 000000000 ____D C:\Program Files\USBPcap
2024-04-22 13:55 - 2024-04-22 13:56 - 000000000 ____D C:\Program Files\Wireshark
2024-04-22 13:55 - 2024-04-22 13:55 - 000003460 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog
2024-04-22 13:55 - 2024-04-22 13:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap
2024-04-22 13:55 - 2024-04-22 13:55 - 000000000 ____D C:\WINDOWS\system32\Npcap
2024-04-22 13:55 - 2024-04-22 13:55 - 000000000 ____D C:\Program Files\Npcap
2024-04-22 11:45 - 2024-04-22 11:45 - 000073300 _____ C:\Users\ghost\OneDrive\Dokumente\invoice_5066544802_20221205_113405_DEU_DEU.pdf
2024-04-22 10:57 - 2024-04-22 10:57 - 000373220 _____ C:\Users\ghost\OneDrive\Dokumente\Rechnung SAMSUNG WD90T534ABWS2 Waschtrockner.pdf
2024-04-22 10:06 - 2024-04-22 10:06 - 000000000 ____D C:\ProgramData\RapidSolution
2024-04-22 09:56 - 2024-04-22 09:56 - 000000000 ____D C:\Users\ghost\AppData\Local\CrashReport
2024-04-22 09:55 - 2024-04-22 10:07 - 000000000 ____D C:\Users\ghost\AppData\Local\Audials
2024-04-22 09:55 - 2024-04-22 10:07 - 000000000 ____D C:\Program Files\Audials
2024-04-22 09:29 - 2024-04-22 09:29 - 000000000 ___HD C:\OneDriveTemp
2024-04-22 09:29 - 2024-04-22 09:29 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\.@__thumb
2024-04-22 09:23 - 2024-04-22 09:23 - 000001236 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2024-04-22 09:22 - 2024-04-22 09:22 - 000000000 ____D C:\Users\ghost\AppData\Roaming\msg data
2024-04-21 14:07 - 2024-04-21 14:07 - 000000000 ____D C:\Users\ghost\AppData\LocalLow\Level 91 Entertainment
2024-04-20 17:23 - 2024-04-20 17:23 - 000000000 ____D C:\Users\ghost\AppData\LocalLow\Square Enix Ltd
2024-04-19 12:46 - 2024-04-19 12:46 - 000000000 ____D C:\Users\ghost\AppData\LocalLow\BetaDwarf ApS
2024-04-19 11:58 - 2024-04-19 11:58 - 000000000 ____D C:\Program Files\ReIcon
2024-04-19 11:55 - 2024-04-19 11:55 - 000001154 _____ C:\Users\ghost\Desktop\TeraCopy.lnk
2024-04-19 11:24 - 2024-04-19 11:24 - 000000000 _____ C:\Users\ghost\OneDrive\Dokumente\XYplorer u. Teracopy.txt
2024-04-18 21:15 - 2024-04-18 21:21 - 000000000 ____D C:\Users\ghost\AppData\Roaming\MiTeC
2024-04-18 21:14 - 2024-04-18 21:14 - 000000000 ____D C:\Users\ghost\Downloads\TMX
2024-04-18 20:10 - 2024-04-18 20:10 - 000000000 ____D C:\Users\ghost\AppData\Local\LenovoServiceBridge
2024-04-18 11:05 - 2024-04-18 12:59 - 000000000 ____D C:\Users\ghost\AppData\Local\MusicBee
2024-04-18 11:04 - 2024-04-18 11:04 - 000001101 _____ C:\Users\ghost\Desktop\MusicBee.lnk
2024-04-18 11:03 - 2024-04-27 08:36 - 000000000 ____D C:\Users\ghost\AppData\Roaming\MusicBee
2024-04-18 11:03 - 2024-04-18 11:03 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
2024-04-18 11:03 - 2024-04-18 11:03 - 000000000 ____D C:\Program Files (x86)\MusicBee
2024-04-18 10:40 - 2024-04-18 10:40 - 000000773 _____ C:\Users\ghost\OneDrive\Dokumente\Malwarebytes Bericht über blockierte Websites 2024-04-18 083935.txt
2024-04-17 21:10 - 2024-04-17 21:10 - 000001999 _____ C:\Users\ghost\Desktop\MediathekView.lnk
2024-04-17 16:00 - 2024-04-17 16:00 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2024-04-17 16:00 - 2024-04-17 16:00 - 000000000 ____D C:\Users\ghost\AppData\Roaming\com.logitech
2024-04-17 16:00 - 2024-04-17 16:00 - 000000000 ____D C:\Users\ghost\AppData\Local\flutter_webview_windows
2024-04-17 16:00 - 2024-04-17 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-04-17 16:00 - 2024-04-17 16:00 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2024-04-17 15:57 - 2024-04-17 16:45 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Wise Uninstaller
2024-04-17 15:57 - 2024-04-17 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Program Uninstaller
2024-04-17 13:04 - 2024-04-28 11:40 - 000000869 _____ C:\Users\Public\Desktop\WinMerge.lnk
2024-04-17 13:04 - 2024-04-28 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge
2024-04-17 13:04 - 2024-04-28 11:40 - 000000000 ____D C:\Program Files\WinMerge
2024-04-17 13:04 - 2024-04-17 13:04 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\WinMerge
2024-04-17 04:00 - 2024-04-17 04:00 - 000873176 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Device.dll
2024-04-17 04:00 - 2024-04-17 04:00 - 000061144 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Platform.dll
2024-04-16 23:04 - 2024-04-16 23:04 - 000058952 _____ (Advanced Micro Devices) C:\WINDOWS\system32\AMDRyzenMasterDriver.sys
2024-04-16 20:10 - 2024-04-16 20:10 - 000376793 _____ C:\Users\ghost\OneDrive\Dokumente\Überweisung Miete März.pdf
2024-04-16 20:10 - 2024-04-16 20:10 - 000376791 _____ C:\Users\ghost\OneDrive\Dokumente\Überweisung Miete April.pdf
2024-04-16 20:09 - 2024-04-16 20:09 - 000376797 _____ C:\Users\ghost\OneDrive\Dokumente\Überweisung Miete Februar.pdf
2024-04-16 15:26 - 2024-04-26 19:25 - 000000128 _____ C:\Users\ghost\AppData\Roaming\winscp.rnd
2024-04-16 15:26 - 2024-04-16 15:26 - 000001351 _____ C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2024-04-16 15:26 - 2024-04-16 15:26 - 000001343 _____ C:\Users\ghost\Desktop\WinSCP.lnk
2024-04-16 15:07 - 2024-04-16 20:19 - 000000128 _____ C:\Users\ghost\AppData\Local\PUTTY.RND
2024-04-16 15:06 - 2024-04-16 15:06 - 000001012 _____ C:\Users\Public\Desktop\PuTTY (64-bit).lnk
2024-04-16 15:06 - 2024-04-16 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
2024-04-16 15:06 - 2024-04-16 15:06 - 000000000 ____D C:\Program Files\PuTTY
2024-04-16 14:48 - 2024-04-16 14:48 - 000000000 ____D C:\Users\Default\AppData\Roaming\Adobe
2024-04-16 09:51 - 2024-04-16 09:51 - 000000000 ____D C:\Users\ghost\AppData\Local\ATI
2024-04-16 09:38 - 2024-04-16 09:38 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Hulubulu
2024-04-16 09:38 - 2024-04-16 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Renamer
2024-04-16 09:38 - 2024-04-16 09:38 - 000000000 ____D C:\Program Files\Advanced Renamer
2024-04-15 22:15 - 2024-04-15 22:15 - 000006094 _____ C:\Users\ghost\OneDrive\Dokumente\FileMenu Settings Backup.ini
2024-04-15 22:07 - 2024-04-15 22:07 - 000006471 _____ C:\Users\ghost\OneDrive\Dokumente\Miete Darlehen.odt
2024-04-15 22:02 - 2024-04-16 20:08 - 000059399 _____ C:\Users\ghost\OneDrive\Dokumente\Darlehen Miete.pdf
2024-04-15 17:29 - 2024-04-15 17:29 - 000000000 ____D C:\ProgramData\delight software gmbh
2024-04-15 16:35 - 2024-04-15 16:35 - 000000000 ___RD C:\Users\ghost\Downloads\BooStudioLLC.TorrexPro_b6e429xa66pga!App
2024-04-15 12:55 - 2024-04-15 12:55 - 000019265 _____ C:\Users\ghost\OneDrive\Dokumente\Möbelliste.pdf
2024-04-14 20:55 - 2024-04-14 20:56 - 081405584 _____ (QNAP SYSTEMS, INC.) C:\Users\ghost\Downloads\QNAPQsyncClientWindows-5.1.4.0129.exe
2024-04-14 13:18 - 2024-04-14 13:18 - 000000000 ____D C:\Program Files\PowerShell
2024-04-14 12:59 - 2024-04-14 12:59 - 010061078 _____ C:\Users\ghost\Downloads\QNAP-TS-464_settings_2024-4-14.bin
2024-04-13 23:37 - 2024-04-13 23:37 - 000000000 ____D C:\Users\ghost\AppData\Local\AMDIdentifyWindow
2024-04-13 17:41 - 2024-04-13 17:41 - 000000017 _____ C:\Users\ghost\AppData\Local\resmon.resmoncfg
2024-04-13 11:15 - 2024-04-13 11:15 - 000000000 ____D C:\Users\ghost\AppData\Local\Downloaded Installations
2024-04-13 11:15 - 2024-04-13 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2024-04-13 06:37 - 2024-04-13 06:37 - 001335296 _____ C:\WINDOWS\system32\config\DEFAULT.rhk
2024-04-13 06:37 - 2024-04-13 06:37 - 000090112 _____ C:\WINDOWS\system32\config\SAM.rhk
2024-04-12 15:25 - 2024-04-27 20:52 - 000002390 ____H C:\Users\ghost\OneDrive\Dokumente\Default.rdp
2024-04-12 08:26 - 2024-04-12 08:26 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\PowerToys
2024-04-12 02:13 - 2024-04-12 02:13 - 000000906 _____ C:\Users\ghost\Desktop\TrayStatus.lnk
2024-04-12 01:28 - 2024-04-12 01:28 - 016322560 _____ C:\Users\ghost\Downloads\Sniffnet_Windows_64-bit.msi
2024-04-12 00:42 - 2024-04-12 00:43 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\PowerShell
2024-04-12 00:42 - 2024-04-12 00:42 - 000000000 ____D C:\Users\ghost\AppData\Roaming\NuGet
2024-04-12 00:40 - 2024-04-12 08:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2024-04-12 00:40 - 2024-04-12 00:41 - 000000000 ____D C:\Program Files\PowerToys
2024-04-12 00:40 - 2024-04-12 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview)
2024-04-11 20:59 - 2024-04-28 21:41 - 000000000 ____D C:\WINDOWS\Minidump
2024-04-11 18:19 - 2024-04-11 18:19 - 000041813 _____ C:\Users\ghost\Downloads\271198292.pdf
2024-04-11 14:03 - 2024-04-11 14:03 - 000000000 ___HD C:\$Windows.~WS
2024-04-11 14:02 - 2024-04-11 14:04 - 000000000 ____D C:\ESD
2024-04-10 18:48 - 2024-04-10 18:48 - 000000000 ____D C:\Users\ghost\AppData\Local\QNAP
2024-04-10 18:48 - 2024-04-10 18:48 - 000000000 ____D C:\Users\ghost\AppData\Local\QfinderPro
2024-04-10 18:47 - 2024-04-10 18:47 - 000003040 _____ C:\WINDOWS\system32\Tasks\iSCSIAgentAutoStartup
2024-04-10 18:47 - 2024-04-10 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QNAP
2024-04-10 18:47 - 2024-04-10 18:47 - 000000000 ____D C:\Program Files (x86)\QNAP
2024-04-09 09:15 - 2024-04-09 09:15 - 000108508 _____ C:\Users\ghost\Downloads\Delato_32x32.theme.rar
2024-04-09 09:10 - 2024-04-09 09:16 - 000002027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2024-04-09 09:10 - 2024-04-09 09:16 - 000001975 _____ C:\Users\Public\Desktop\WinRAR.lnk
2024-04-09 09:10 - 2024-04-09 09:16 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-04-09 09:10 - 2024-04-09 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-04-09 09:10 - 2024-04-09 09:16 - 000000000 ____D C:\Program Files\WinRAR
2024-04-06 22:18 - 2024-04-06 22:21 - 000000169 _____ C:\Users\ghost\AppData\Roaming\BattleBitConfig.ini
2024-04-06 22:18 - 2024-04-06 22:19 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2024-04-06 22:12 - 2024-04-06 22:12 - 000001448 _____ C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Update Viewer.lnk
2024-04-05 18:05 - 2024-04-05 18:05 - 000001427 _____ C:\Users\ghost\Desktop\EA.lnk
2024-04-05 17:23 - 2024-04-26 14:06 - 000000000 ____D C:\ProgramData\EA Desktop
2024-04-05 16:22 - 2024-04-05 16:22 - 007370386 _____ C:\Users\ghost\Downloads\rpc444.zip
2024-04-05 16:15 - 2024-04-05 16:15 - 000008327 _____ C:\Users\ghost\Downloads\stefanrodriguezgaleano@gmail.com-export-2024-04-05-16-15-37.bckey
2024-04-05 16:13 - 2022-05-26 02:17 - 000012544 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbfsevtmsg.dll
2024-04-05 16:13 - 2022-05-26 02:16 - 000282368 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbfsShellHelper20.dll_
2024-04-05 16:13 - 2022-05-26 02:16 - 000226048 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\SysWOW64\cbfsShellHelper20.dll_
2024-04-05 06:43 - 2024-04-17 17:40 - 000000000 ____D C:\Program Files (x86)\WonderFox Soft
2024-04-05 06:43 - 2024-04-05 06:43 - 000000000 ____D C:\Users\ghost\AppData\Roaming\WonderFox Soft
2024-04-04 16:20 - 2024-04-04 16:22 - 000000000 ____D C:\Users\ghost\AppData\Local\Larian Studios
2024-04-04 15:59 - 2024-04-04 15:59 - 000201748 _____ C:\Users\ghost\OneDrive\Dokumente\Mietvertrag Bremen 02 2024 V02.pdf
2024-04-04 15:58 - 2024-04-04 15:58 - 001190734 _____ C:\Users\ghost\OneDrive\Dokumente\Betriebskostenabrechnung SWB 20223.pdf
2024-04-04 15:58 - 2024-04-04 15:58 - 000089281 _____ C:\Users\ghost\OneDrive\Dokumente\Aufforderung zur Mitwirkung.pdf
2024-04-04 09:27 - 2024-04-04 09:27 - 000003992 _____ C:\WINDOWS\system32\Tasks\eM Client Database Backup (S-1-5-21-636087272-42344311-1300616916-1001)
2024-04-03 16:27 - 2024-04-03 16:27 - 000184485 _____ C:\Users\ghost\Downloads\Umsaetze_DE42200400000175188200_EUR_03-04-2024_1627.pdf
2024-04-03 13:38 - 2024-04-26 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2024-04-03 13:38 - 2024-04-26 15:02 - 000000000 ____D C:\Program Files\HWiNFO64
2024-04-03 08:31 - 2024-04-03 08:31 - 000000000 ____D C:\Users\ghost\Downloads\dism-gui-130
2024-04-03 06:40 - 2024-04-03 06:40 - 000000000 ____D C:\Users\ghost\AppData\Roaming\StarMoney64
2024-04-03 06:40 - 2024-04-03 06:40 - 000000000 ____D C:\Users\ghost\AppData\LocalLow\Shield
2024-04-03 06:40 - 2024-04-03 06:40 - 000000000 ____D C:\ProgramData\StarFinanz
2024-04-03 06:38 - 2024-04-03 06:40 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-04-03 05:47 - 2024-04-03 05:47 - 000000000 ____D C:\Users\ghost\AppData\Local\gtk-3.0
2024-04-03 05:45 - 2024-04-03 05:55 - 000000000 ____D C:\Users\ghost\AppData\Roaming\GnuCash
2024-04-03 05:44 - 2024-04-03 05:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash
2024-04-03 05:44 - 2024-04-03 05:44 - 000000000 ____D C:\Program Files (x86)\gnucash
2024-04-03 05:28 - 2024-04-08 19:31 - 000000000 ____D C:\Program Files\simplewall
2024-04-03 05:28 - 2024-04-03 05:28 - 000000888 _____ C:\Users\ghost\Desktop\simplewall.lnk
2024-04-03 05:28 - 2024-04-03 05:28 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\simplewall
2024-04-03 05:28 - 2024-04-03 05:28 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Henry++
2024-04-03 03:42 - 2024-04-22 21:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-04-03 03:24 - 2024-04-27 22:41 - 000000000 ____D C:\Users\ghost\AppData\Local\UnrealEngine
2024-04-03 03:24 - 2024-04-03 03:24 - 000000000 ____D C:\Users\ghost\AppData\Local\Tempest
2024-03-31 05:24 - 2024-04-01 18:19 - 000000000 ____D C:\Users\ghost\AppData\Local\Ubisoft Game Launcher
2024-03-31 05:24 - 2024-03-31 05:24 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2024-03-31 05:24 - 2024-03-31 05:24 - 000000000 ____D C:\ProgramData\Ubisoft
2024-03-31 05:24 - 2024-03-31 05:24 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2024-03-30 16:32 - 2024-03-30 16:32 - 000000000 ____D C:\Users\ghost\AppData\Local\bunkus.org
2024-03-30 16:31 - 2024-03-30 16:31 - 000000000 ____D C:\Users\ghost\AppData\Roaming\HandBrake
2024-03-30 16:04 - 2024-03-30 16:05 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\ZombieDriverHD
2024-03-29 15:58 - 2024-03-29 15:58 - 000000000 ____D C:\Users\ghost\AppData\Local\STAR WARS Battlefront II
2024-03-29 05:27 - 2024-04-13 06:37 - 112492544 _____ C:\WINDOWS\system32\config\SOFTWARE.rhk
2024-03-29 05:27 - 2024-04-13 06:37 - 008790016 _____ C:\Users\ghost\NTUSER.rhk
2024-03-29 05:27 - 2024-04-13 06:37 - 000053248 _____ C:\WINDOWS\system32\config\SECURITY.rhk
2024-03-29 05:23 - 2024-03-29 05:23 - 000000000 ____D C:\Users\ghost\AppData\Roaming\WiseUpdate

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-04-28 23:03 - 2024-02-15 21:04 - 000000000 ____D C:\ProgramData\Adguard
2024-04-28 22:57 - 2023-12-10 21:24 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-04-28 22:48 - 2024-02-28 19:52 - 000000000 ____D C:\Users\ghost\AppData\Local\Malwarebytes
2024-04-28 22:42 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-28 22:42 - 2023-12-09 04:28 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-28 22:38 - 2024-02-29 12:47 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Notepad++
2024-04-28 22:38 - 2024-02-28 17:45 - 000000000 ____D C:\Program Files (x86)\Steam
2024-04-28 22:37 - 2023-12-11 04:08 - 000000000 ____D C:\Users\ghost\AppData\Local\CrashDumps
2024-04-28 22:36 - 2024-03-01 15:49 - 000000000 ____D C:\Program Files\CCleaner
2024-04-28 22:32 - 2024-02-28 17:39 - 000000000 ____D C:\Users\ghost\AppData\Roaming\eM Client
2024-04-28 22:03 - 2024-02-28 22:03 - 000000000 ____D C:\ProgramData\SecTaskMan
2024-04-28 22:00 - 2023-12-09 04:49 - 000000000 ____D C:\Users\ghost\AppData\Local\D3DSCache
2024-04-28 21:46 - 2024-02-29 19:57 - 000000000 ____D C:\Users\ghost\AppData\Roaming\VidCoder
2024-04-28 21:46 - 2023-12-09 04:47 - 001759482 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-04-28 21:46 - 2023-12-09 04:27 - 000000000 ____D C:\WINDOWS\INF
2024-04-28 21:43 - 2024-02-29 19:58 - 000000000 ____D C:\Users\ghost\AppData\Local\IsolatedStorage
2024-04-28 21:43 - 2024-02-28 14:15 - 000000000 ____D C:\Users\ghost\AppData\Local\KeePassXC
2024-04-28 21:40 - 2024-02-29 16:15 - 000000442 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2024-04-28 21:39 - 2024-02-28 17:27 - 000000000 ____D C:\ProgramData\VMware
2024-04-28 21:39 - 2024-02-21 14:14 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-04-28 21:39 - 2024-02-15 21:06 - 000000000 ____D C:\Program Files\AdGuard
2024-04-28 21:39 - 2023-12-09 04:54 - 000000000 ____D C:\Users\ghost\AppData\Local\LogiOptionsPlus
2024-04-28 21:39 - 2023-12-09 04:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-04-28 21:39 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\ServiceState
2024-04-28 21:39 - 2021-09-29 23:08 - 000012288 ___SH C:\DumpStack.log.tmp
2024-04-28 21:03 - 2024-02-21 14:17 - 005694160 _____ C:\WINDOWS\system32\rtp.db
2024-04-28 21:03 - 2023-12-09 04:25 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-04-28 20:59 - 2023-05-30 11:48 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\eM Client
2024-04-28 20:16 - 2024-02-29 12:29 - 000012627 _____ C:\WINDOWS\storelibdebug.txt
2024-04-28 18:42 - 2024-02-21 14:18 - 000000000 ____D C:\Users\Public\Security Sessions
2024-04-28 18:33 - 2024-02-29 15:57 - 000002599 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSL.lnk
2024-04-28 18:33 - 2023-12-09 04:47 - 000000000 ____D C:\Users\ghost\AppData\Local\Packages
2024-04-28 18:33 - 2023-12-09 04:47 - 000000000 ____D C:\ProgramData\Packages
2024-04-28 18:33 - 2023-12-09 04:28 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-28 18:33 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-28 18:27 - 2024-02-29 15:13 - 000001495 _____ C:\Users\ghost\Desktop\PowerShell 7 (x64).lnk
2024-04-28 18:26 - 2024-02-21 14:16 - 000000000 ____D C:\ProgramData\Avira
2024-04-28 18:26 - 2023-12-09 04:28 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-04-28 18:21 - 2024-02-21 14:16 - 000000000 ____D C:\Program Files (x86)\Avira
2024-04-28 18:20 - 2023-05-30 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2024-04-28 18:16 - 2023-12-09 04:39 - 000000000 ____D C:\Users\ghost
2024-04-28 18:16 - 2023-12-09 04:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-04-28 15:23 - 2024-02-28 17:11 - 000000000 ____D C:\Users\ghost\AppData\Local\DisplayFusion
2024-04-28 15:22 - 2023-12-09 04:49 - 000000000 ____D C:\Users\ghost\AppData\Local\PlaceholderTileLogoFolder
2024-04-28 12:27 - 2023-12-09 04:39 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-04-28 12:27 - 2021-09-29 23:09 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-28 07:37 - 2023-12-09 04:49 - 000000000 ____D C:\Users\ghost\AppData\Local\AMD
2024-04-28 07:33 - 2024-02-28 14:28 - 000003152 _____ C:\WINDOWS\system32\Tasks\StartCN
2024-04-28 07:33 - 2023-12-09 04:35 - 000000000 ____D C:\Program Files\AMD
2024-04-28 07:30 - 2023-05-30 12:23 - 000000000 ____D C:\AMD
2024-04-27 20:41 - 2024-02-29 21:48 - 000001154 _____ C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeraCopy.lnk
2024-04-27 20:41 - 2024-02-28 22:05 - 000000000 ____D C:\Users\ghost\AppData\Roaming\TeraCopy
2024-04-27 19:20 - 2023-05-30 16:45 - 000000000 ____D C:\Users\ghost\.MakeMKV
2024-04-27 19:15 - 2024-02-28 16:55 - 000000000 ____D C:\ProgramData\AomeiBR
2024-04-27 14:11 - 2024-02-28 18:42 - 000189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2024-04-27 14:11 - 2024-02-28 18:42 - 000189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2024-04-27 14:11 - 2024-02-28 18:42 - 000075136 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2024-04-27 10:24 - 2024-02-28 16:58 - 000000000 ____D C:\Program Files (x86)\AOMEI OneKey Recovery 1.7.1
2024-04-27 10:23 - 2024-03-28 22:59 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant
2024-04-27 10:23 - 2024-02-28 17:01 - 000000000 ____D C:\ProgramData\AOMEIPA
2024-04-27 10:23 - 2024-02-28 16:59 - 000000428 _____ C:\WINDOWS\SysWOW64\Amok.dat
2024-04-27 10:23 - 2024-02-28 16:56 - 000000624 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2024-04-27 10:23 - 2023-05-31 06:36 - 000001024 ____H C:\OKTAG.BIN
2024-04-27 10:23 - 2023-05-30 21:26 - 000001024 ____H C:\AMTAG.BIN
2024-04-27 10:22 - 2024-02-28 17:02 - 000000432 _____ C:\WINDOWS\SysWOW64\Upgrade.dat
2024-04-27 10:22 - 2024-02-28 17:02 - 000000208 _____ C:\WINDOWS\SysWOW64\PaBakConfig.dat
2024-04-27 10:22 - 2024-02-28 17:01 - 000004878 _____ C:\WINDOWS\PAGa4.dat
2024-04-27 10:22 - 2024-02-28 17:01 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-04-27 10:22 - 2024-02-28 16:56 - 000000432 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2024-04-27 10:19 - 2023-05-30 17:09 - 000001024 ____H C:\SYSTAG.BIN
2024-04-27 08:34 - 2024-02-28 22:18 - 000000000 ____D C:\Users\ghost\AppData\Roaming\XYplorer
2024-04-27 07:33 - 2024-02-28 19:06 - 000000000 ____D C:\Users\ghost\AppData\Roaming\VMware
2024-04-27 07:33 - 2024-02-28 19:06 - 000000000 ____D C:\Users\ghost\AppData\Local\VMware
2024-04-26 18:44 - 2024-02-29 12:54 - 000000000 ____D C:\Users\ghost\AppData\Local\Plex Media Server
2024-04-26 18:01 - 2024-02-29 12:54 - 000001087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server.lnk
2024-04-26 15:31 - 2024-02-28 14:16 - 000002776 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-04-26 15:31 - 2023-12-09 04:49 - 000003118 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-636087272-42344311-1300616916-1001
2024-04-26 15:02 - 2023-12-31 04:08 - 000000000 ____D C:\Users\ghost\AppData\Roaming\vlc
2024-04-26 14:49 - 2023-12-09 04:56 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-26 14:49 - 2023-12-09 04:56 - 000002209 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-04-26 10:28 - 2023-05-30 11:47 - 000000000 ___RD C:\Users\ghost\OneDrive
2024-04-26 06:40 - 2024-02-28 22:52 - 000000995 _____ C:\Users\Public\Desktop\AnyStream.lnk
2024-04-26 06:31 - 2022-07-03 21:15 - 000000000 ____D C:\WINDOWS\TempInst
2024-04-25 21:38 - 2023-12-09 04:35 - 000000000 ____D C:\ProgramData\A-Volute
2024-04-25 20:17 - 2024-02-28 14:06 - 000000000 ____D C:\Users\ghost\AppData\Local\AMD_Common
2024-04-25 17:27 - 2023-12-09 04:48 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2024-04-25 17:27 - 2023-12-09 04:48 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2024-04-25 16:56 - 2023-12-09 04:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-04-25 16:40 - 2024-03-28 23:48 - 000000000 ____D C:\Users\ghost\AppData\Roaming\XnViewMP
2024-04-25 16:24 - 2024-02-28 19:51 - 000239576 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2024-04-25 09:38 - 2024-02-29 10:00 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-04-25 09:38 - 2024-02-28 14:16 - 000002227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-25 09:33 - 2024-02-29 12:57 - 000000000 ____D C:\Users\ghost\AppData\Local\Plex
2024-04-24 21:50 - 2023-12-09 04:35 - 000000000 ____D C:\WINDOWS\system32\SONiX
2024-04-24 14:29 - 2024-03-28 16:30 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\MMC
2024-04-24 11:57 - 2023-12-09 04:28 - 000000000 ____D C:\ProgramData\USOPrivate
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\UUS
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\SystemResources
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\SystemApps
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-04-24 08:40 - 2023-12-09 04:28 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-04-24 08:40 - 2023-12-09 04:25 - 000000000 ____D C:\WINDOWS\servicing
2024-04-24 08:34 - 2023-12-09 04:37 - 003214336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-04-23 15:03 - 2024-03-02 22:20 - 000000000 ____D C:\Users\ghost\AppData\Roaming\obs-studio
2024-04-23 15:02 - 2024-02-28 22:00 - 000000000 ____D C:\Users\ghost\AppData\Roaming\mIRC
2024-04-23 15:00 - 2023-05-30 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyMP4
2024-04-23 13:50 - 2023-12-09 04:28 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-04-23 13:50 - 2022-07-03 21:16 - 000000000 ____D C:\Program Files\Microsoft Office
2024-04-23 08:26 - 2024-02-28 19:44 - 000002513 _____ C:\Users\Public\Desktop\O&O Defrag.lnk
2024-04-23 08:26 - 2024-02-28 19:44 - 000000000 ____D C:\Program Files\OO Software
2024-04-23 08:26 - 2023-05-30 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2024-04-22 22:01 - 2023-12-09 04:53 - 000000000 ____D C:\ProgramData\Package Cache
2024-04-22 22:00 - 2024-02-15 21:06 - 000001949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdGuard.lnk
2024-04-22 22:00 - 2024-02-15 21:06 - 000000975 _____ C:\Users\Public\Desktop\AdGuard.lnk
2024-04-22 21:48 - 2023-12-10 21:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-04-22 21:44 - 2023-12-10 21:24 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-04-22 09:29 - 2024-02-28 22:11 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Wise Care 365
2024-04-22 09:29 - 2023-05-30 11:48 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\Scanned Documents
2024-04-22 09:23 - 2023-06-01 08:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2024-04-21 19:27 - 2024-03-01 15:49 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-04-21 17:19 - 2024-02-29 12:59 - 000000000 ____D C:\Users\ghost\AppData\Roaming\AIMP
2024-04-21 13:30 - 2023-05-30 17:06 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-04-21 09:10 - 2024-03-01 15:49 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-04-21 09:10 - 2024-03-01 15:49 - 000003376 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-04-20 07:41 - 2023-12-09 04:56 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-20 07:39 - 2024-02-29 11:14 - 000001118 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2024-04-20 07:39 - 2024-02-29 11:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2024-04-20 07:39 - 2024-02-29 11:00 - 000000000 ____D C:\Program Files\Calibre2
2024-04-19 20:42 - 2024-03-04 13:00 - 000000000 ____D C:\Users\ghost\MediathekView
2024-04-19 15:39 - 2023-10-27 16:48 - 000232280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2024-04-18 10:54 - 2024-03-06 13:55 - 107397120 _____ C:\WINDOWS\system32\config\software.amg
2024-04-17 17:43 - 2024-03-04 12:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediathekView
2024-04-17 17:43 - 2024-03-04 12:58 - 000000000 ____D C:\Program Files\MediathekView
2024-04-17 16:06 - 2024-03-01 18:30 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Process Hacker 2
2024-04-17 16:01 - 2024-02-29 22:58 - 000000000 ____D C:\ProgramData\Windows Master Setup
2024-04-17 16:01 - 2023-12-09 04:54 - 000000000 ____D C:\Users\ghost\AppData\Roaming\logioptionsplus
2024-04-17 15:57 - 2024-02-28 22:11 - 000000000 ____D C:\Program Files (x86)\Wise
2024-04-17 10:16 - 2024-02-28 14:28 - 002959928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2024-04-16 15:29 - 2024-02-28 17:34 - 000000000 ____D C:\Users\ghost\AppData\Roaming\FileZilla
2024-04-16 09:50 - 2023-06-03 17:57 - 000000000 ____D C:\Users\ghost\.ssh
2024-04-15 22:27 - 2024-02-29 11:00 - 000000000 ____D C:\Users\ghost\AppData\Roaming\calibre
2024-04-15 22:27 - 2023-06-09 13:45 - 000000000 ____D C:\Users\ghost\Calibre-Bibliothek
2024-04-15 21:50 - 2024-03-04 17:42 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Word
2024-04-15 16:34 - 2023-12-09 04:50 - 000000000 ____D C:\Users\ghost\AppData\Local\Publishers
2024-04-15 07:51 - 2024-02-29 17:30 - 000001928 _____ C:\Users\ghost\Desktop\Subtitle Edit.lnk
2024-04-15 07:51 - 2024-02-29 13:14 - 000000000 ____D C:\Program Files\Subtitle Edit
2024-04-15 07:51 - 2023-05-30 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2024-04-14 19:24 - 2023-05-30 11:44 - 000000000 ___SD C:\Users\ghost\AppData\Roaming\Microsoft\Credentials
2024-04-14 13:18 - 2024-02-29 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerShell
2024-04-13 11:15 - 2023-12-09 04:35 - 000000000 ____D C:\ProgramData\Lenovo
2024-04-13 11:15 - 2022-07-03 21:15 - 000000000 ____D C:\Program Files\Lenovo
2024-04-13 11:12 - 2023-12-09 04:48 - 000000000 ____D C:\ProgramData\Nahimic
2024-04-13 08:42 - 2023-12-09 04:25 - 001572864 _____ C:\WINDOWS\system32\config\DEFAULT.bak
2024-04-13 08:42 - 2023-12-09 04:25 - 000131072 ____N C:\WINDOWS\system32\config\SAM.bak
2024-04-13 06:29 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-04-12 14:41 - 2024-02-28 14:15 - 000000000 ____D C:\Users\ghost\AppData\Roaming\KeePassXC
2024-04-12 01:46 - 2024-03-28 17:54 - 002708984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-04-12 01:46 - 2024-03-28 17:54 - 000710248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-04-12 01:46 - 2024-03-28 17:54 - 000263784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-04-12 01:46 - 2024-03-28 17:54 - 000218616 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-04-12 01:46 - 2024-03-28 17:54 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-04-12 01:46 - 2024-03-28 17:54 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-04-12 01:46 - 2024-03-28 17:54 - 000108136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-04-12 01:46 - 2024-03-28 17:54 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-04-12 01:19 - 2024-03-28 23:05 - 000000871 _____ C:\Users\ghost\Desktop\TagScanner.lnk
2024-04-12 01:19 - 2024-03-28 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TagScanner
2024-04-12 01:19 - 2024-03-28 23:05 - 000000000 ____D C:\Program Files\TagScanner
2024-04-12 01:18 - 2024-02-28 21:59 - 000000000 ____D C:\ProgramData\TEMP
2024-04-12 01:17 - 2024-02-28 21:59 - 000000939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZ CD Audio Converter.lnk
2024-04-12 01:17 - 2024-02-28 21:59 - 000000000 ____D C:\Program Files\EZ CD Audio Converter
2024-04-11 18:49 - 2024-03-28 23:48 - 000001730 _____ C:\Users\ghost\Desktop\XnView MP.lnk
2024-04-11 18:49 - 2024-03-28 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView MP
2024-04-11 18:49 - 2024-03-28 23:48 - 000000000 ____D C:\Program Files\XnViewMP
2024-04-10 20:16 - 2024-03-28 23:02 - 000000000 ____D C:\Users\ghost\AppData\Local\FileZilla
2024-04-10 19:48 - 2021-09-29 23:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-04-09 19:59 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-04-09 19:59 - 2023-12-09 04:28 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-04-09 19:50 - 2023-12-09 05:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-04-09 19:47 - 2023-12-09 05:10 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-04-09 19:46 - 2024-02-28 17:01 - 000000000 ____D C:\Program Files\dotnet
2024-04-09 11:19 - 2024-02-29 12:47 - 000000000 ____D C:\Program Files\Notepad++
2024-04-09 09:16 - 2024-02-28 22:25 - 000000000 ____D C:\Users\ghost\AppData\Roaming\WinRAR
2024-04-06 22:18 - 2024-02-29 11:40 - 000000000 ____D C:\Users\ghost\AppData\Roaming\EasyAntiCheat
2024-04-05 17:23 - 2024-02-28 18:22 - 000000000 ____D C:\Program Files\Electronic Arts
2024-04-05 15:57 - 2024-02-29 12:44 - 000001076 _____ C:\Users\Public\Desktop\Configure FileMenu Tools.lnk
2024-04-05 15:57 - 2023-05-30 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileMenu Tools
2024-04-04 08:21 - 2023-12-09 04:40 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-04 08:21 - 2023-12-09 04:40 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-31 05:25 - 2023-05-30 11:48 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\My Games
2024-03-30 16:45 - 2024-02-28 22:18 - 000000000 ____D C:\Program Files (x86)\XYplorer
2024-03-30 16:31 - 2024-02-29 12:58 - 000000000 ____D C:\Program Files (x86)\AIMP
2024-03-30 16:29 - 2024-02-29 12:47 - 000000888 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2024-03-30 00:41 - 2023-05-30 11:48 - 000000000 ____D C:\Users\ghost\OneDrive\Dokumente\Image-Line
2024-03-30 00:31 - 2023-06-09 20:56 - 000000000 ____D C:\Users\ghost\Downloads\incomplete
2024-03-30 00:31 - 2023-06-09 20:56 - 000000000 ____D C:\Users\ghost\Downloads\complete
2024-03-29 23:19 - 2024-02-29 16:15 - 000000000 ____D C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubuntu-22.04

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2024-01-01 13:30 - 2024-01-01 13:30 - 000000273 _____ () C:\ProgramData\fontcacheev1.dat
2003-10-06 10:21 - 2003-10-06 10:21 - 000000000 ____H () C:\ProgramData\sdpsenv.dat
2024-04-06 22:18 - 2024-04-06 22:21 - 000000169 _____ () C:\Users\ghost\AppData\Roaming\BattleBitConfig.ini
2024-04-16 15:26 - 2024-04-26 19:25 - 000000128 _____ () C:\Users\ghost\AppData\Roaming\winscp.rnd
2024-04-16 15:07 - 2024-04-16 20:19 - 000000128 _____ () C:\Users\ghost\AppData\Local\PUTTY.RND
2024-04-13 17:41 - 2024-04-13 17:41 - 000000017 _____ () C:\Users\ghost\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

cosinus 29.04.2024 09:31
Es fehlt immer noch die Addition.txt

Ghost_Induct 29.04.2024 09:51
Addition Teil 1


Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
durchgeführt von ghost (28-04-2024 23:15:34)
Gestartet von D:\Multimedia\Downloads
Microsoft Windows 11 Pro Version 23H2 22631.3527 (X64) (2023-12-09 02:47:35)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-636087272-42344311-1300616916-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-636087272-42344311-1300616916-503 - Limited - Disabled)
Gast (S-1-5-21-636087272-42344311-1300616916-501 - Limited - Disabled)
ghost (S-1-5-21-636087272-42344311-1300616916-1001 - Administrator - Enabled) => C:\Users\ghost
jmrod (S-1-5-21-636087272-42344311-1300616916-1009 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-636087272-42344311-1300616916-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Avira Security (Enabled - Up to date) {ECF452C3-6EC5-5C1F-754D-F6203DD491E1}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AdGuard (HKLM\...\{A8CDCD01-B65F-4169-A3A9-F13EEBA31ED3}) (Version: 7.17.4709.0 - Adguard Software Limited) Hidden
AdGuard (HKLM-x32\...\{a3d8c7bf-71f5-4be7-96d5-f29d13e0adc5}) (Version: 7.17.4709.0 - Adguard Software Limited)
Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.94 - Hulubulu Software)
AIMP (HKLM-x32\...\AIMP) (Version: 5.30.2541 - Artem Izmaylov)
Amazon Appstore (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\com.amazon.venezia) (Version: release-60.24.1.0.210299.0_683610 - amazon.com)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.01.25.342 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.124 - Advanced Micro Devices, Inc.) Hidden
AMD Privacy View (HKLM\...\{D8E24EA6-807B-48D0-86D6-A9C5E74B8F2C}) (Version: 1.02.0001 - Eyeware Tech SA)
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.26.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.4.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{42e5a8d4-8fb0-48a1-9063-fc159c7566a0}) (Version: 6.01.25.342 - Advanced Micro Devices, Inc.) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 8.6.8.0 - RedFox)
AnyMP4 Blu-ray Player 6.5.58 (HKLM-x32\...\{DF8BE739-832A-482a-8C75-FB9628A6BE6E}_is1) (Version: 6.5.58 - AnyMP4 Studio)
AnyStream (64 bit) (HKLM\...\AnyStream64) (Version: 1.8.8.0 - RedFox)
AOMEI Backupper (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: 7.3.5 - AOMEI International Network Limited.)
AOMEI OneKey Recovery 1.7.1 (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF553690FD}_is1) (Version:  - AOMEI International Network Limited.)
AOMEI Partition Assistant 10.3.1 (HKLM-x32\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: 10.3.1 - AOMEI International Network Limited.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15 - tippach engineering)
Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version:  - ) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.44.1.19908 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.101.602 - Avira Operations GmbH) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version:  - Avira Operations GmbH)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 7.2.0.477 - Avira Operations GmbH) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM\...\{5CE9A3A7-0901-4ED9-BD49-146891154898}) (Version: 7.9.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.23 - Piriform)
ClipboardFusion (HKLM\...\CE862FB9-804D-4D16-98F5-677FA31B647C_is1) (Version: 6.1.0.0 - Binary Fortress Software)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 6.2.0.1813 - Disc Soft Ltd)
Directory Opus (HKLM\...\{6CFA061F-1A4C-4569-963F-2ACFC60F5CAD}_is1) (Version: 13.3 - GPSoftware)
DisplayFusion (HKLM\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 10.1.2.0 - Binary Fortress Software)
Dolby Vision Provisioning Utility (HKLM-x32\...\provisiondolbyvision1_1-20200601_is1) (Version: 1.7.4.4 (2023 October Data a) - Lenovo Group Limited)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.180.0.5693 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{c3d1a34e-884e-4029-acbf-94684808334d}) (Version: 13.180.0.5693 - Electronic Arts)
EasyUEFI (HKLM\...\EasyUEFI_is1) (Version: 5.5 - Hasleo Software.)
eM Client (HKLM-x32\...\{A5D710A6-3BEC-4139-B39D-C5D29C43E5F5}) (Version: 9.2.2157.0 - eM Client Inc.)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2404.2771 - Avira Operations GmbH) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 11.5.2 - Poikosoft)
FileMenu Tools 8.4.1 (HKLM\...\FileMenuTools_is1) (Version: 8.4.1 - LopeSoft)
FileZilla Pro 3.66.5 (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\FileZilla Pro) (Version: 3.66.5 - Tim Kosse)
FL Studio 21 (HKLM-x32\...\FL Studio 21) (Version: 21.2.3.4004 - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Geany 2.0 (HKLM\...\Geany) (Version: 2.0 - The Geany developer team)
Geany-Plugins 2.0 (HKLM\...\Geany-Plugins) (Version: 2.0 - The Geany developer team)
GIMP 2.10.36-1 (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\GIMP-2_is1) (Version: 2.10.36 - The GIMP Team)
GnuCash 5.6 (HKLM-x32\...\GnuCash_is1) (Version: 5.6 - GnuCash Development Team)
Google Chrome (HKLM\...\{DD4755AF-D911-3417-8470-0FA19F98008B}) (Version: 124.0.6367.92 - Google LLC)
HandBrake 1.7.3 (HKLM-x32\...\HandBrake) (Version: 1.7.3 - )
HWiNFO64 (HKLM\...\HWiNFO64_is1) (Version: 8.00 - Martin Malik, REALiX s.r.o.)
Java 8 Update 401 (64-bit) (HKLM\...\{71024AE4-039E-4CA4-87B4-2F64180401F0}) (Version: 8.0.4010.10 - Oracle Corporation)
KeePassXC (HKLM\...\{2D8B88BF-C678-465A-8C59-92DFF9CB311C}) (Version: 2.7.7 - KeePassXC Team)
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.10.0.10 - Lenovo Group Ltd.)
Lenovo Diagnostics Evolution (HKLM\...\LenovoDiagnosticsEvolution_is1) (Version: 5.11.0.40 - LENOVO (UNITED STATES) INC.)
Lenovo Now (HKLM-x32\...\Lenovo Now) (Version: 3.12.2.2 - Lenovo Group Ltd.)
Lenovo Service Bridge (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.16 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.0.75.0 - Lenovo Group Ltd.)
LibreOffice 24.2.0.3 (HKLM\...\{5A433714-C509-4707-BF0C-410D3FBCE8B3}) (Version: 24.2.0.3 - The Document Foundation)
LicenseCrawler 2.10.2822 (HKLM-x32\...\LicenseCrawler_is1) (Version: 2.10.2822 - Martin Klinzmann)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.70.551909 - Logitech)
MakeMKV v1.17.6 (HKLM-x32\...\MakeMKV) (Version: v1.17.6 - GuinpinSoft inc)
Malwarebytes version 5.1.3.110 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.3.110 - Malwarebytes)
MediathekView 14.0.0 (HKLM\...\1927-5045-2127-3394) (Version: 14.0.0 - MediathekView Team)
Microsoft .NET Host - 6.0.29 (x64) (HKLM\...\{E7C485FB-3329-43E3-965B-3DE4B863E1D9}) (Version: 48.116.12053 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.18 (x64) (HKLM\...\{8B68385D-2790-41EE-8D7C-3B82B4DF2E78}) (Version: 56.72.12030 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.29 (x64) (HKLM\...\{724B2734-4B1A-46E2-9333-6D3B83351D02}) (Version: 48.116.12053 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.18 (x64) (HKLM\...\{97B1AA87-A6DA-474C-B607-7627F2D7B98A}) (Version: 56.72.12030 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.29 (x64) (HKLM\...\{014E0350-0B29-483B-9252-8780DEBA0856}) (Version: 48.116.12053 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.18 (x64) (HKLM\...\{2BC88C2F-92B5-4BB0-B40E-EC88F0EEA057}) (Version: 56.72.12030 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.17531.20062 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\{1CDF162C-44C5-32F2-BEE0-A9A6FCDB032F}) (Version: 124.0.2478.67 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 124.0.2478.67 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.070.0407.0003 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.17531.20062 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM\...\{805626FF-2BC9-4567-A71E-A76A470D000A}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM-x32\...\{8d173101-98c1-4e92-97c6-47c6840745a7}) (Version: 6.0.16.32327 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.29 (x64) (HKLM\...\{A0DA3EDD-9C41-491F-A77E-5F90AFDB64B2}) (Version: 48.116.12057 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.29 (x64) (HKLM-x32\...\{54679abd-8ed9-4bd3-8400-7684dd7c6f03}) (Version: 6.0.29.33521 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.18 (x64) (HKLM\...\{F91C5C9A-FDEF-44D0-88D8-40113345FAA7}) (Version: 56.72.12035 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.18 (x64) (HKLM-x32\...\{9926fb6d-a007-472d-b0dc-38d7e8c475e0}) (Version: 7.0.18.33520 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.76 - mIRC Co. Ltd.)
MKVToolNix 83.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 83.0.0 - Moritz Bunkus)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 125.0.2 (x64 de)) (Version: 125.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 124.0.1 - Mozilla)
MusicBee 3.5.8698 (HKLM-x32\...\MusicBee) (Version: 3.5.8698 - Steven Mayall)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.6.5 - Notepad++ Team)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.78 - Nmap Project)
O&O Defrag Professional (HKLM\...\{295D71E4-9E8B-4C2C-8127-921059A6B215}) (Version: 28.0.10005 - O&O Software GmbH)
O&O DiskImage (HKLM\...\{F0DF7F9D-B9F5-411A-882A-52F3435575B5}) (Version: 19.0.109 - O&O Software GmbH)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.1.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17531.20062 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Plex (HKLM-x32\...\Plex) (Version: 1.91.0 - Plex, Inc.)
Plex Media Server 1.40.2.8395 (x64) (HKLM\...\{688e1d8f-188e-49cd-83ca-2669a7e3f8cc}_is1) (Version: 1.40.2.8395 - Plex, Inc.)
Plexamp 4.9.5 (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\46418f0f-cea3-5740-a7e9-a0166db1e7c4) (Version: 4.9.5 - Plex, Inc.)
PowerShell 7-x64 (HKLM\...\{F895A69B-7C3F-49AD-83FC-A87B31EFF8F3}) (Version: 7.4.2.0 - Microsoft Corporation)
PowerToys (Preview) (HKLM\...\{8ED268A9-7DBE-4B5B-B7FA-78E95BBFFA6A}) (Version: 0.80.1 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{54a636d2-7a27-48a2-aa5c-3f5c9a93954d}) (Version: 0.80.1 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
PuTTY release 0.81 (64-bit) (HKLM\...\{DDC95F26-92B1-4546-9678-5DC68DF76BA0}) (Version: 0.81.0.0 - Simon Tatham)
QNAP Qfinder Pro (HKLM-x32\...\QNAP_FINDER) (Version: 7.10.2.0125 - QNAP Systems, Inc.)
Raspberry Pi Imager (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\Raspberry Pi Imager) (Version: 1.8.5 - Raspberry Pi Ltd)
Revo Uninstaller Pro 5.2.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.2.6 - VS Revo Group, Ltd.)
RyzenMasterSDK (HKLM\...\{F6788715-BF16-4041-B096-A00CC393969B}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
SABnzbd 4.2.2 (HKLM-x32\...\SABnzbd) (Version: 4.2.2 - The SABnzbd-Team)
Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software)
simplewall (HKLM\...\simplewall) (Version: 3.8 - Henry++)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subtitle Edit (HKLM\...\SubtitleEdit_is1) (Version: 4.0.5.0 - Nikse)
TagScanner (64bit) (HKLM\...\TagScanner 6.1.16 (64bit)_is1) (Version: 6.1.16 - Sergey Serkov)
TagScanner (64bit) (HKLM\...\TagScanner_is1) (Version: 6.1.17 - Sergey Serkov)
TeraCopy (HKLM\...\{DF5325DF-1F43-4282-85D5-1CA3353E6B13}) (Version: 3.17 - Code Sector)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.03 - Ghisler Software GmbH)
TrayStatus (HKLM\...\d6b74f60-2e9d-4c60-a8b7-b7d737c44ad4_is1) (Version: 4.8.0.0 - Binary Fortress Software)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 151.1.11048 - Ubisoft)
Ultracopier 2.2.6.8 (HKLM-x32\...\Ultracopier) (Version: 2.2.6.8 - Ultracopier)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.93 - Samsung Electronics CO., LTD.)
USBPcap 1.5.4.0 (HKLM\...\USBPcap) (Version: 1.5.4.0 - Tomasz Mon)
VidCoder (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\VidCoder.Stable) (Version: 9.20.0 - RandomEngy)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Windows Subsystem for Linux (HKLM\...\{877F46EF-614F-4B05-A09D-E15E5B424710}) (Version: 2.1.5.0 - Microsoft Corporation) Hidden
Windows Subsystem for Linux Update (HKLM\...\{F8474A47-8B5D-4466-ACE3-78EAB3BF21A8}) (Version: 5.10.102.1 - Microsoft Corporation)
Windows Update Viewer (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\{3A152885-8378-4FDE-AFCC-85D096B16A1D}_is1) (Version: 0.6.0.0 - Tim Kennedy)
WinMerge 2.16.40.0 x64 (HKLM\...\WinMerge_is1) (Version: 2.16.40.0 - Thingamahoochie Software)
WinRAR 7.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
WinSCP 6.3.2 (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\winscp3_is1) (Version: 6.3.2 - Martin Prikryl)
Wireshark 4.2.4 x64 (HKLM-x32\...\Wireshark) (Version: 4.2.4 - The Wireshark developer community, hxxps://www.wireshark.org)
Wise Care 365 (HKLM-x32\...\Wise Care 365_is1) (Version: 6.6.5 - Lespeed Technology Co., Ltd.)
Wise Program Uninstaller (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: 3.1.9 - Lespeed Technology Co., Ltd.)
XnView MP (x64) (HKLM\...\XnView MP (x64)_is1) (Version: 1.7.1.0 - Pierre-e Gougelet)
XYplorer 25.90 (HKLM-x32\...\XYplorer) (Version: 25.90.0100 - Donald Lessau, Cologne Code Company)
Addition Teil 2


Code:
Chrome apps:
============
YouTube (HKU\S-1-5-21-636087272-42344311-1300616916-1001\...\22beb3ec24f58d0ad88b1c7c3b7f745a) (Version: 1.0 - Google\Chrome)

Packages:
=========

AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2024-04-28] (Advanced Micro Devices Inc.)
Dolby Vision -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionHDR_2.20302.526.0_x64__rz1tebttyb220 [2024-04-26] (Dolby Laboratories)
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.3.0.0_x86__1sdd7yawvg6ne [2024-04-28] (File-New-Project) [Startup Task]
EZ CD Audio Converter -> C:\Program Files\EZ CD Audio Converter [2024-04-12] ()
FeedLab -> C:\Program Files\WindowsApps\ClevLab.FeedLab_3.1.4.0_x64__qdcg6xvbhrn16 [2024-04-28] (ClevLab) [MS Ad]
FileMenu Tools -> C:\Program Files\LopeSoft\FileMenu Tools [2024-04-05] (LopeSoft)
GitHub -> C:\Program Files\WindowsApps\github.com-8B11BEB2_1.0.0.0_neutral__2t1n1bqhyggy0 [2024-04-14] (github.com)
Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2024-04-28] (Microsoft Corporation)
Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.237.110.0_x86__8wekyb3d8bbwe [2024-04-28] (Microsoft Corporation)
Ink.Handwriting.Main.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.de-DE.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2024-04-28] (Microsoft Corporation)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2403.25.0_x64__k1h2ywk1493x8 [2024-04-28] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-04-02] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21002.0_x64__8wekyb3d8bbwe [2024-04-11] (Microsoft Corporation) [Startup Task]
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.931.0_x64__8wekyb3d8bbwe [2024-04-12] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-28] (Microsoft Corporation)
Microsoft.HEVCVideoExtensions -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.1.452.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-04-09] (Microsoft Corporation)
Microsoft.Windows.Ai.Copilot.Provider -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-28] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24041.33.0_x64__cw5n1h2txyewy [2024-04-28] (Microsoft Windows) [Startup Task]
MSIX Packaging Tool -> C:\Program Files\WindowsApps\Microsoft.MSIXPackagingTool_1.2023.1212.0_x64__8wekyb3d8bbwe [2024-03-20] ()
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.10.1.0_x64__w2gh52qy24etm [2024-04-25] (A-Volute)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.99.5.0_x64__mcm4njqhnhss8 [2024-04-19] (Netflix, Inc.)
Nextgen Reader -> C:\Program Files\WindowsApps\6205NextMatters.NextgenReader_7.0.34.0_x64__dhevqfrzdz4vg [2024-04-11] (Next Matters)
Notepad++ -> C:\Program Files\Notepad++\contextMenu [2024-03-30] (Notepad++)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2024-04-28] (Microsoft Corporation)
Password Manager SafeInCloud -> C:\Program Files\WindowsApps\51041SafeInCloud.PasswordManagerSafeInCloud_24.6.4.0_x86__wh7zearnzvtm6 [2024-04-28] (Andrey Shcherbakov) [Startup Task]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2024-04-28] (Plex)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_11.2404.195.0_x64__8wekyb3d8bbwe [2024-04-25] (Microsoft Corporation) [Startup Task]
PowerToys FileLocksmith Context Menu -> C:\Program Files\PowerToys\WinUI3Apps [2024-04-12] (Microsoft)
PowerToys ImageResizer Context Menu -> C:\Program Files\PowerToys [2024-04-12] (Microsoft)
PowerToys PowerRename Context Menu -> C:\Program Files\PowerToys\WinUI3Apps [2024-04-12] (Microsoft)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.39.283.0_x64__dt26b99r8h8gj [2023-12-09] (Realtek Semiconductor Corp)
Remotedesktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation)
Sysinternals Suite -> C:\Program Files\WindowsApps\Microsoft.SysinternalsSuite_2024.2.1.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Corporation)
Torrex Pro - Torrent Downloader -> C:\Program Files\WindowsApps\BooStudioLLC.TorrexPro_1.4.30.0_x64__b6e429xa66pga [2024-04-28] (Finebits OÜ) [MS Ad] [Startup Task]
Ubuntu 22.04.3 LTS -> C:\Program Files\WindowsApps\CanonicalGroupLimited.Ubuntu22.04LTS_2204.3.63.0_x64__79rhkp1fndgsc [2024-04-28] (Canonical Group Limited)
WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-12-10] (Microsoft Corp.)
WinAppRuntime.Main.1.2-p1 -> C:\Program Files\WindowsApps\microsoftcorporationii.winappruntime.main.1.2-p1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-04-18] (Microsoft Corp.)
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1136.2333.0_x64__8wekyb3d8bbwe [2024-02-16] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.95.533.0_x64__8wekyb3d8bbwe [2024-04-11] (Microsoft Corp.)
WinAppRuntime.Singleton-p1 -> C:\Program Files\WindowsApps\microsoftcorporationii.winappruntime.singleton-p1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-04-18] (Microsoft Corp.)
Windows App Runtime DDLM 2000.609.1413.0-x6-p1 -> C:\Program Files\WindowsApps\microsoft.winappruntime.ddlm.2000.609.1413.0-x6-p1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-04-18] (Microsoft Corporation)
Windows App Runtime DDLM 2000.609.1413.0-x8-p1 -> C:\Program Files\WindowsApps\microsoft.winappruntime.ddlm.2000.609.1413.0-x8-p1_2000.609.1413.0_x86__8wekyb3d8bbwe [2024-04-18] (Microsoft Corporation)
Windows App Runtime DDLM 2000.802.31.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x6_2000.802.31.0_x64__8wekyb3d8bbwe [2023-12-10] (Microsoft Corporation)
Windows App Runtime DDLM 2000.802.31.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x8_2000.802.31.0_x86__8wekyb3d8bbwe [2023-12-10] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x6_4000.964.11.0_x64__8wekyb3d8bbwe [2024-01-12] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x8_4000.964.11.0_x86__8wekyb3d8bbwe [2024-01-12] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-04-24] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-04-24] (Microsoft Windows)
WindowsAppRuntime.1.2-preview1 -> C:\Program Files\WindowsApps\microsoft.windowsappruntime.1.2-preview1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-04-18] (Microsoft Corporation)
WindowsAppRuntime.1.2-preview1 -> C:\Program Files\WindowsApps\microsoft.windowsappruntime.1.2-preview1_2000.609.1413.0_x86__8wekyb3d8bbwe [2024-04-18] (Microsoft Corporation)
Windows-Subsystem für Android™ -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2311.40000.5.0_x64__8wekyb3d8bbwe [2024-04-28] (Microsoft Corp.) [Startup Task]
WinMerge -> C:\Program Files\WinMerge [2024-04-28] (winmerge.org)
WinRAR -> C:\Program Files\WinRAR [2024-04-09] (win.rar GmbH)
WSATools -> C:\Program Files\WindowsApps\54406Simizfo.WSATools_1.0.3.0_x64__f0x555vvp18ze [2024-03-27] (Simone Franco)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{10144713-1526-46C9-88DA-1FB52807A9FF}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.SvgThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{2C28256E-343B-4BB5-AE6C-DB0C297B82D2}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software (Redbrook Pty Ltd) -> GP Software)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{4A2DBA97-B400-43CB-A4B3-C03CB293FC93}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software (Redbrook Pty Ltd) -> GP Software)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{5ea9a442-5352-ed6e-d37f-9d511e7e2caa}\localserver32 -> C:\Program Files\PowerToys\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{60789D87-9C3C-44AF-B18C-3DE2C2820ED3}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.MarkdownPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{729B72CD-B72E-4FE9-BCBF-E954B33FE699}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.QoiPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{77257004-6F25-4521-B602-50ECC6EC62A6}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.StlThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\ghost\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{A0257634-8812-4CE8-AF11-FA69ACAEAFAE}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.GcodePreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{AD856B15-D25E-4008-AFB7-AFAA55586188}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.QoiThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{BB5E5396-CD37-4B96-8A6E-55EB3FCB1D23}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software (Redbrook Pty Ltd) -> GP Software)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{ce58a493-1357-cae0-d669-fe54fb63756c}\localserver32 -> C:\Program Files\OO Software\Defrag\oodtrwnd.exe (O&O Software GmbH -> O&O Software GmbH)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{D8034CFA-F34B-41FE-AD45-62FCBB52A6DA}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.MonacoPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}\InprocServer32 -> C:\Users\ghost\AppData\Local\Programs\WinSCP\DragExt64.dll (Martin Prikryl -> Martin Prikryl)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{F2847CBE-CD03-4C83-A359-1A8052C1B9D5}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.GcodeThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{F35D3F59-EDC8-4DDB-96A1-472211370BBA}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software (Redbrook Pty Ltd) -> GP Software)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{F7757183-C0D1-4EC6-95BC-960171DAAD99}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software (Redbrook Pty Ltd) -> GP Software)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{fc2f3575-b316-ac6e-0e71-05c27fa0611c}\localserver32 -> C:\Users\ghost\AppData\Local\VidCoder.Stable\app-9.20.0\VidCoder.exe (David Rickard -> VidCoder)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{FCDD4EED-41AA-492F-8A84-31A1546226E0}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.SvgPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636087272-42344311-1300616916-1001_Classes\CLSID\{FFD45BA7-06D8-4945-8848-A2DF537AE888}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software (Redbrook Pty Ltd) -> GP Software)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11d2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2099560 2024-02-27] (GP Software (Redbrook Pty Ltd) -> GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11d2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [1018224 2024-02-27] (GP Software (Redbrook Pty Ltd) -> GP Software)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2024-03-30] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2022-09-23] (Poikosoft -> Poikosoft)
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2024-03-12] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-02-28] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers1: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers2: [DaemonShellExtDriveUltra] -> {F0E53CA3-02F8-40AE-9470-309F0309036F} => C:\Program Files\DAEMON Tools Ultra\dtshl64.dll [2024-02-28] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
ContextMenuHandlers2: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2024-04-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2024-03-12] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers2: [OODIDismount] -> {BF5F9978-5B95-4F2E-BB19-5D95234187EE} => C:\Program Files\OO Software\DiskImage\oodishd.dll [2023-11-17] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers2: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-04-22] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [DaemonShellExtImageUltra] -> {B5EBA666-2B94-4C7A-9CAA-A4539F329646} => C:\Program Files\DAEMON Tools Ultra\dtshl64.dll [2024-02-28] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
ContextMenuHandlers3: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2024-04-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [FileMenuTools] -> {C1B2C38F-3DCA-4E3D-BC34-D5B87B636543} => C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools64.dll [2024-03-09] (RUBEN LOPEZ HERNANDEZ -> LopeSoft)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-28] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2024-04-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2024-03-30] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2022-09-23] (Poikosoft -> Poikosoft)
ContextMenuHandlers4: [FileMenuTools] -> {C1B2C38F-3DCA-4E3D-BC34-D5B87B636543} => C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools64.dll [2024-03-09] (RUBEN LOPEZ HERNANDEZ -> LopeSoft)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-02-28] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers4: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.070.0407.0003\FileSyncShell64.dll [2024-04-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [FileMenuTools] -> {C1B2C38F-3DCA-4E3D-BC34-D5B87B636543} => C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools64.dll [2024-03-09] (RUBEN LOPEZ HERNANDEZ -> LopeSoft)
ContextMenuHandlers5: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2024-04-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-02-28] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [FileMenuTools] -> {C1B2C38F-3DCA-4E3D-BC34-D5B87B636543} => C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools64.dll [2024-03-09] (RUBEN LOPEZ HERNANDEZ -> LopeSoft)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-28] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2024-03-12] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2022-04-04] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\ghost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

cosinus 29.04.2024 10:07
Störende, veraltete oder unnötige Programme deinstallieren

Bitte über Programme und Features (appwiz.cpl) deinstallieren:
  • alles von Avira
  • CCleaner
  • DAEMON Tools Ultra
  • Wise Care 365
  • Wise Program Uninstaller

Ghost_Induct 29.04.2024 10:07
Zitat:
Zitat von cosinus (Beitrag 1781292)
Störende, veraltete oder unnötige Programme deinstallieren

Bitte über Programme und Features (appwiz.cpl) deinstallieren:
  • alles von Avira
  • CCleaner
  • DAEMON Tools Ultra
  • Wise Care 365
  • Wise Program Uninstaller
Ist erledigt!
Darf ich vorab fragen warum?

cosinus 29.04.2024 10:20
Weil das völlig überflüssige und tw. kontraprodukive Programme sind.

adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner bitte wiederholen falls es Funde gab.

Ghost_Induct 29.04.2024 10:32
So scan abgeschlossen. Das ist nur Lenovo. Wenn ich die Lösche gehen wohl einige Programme nicht mehr oder?


Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build:    03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    04-29-2024
# Duration: 00:00:08
# OS:      Windows 11 (Build 22631.3527)
# Scanned:  32108
# Detected: 7


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoIMController  Folder  C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController  Folder  C:\Users\ghost\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController  Folder  C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController  Folder  C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Preinstalled.LenovoServiceBridge  Folder  C:\Users\ghost\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Preinstalled.LenovoServiceBridge  Registry  HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1


AdwCleaner_Debug.log - [2935 octets] - [29/04/2024 00:05:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Übrigens.... ich habe mal die RDP ausgeschaltet seitdem kommen in Malwarebytes keine dieser Meldungen.

Und noch etwas wichtiges ....Auf meinem NAS QNAP TS-464 habe ich auch diese eingehenden Zugriffe die aber nicht durch kommen.

Hier die Log von QuFirewall:

Code:
Deny amount=17,"Interface=All","Ports=","Protocol=Any","Source_IP=Any","Location=","Permission=Deny","Time=1714381200","date=2024-04-29 11:00:00"
Deny amount=13,"Interface=All","Ports=","Protocol=Any","Source_IP=Any","Location=","Permission=Deny","Time=1714377600","date=2024-04-29 10:00:00"
Deny amount=59,"Interface=All","Ports=","Protocol=Any","Source_IP=Any","Location=","Permission=Deny","Time=1714377600","date=2024-04-29 10:00:00"
Deny amount=78,"Interface=All","Ports=","Protocol=Any","Source_IP=Any","Location=","Permission=Deny","Time=1714374000","date=2024-04-29 09:00:00"
Deny amount=12,"Interface=All","Ports=","Protocol=Any","Source_IP=Any","Location=","Permission=Deny","Time=1714374000","date=2024-04-29 09:00:00"
Deny amount=10,"Interface=All","Ports=","Protocol=Any","Source_IP=Any","Location=","Permission=Deny","Time=1714370400","date=2024-04-29 08:00:00"

cosinus 29.04.2024 10:55
Zitat:
ich habe mal die RDP ausgeschaltet
Was bitte verstehst du unter "RDP ausschalten"? Was genau hast du da gemacht, so ist das viel zu unkonkret.

Ghost_Induct 29.04.2024 10:58
Zitat:
Zitat von cosinus (Beitrag 1781301)
Was bitte verstehst du unter "RDP ausschalten"? Was genau hast du da gemacht, so ist das viel zu unkonkret.
Remote Desktop (RDP) sry... :heulen: unter Einstellungen/Remotedesktop auf aus gestellt.

cosinus 29.04.2024 11:02
Du hast ernsthaft den RDP-Port 3389 frei aus dem Internet offen und wunderst dich dann, dass welche versuchen, sich zu verbinden?! :wtf:

Das passiert auch nicht mal eben so aus versehen, weil man schon im Router eine Portweiterleitung einrichten muss!

Ghost_Induct 29.04.2024 11:24
Zitat:
Zitat von cosinus (Beitrag 1781303)
Du hast ernsthaft den RDP-Port 3389 frei aus dem Internet offen und wunderst dich dann, dass welche versuchen, sich zu verbinden?! :wtf:

Das passiert auch nicht mal eben so aus versehen, weil man schon im Router eine Portweiterleitung einrichten muss!
Sollte ich dann für alle Geräte in der FritzBox die selbstständige Portfreigabe löschen?



Edit:

Keine Portfreigaben mehr....alles entfernt und die selbstständigen Portfreigaben für die jeweiligen Geräte deaktiviert.

cosinus 29.04.2024 11:29
Zitat:
Was ist dann bspw mit Plex?
Woher soll ich denn das wissen? Muss ich jede Software kennen und was du damit machen willst? :wtf:

Jedenfalls hattest du das Tor selbst aufgerissen, nix Malware. Wenn man so einen allgemein bekannten und oft angegriffenen Port 3389 für RDP für das gesamte Internet freigibt, muss man sich nun wirklich nicht wundern, dass da auch irgendwelche Bots versuchen da einzudringen. Ich verschiebe nach Diskussion. :kaffee:


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:18 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131