| Gulliver77 | 21.04.2025 08:30 |
Windows 10: Umleitung bei Suche im Edge
Hallo zusammen,
als ich heute in Edge etwas suchen wollte, bin ich ungewollt auf eine unbekannte Suchmaschine umgeleitet worden. Scheinbar habe ich mir etwas eingefangen, aber ich weiß nicht, wobei.
Falls Ihr Euch das anschauen könntet, wäre ich sehr dankbar!
Viele Grüße
Daniel
P.S.: Beitrag ist zu lang, die Addition.txt poste ich, wenn der Beitrag gesehen wurde.
Hier die FRST.txt: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2025
durchgeführt von danie (Administrator) auf DANIEL-G-ASUS (ASUS System Product Name) (21-04-2025 09:10:39)
Gestartet von C:\Users\danie\Desktop\FRST64.exe
Geladene Profile: danie & UIFlowService
Plattform: Microsoft Windows 10 Pro for Workstations Version 22H2 19045.5737 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\Jabra\Direct6\jabra-direct.exe ->) (GN Audio A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct6\SoftphoneIntegrations.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\106.0.4.0\crashpad_handler.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.73\msedgewebview2.exe <13>
(C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AI\ai.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cmd.exe ->) (Agilebits -> AgileBits, Inc.) C:\Users\danie\AppData\Local\1Password\app\8\1Password-BrowserSupport.exe
(cmd.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Power Automate Desktop\PAD.BrowserNativeMessageHost.exe
(explorer.exe ->) () [Datei ist nicht signiert] D:\xampp\xampp-control.exe
(explorer.exe ->) (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.NE.exe
(explorer.exe ->) (Agilebits -> 1Password) C:\Users\danie\AppData\Local\1Password\app\8\1Password.exe <5>
(explorer.exe ->) (Compu Köln Dokument Management GmbH -> CompuKöln Dokument Management GmbH) C:\Program Files\CompuKöln Dokument Management GmbH\CompuSME\CompuDMS.exe <2>
(explorer.exe ->) (GN Audio A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct6\jabra-direct.exe <4>
(explorer.exe ->) (Google LLC -> Google LLC.) C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (IDRIX SARL -> IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE <2>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Power Automate Desktop\PAD.Console.Host.exe
(Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
(Learnpulse SAS -> Learnpulse) C:\Users\danie\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <18>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.056.0324.0003\Microsoft.SharePoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(Microsoft Corporation -> Microsoft) C:\Users\danie\AppData\Local\Microsoft\On-premises data gateway (personal mode)\Microsoft.PowerBI.DataMovement.PersonalGateway.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) C:\Program Files\2BrightSparks\SyncBackPro\SchedulesMonitor.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.32\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(services.exe ->) (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Geek Software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\API Service\Lexware.Faktura.Api.HotChocolateHost.exe
(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\internal API Service\Lexware.Faktura.Api.InternalApi.exe
(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\WebApps Service\Lexware.Faktura.WebApps.WebAppsHost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.LauncherService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.LogShipper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.UpdateService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Power Automate Desktop\UIFlowService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe
(services.exe ->) (NAVIMATICS LLC -> Navimatics LLC) C:\Program Files (x86)\WinFsp\SxS\sxs.20240621T172454Z\bin\launcher-x64.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Open Text Corporation -> MailStore Software GmbH) C:\Program Files (x86)\MailStore\MailStore Server\MailStoreServer_x64.exe
(services.exe ->) (Sony Imaging Products & Solutions Inc. -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(services.exe ->) (WireGuard LLC -> WireGuard LLC) C:\Program Files\WireGuard\wireguard.exe <2>
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2502.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2514.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(svchost.exe ->) (E3B702FF-0072-4BD3-ABA0-48E25130F000 -> ) C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.67.0_x64__xns73kv1ymhp2\AudibleRT.WindowsPhone.exe
(svchost.exe ->) (FOXIT SOFTWARE INC. -> Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\Shell Extensions\FoxitPreviewhost.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\MicrosoftCorporationII.PowerAppsforWindows10_3.25041.4.0_x64__8wekyb3d8bbwe\PowerAppsNative.Generic.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.Todos_2.143.2921.0_x64__8wekyb3d8bbwe\Todo.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1792408 2024-10-18] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [654040 2025-04-10] (Geek Software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [868328 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [414432 2024-10-08] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Haufe.Loge.AutostartLauncher.exe] => C:\Program Files (x86)\Common Files\Lexware\Dll\Haufe.Loge.AutostartLauncher.exe [21872 2025-03-21] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" [87794984 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Keine Datei)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\Installer\setup.exe [7690824 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-04-02] (Google LLC -> Google LLC.)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5013832 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-04-02] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5013832 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5013832 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [Screenpresso] => C:\Users\danie\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [20305408 2025-03-23] (Learnpulse SAS -> Learnpulse)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [1Password] => C:\Users\danie\AppData\Local\1Password\app\8\1Password.exe [190596448 2025-04-09] (Agilebits -> 1Password)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [Zoom] => C:\Users\danie\AppData\Roaming\Zoom\bin\Zoom.exe [434488 2025-03-07] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [MicrosoftEdgeAutoLaunch_E0359248083FDB44B7852C7D3585D0D2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4419624 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\danie\AppData\Local\Microsoft\Teams\Update.exe [2589552 2023-09-30] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-04-02] (Google LLC -> Google LLC.)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\Microsoft.SharePoint.exe [1031976 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [PowerAutomate] => C:\Program Files (x86)\Power Automate Desktop\PAD.Console.Host.exe [485824 2023-12-20] (Microsoft Corporation -> Microsoft)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\danie\AppData\Local\Programs\Canva\Canva.exe [186629248 2024-11-12] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct6\jabra-direct.exe [153972472 2025-01-17] (GN Audio A/S -> GN Audio A/S)
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\MountPoints2: {4b7d3868-7437-11eb-9df9-f02f74300e86} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\...\MountPoints2: {80bf366c-0b59-11ed-9e5a-00e04cb4db03} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-80-3017052307-2994996872-1615411526-3164924635-3391446484\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-04-02] (Google LLC -> Google LLC.)
HKU\S-1-5-80-3017052307-2994996872-1615411526-3164924635-3391446484\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5013832 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\106.0.4.0\GoogleDriveFS.exe [65444448 2025-04-02] (Google LLC -> Google LLC.)
HKLM\...\Windows x64\Print Processors\hpcpp120: C:\Windows\System32\spool\prtprocs\x64\hpcpp120.DLL [342016 2012-01-27] (Hewlett-Packard Corporation) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.96\Installer\chrmstp.exe [2025-04-18] (Google LLC -> Google LLC)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2025-04-14]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\On-premises data gateway (personal mode).lnk [2024-02-15]
ShortcutTarget: On-premises data gateway (personal mode).lnk -> C:\Users\danie\AppData\Roaming\Microsoft\Installer\{B96BE8F1-D620-45B9-8735-5D79F17BBEEA}\gatewayicon.exe (Microsoft Corporation -> Microsoft)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SyncBackPro.exe - Verknüpfung.lnk [2021-02-21]
ShortcutTarget: SyncBackPro.exe - Verknüpfung.lnk -> C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-02-20]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume14autocheck autochk /m /P \Device\HarddiskVolume17autocheck autochk /m /P \Device\HarddiskVolume19autocheck autochk *
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {A9057CDE-23B4-4597-B9C7-DE67C4BF16F3} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\Daniel Cloud Backup => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Daniel Cloud Backup"
Task: {CF786753-359E-42B3-B673-0FF2CAA8A485} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\Gewerbe Cloud Backup => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Gewerbe Cloud Backup"
Task: {8738DE28-7DC1-4245-89C0-1C6FF0319E80} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\Lexware Ordner auf NAS => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Lexware Ordner auf NAS"
Task: {5175B474-173C-48C2-AEDB-9049F23AC91C} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Ausgangsrechnungen auf lokal => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Ausgangsrechnungen auf lokal"
Task: {51B00875-2096-4127-8427-AB8B6A4704B3} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Daniel auf OneDrive => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Daniel auf OneDrive"
Task: {D913F9B0-8661-459A-B823-EB672C955457} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro DMS Gewerbe auf One Drive encrypted => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "DMS Gewerbe auf One Drive encrypted"
Task: {7F528239-15E1-4D0B-A9A5-E81C795A2E40} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro DMS privat auf One Drive encrypted => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "DMS privat auf One Drive encrypted"
Task: {57866004-BCF6-4900-9479-998497975EED} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro DMS Server Backup => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "DMS Server Backup"
Task: {B0494485-691C-46FC-8BEA-47CCA1F1881C} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro facebook Bilder auf One Drive => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "facebook Bilder auf One Drive"
Task: {02C4AC23-2691-4EBE-8193-48E79613E157} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Fotos auf One Drive => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Fotos auf One Drive"
Task: {0321FCF5-1C14-4313-B5FD-945FBC5BAA8E} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Logo auf One Drive => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Logo auf One Drive"
Task: {704188F4-C0D3-45EF-B4CA-EA16B7FA549A} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Shop Datenbank auf NAS => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Datenbanken Site und Shop auf NAS"
Task: {40BFB1EF-9AFB-4151-AD7B-DFB1810EE543} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Shop Web auf NAS => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Shop Web auf NAS"
Task: {24685410-0BF0-4725-BE06-86BD9D3B8160} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Sony Kamera auf One Drive => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Sony Kamera auf One Drive"
Task: {71F46DFC-F0EF-47EA-8514-5E9C2B2B950C} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Spiegelung Gewerbe auf Business OneDrive => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Spiegelung Gewerbe auf Business OneDrive"
Task: {AF34ED4B-CDDA-47B5-9E5F-0AE3456A7323} - System32\Tasks\2BrightSparks\SyncBackProx64\DANIEL-G-ASUS-danie\SyncBackPro Website Backup auf NAS => C:\Program Files\2BrightSparks\SyncBackPro\SyncBackPro.exe [185163208 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) -> C:\Program Files\2BrightSparks\SyncBackPro\-m "Website Backup auf NAS"
Task: {973F0BA7-2057-4827-8B63-B145F51F4A77} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Keine Datei)
Task: {941E7B7D-C54B-4FC3-B503-A542FE5A19AC} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (Keine Datei)
Task: {30DE7B58-7F6B-42D6-AC96-D9257DCD9B26} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2025488 2021-01-22] (ASUSTeK Computer Inc. -> ASUS)
Task: {FA3C23A9-2B0D-4BD6-B315-458D3C753C96} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d70752ec7682d0 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-02-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {ABDB82B2-0BC1-4653-9217-E8FB8CD8712D} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-02-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {2CA4A9B2-83AF-4B6D-8BEB-9F880BCF5113} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [45540760 2021-01-13] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {230411DA-B163-4CFA-9DE1-7914B60F28DD} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei)
Task: {6129F1D3-9FA9-48A8-AB0F-3A210F636D2D} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{EB26BFAF-BA7F-40BD-B744-B123DB97C035} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {5C2D41AD-A0F6-41A2-B963-102779D7BBF7} - System32\Tasks\Lexware Datensynchronisation_DANIEL-G-ASUS_danie => C:\Program Files (x86)\Lexware\professional\2024\Lexware.Faktura.Datensynchronisation.exe (Keine Datei)
Task: {75279E9D-5C64-435F-A157-7996DE0A1073} - System32\Tasks\LexwareAppSysOpt => C:\Program Files (x86)\Lexware\professional\2025\Haufe.Components.LxAppSysOpt.exe [38248 2024-12-12] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
Task: {F184BC98-8165-49A4-A538-879086D9C317} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EE4CBA6-9DA5-4ACE-AAF9-0AC8CBDC61D2} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9F508CF-365F-4DED-9FC4-1E5EAF431FDD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F566C44-FCC5-4A36-9144-FF0E57BE9A34} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [68328 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BBF2E36-31F0-4D76-BD03-67D92E054720} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {0B31B9AB-4C94-4F91-AE2C-078FE197D6FC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {3FDE3A0C-8672-4591-AB2A-BDAF47545C8A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B841D55-1727-42D7-8A9E-9024FB1A5E4F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [204400 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {811F499B-7F47-4154-8221-4B50801C8E2C} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4536760 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {05610FA1-B147-42BB-867B-48BCE93A46CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1EDA9643-59FA-44D4-91B7-2DF3E69E4987} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51334C4F-1274-4BEC-8636-F37B875D7C80} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7C638B85-AA96-45B5-A85E-8005B8E1C25B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AEB51FA5-7265-4F0D-9280-D5BD21A62E06} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {554B6514-022C-45CE-96A1-5D2A1EFFB5E0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA2B41EC-E4BD-47EC-9403-34814DE87355} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2335600 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {3D8A420B-DB47-4B62-9797-7D97E156CDED} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\CEIP.exe [32632 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {FFD174A5-637E-4F2E-93E5-0F7CB30D0DBD} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0179C23-08A7-4F6A-BBD2-D1C800A03CF8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {224CC6A8-156C-4F37-9B47-4F94BEE12DBD} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-04-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {CD769156-A117-4483-98C4-C0B21BC751E5} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2782327805-1913230689-3329431176-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-04-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {313BF36C-74EB-494E-9891-1E50BAD3C843} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-04-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {3CDD1788-2B58-4297-85EC-427C8A86875E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {17D44A42-52F8-4B83-B938-2597E8BF4877} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50AC65C2-D4CB-471D-BD09-8A6CF281C52A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {F0872436-BCC0-4268-A9AD-E9DAD87B05E8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {381EBDB8-D2DA-409B-A097-51B48A567226} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EF70EC72-95B6-43C6-B716-6089CBE16106} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50A93B24-1DD4-4637-8479-71A54B945E70} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {532F2B14-6F80-4B6C-9B4E-0AFF4E8AEA0A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB27FAFF-688E-44BB-921C-07BBC225EC2C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0013EA0F-3E00-40F4-97D3-715D6B623806} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223832 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {F33E1033-CCF4-4805-BE15-8AAE344061F9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2782327805-1913230689-3329431176-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223832 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C16476C9-3558-4419-941A-562C31160123} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2782327805-1913230689-3329431176-1001 => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\OneDriveLauncher.exe [676680 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {ECF0A55C-872B-4401-9A08-09CF8C66FE2D} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2782327805-1913230689-3329431176-1001 => C:\Users\danie\AppData\Roaming\Zoom\bin\Zoom.exe [434488 2025-03-07] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{2bf19533-b5bf-4791-95db-88d8f7e8724d}: [NameServer] 192.168.178.1
Tcpip\..\Interfaces\{309d5d73-737b-4ccf-a8bb-28bbe2c6d3f1}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{309d5d73-737b-4ccf-a8bb-28bbe2c6d3f1}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{f608156c-5946-4206-a989-ce12309293ae}\14E64627F696461405: [DhcpNameServer] 192.168.36.63
Tcpip\..\Interfaces\{f608156c-5946-4206-a989-ce12309293ae}\64259445A51224F687026353931302341626C656023444: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{f608156c-5946-4206-a989-ce12309293ae}\64259445A51224F687026353931302341626C656023444: [DhcpDomain] fritz.box
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-21]
Edge Notifications: Default -> hxxps://www.facebook.com; hxxps://www.panerai.com
Edge Extension: (ColorZilla) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2024-06-11]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (DuckDuckGo) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caoacbimdbbljakfhgikoodekdnlcgpk [2025-04-09]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (lock) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dppgmdbiimibapkepcbdbmkaabgiofem [2025-04-21]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (MyJDownloader Browser Erweiterung) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2023-01-15]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Ghostery Tracker- & Werbeblocker | Datenschutz AdBlocker) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2025-04-21]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (NordVPN - the Fastest VPN proxy for privacy) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fphgeikpdcdcheaochkhldmnfblfogla [2025-03-30]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-09]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (True Key™ by McAfee) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gnnbmcifkkjgjdbkilfglpdpmidkgefn [2024-07-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (ScriptBlock) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hcdjknjpbnhdoabbngpmfekaecnpajba [2021-02-21]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (MyJDownloader Browser Erweiterung) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ieapabanbplofifeaapjocpaogdhncdd [2021-07-04]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Edge relevant text changes) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Microsoft Power Automate) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kagpabjoboikccfdghpdlaaopmgpgfdc [2025-03-22]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Tag Assistant) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2025-04-21]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2025-04-21]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Total Script Blocker) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oakdjiehbhihbklollmmmkhfilbklgkf [2023-01-15]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Smart Color Picker Eyedropper) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ochgakkmfibnneodjiehdpgdimcondao [2025-04-21]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (uBlock Origin) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2025-01-04]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (OneNote Web Clipper) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oogbnpmeihfgnccdnmmlgicknopghhma [2025-04-15]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Live color picker) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pkdpnbbbflbafkdifkgpifolofjhdeca [2024-03-28]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [kagpabjoboikccfdghpdlaaopmgpgfdc]
FireFox:
========
FF DefaultProfile: ks8urf0i.default
FF ProfilePath: C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\ks8urf0i.default [2024-07-09]
FF ProfilePath: C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\7lqen0pg.default-release [2024-10-31]
FF Extension: (True Key™ by McAfee) - C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\7lqen0pg.default-release\Extensions\@true-key.xpi [2023-01-21] [UpdateUrl:hxxps://downloads.truekey.com/firefox/update.json]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-12-23] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-04-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2025-04-19]
CHR Extension: (lock) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2025-04-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (ColorZilla) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2024-05-29]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (DuckDuckGo) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2025-04-11]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (uBlock Origin) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2025-03-22]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (change-language) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2025-04-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (True Key™ by McAfee) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpaibbcbodhimfnjnakiidgbpiehfgci [2024-08-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (MyJDownloader Browser Erweiterung) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-06-28]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2025-04-05]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (ScriptBlock) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcdjknjpbnhdoabbngpmfekaecnpajba [2021-02-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Audio Verbinden) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihiafjkopgiakbmihgoieodihjcblfbk [2021-02-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Tag Assistant) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2025-04-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Microsoft Power Automate) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljglajjnnkapghbckkcmodicjhacbfhk [2025-03-22]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2025-04-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Ghostery Tracker- & Werbeblocker | Datenschutz AdBlocker) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2025-04-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Video Cutter) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nodkcjollmmjidmcnhloaoahmciabnai [2021-02-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Audio Cutter) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimnkafgoiilijmlbnfoafihjjijbfp [2021-02-20]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-03-26]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-04-12]
CHR Extension: (lock) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2025-04-04]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Microsoft Power Automate) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ljglajjnnkapghbckkcmodicjhacbfhk [2025-03-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-12]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\System Profile [2025-04-19]
CHR HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljglajjnnkapghbckkcmodicjhacbfhk]
CHR HKU\S-1-5-21-2782327805-1913230689-3329431176-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S4 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3910472 2024-02-07] (AnyDesk Software GmbH -> AnyDesk Software GmbH)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [382112 2022-08-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.32\atkexComSvc.exe [907112 2023-12-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-02-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2022-08-18] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2023-12-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-02-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [838760 2025-04-09] (ASUSTeK Computer Inc. -> )
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13862104 2025-04-09] (Microsoft Corporation -> Microsoft Corporation)
S4 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [5751024 2022-03-30] (devolo AG -> devolo AG)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-06-03] (Bayerisches Landesamt fuer Steuern -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncHelper.exe [3545416 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-09-08] (HP Inc. -> HP Inc.)
S4 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] (Shrew Soft Inc -> )
S4 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] (Shrew Soft Inc -> )
R2 Lexware API Service; C:\Program Files (x86)\Lexware\API Service\Lexware.Faktura.Api.HotChocolateHost.exe [172842656 2025-03-26] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
R2 Lexware internal API Service; C:\Program Files (x86)\Lexware\internal API Service\Lexware.Faktura.Api.InternalApi.exe [174960 2025-03-26] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
R2 Lexware WebApps Service; C:\Program Files (x86)\Lexware\WebApps Service\Lexware.Faktura.WebApps.WebAppsHost.exe [93088888 2025-03-26] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [85728 2024-10-07] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4799336 2023-09-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MailStoreServer; C:\Program Files (x86)\MailStore\MailStore Server\MailStoreServer_x64.exe [492032 2025-03-13] (Open Text Corporation -> MailStore Software GmbH)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [320088 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-12-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.056.0324.0003\OneDriveUpdaterService.exe [3892568 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [654040 2025-04-10] (Geek Software GmbH -> geek software GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [493544 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2025-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SonosLibraryService; C:\Program Files (x86)\SonosV2\SonosLibraryService.exe [27648 2023-09-12] () [Datei ist nicht signiert]
R2 SyncBackProSchedulesMonitor; C:\Program Files\2BrightSparks\SyncBackPro\SchedulesMonitor.exe [5567720 2025-03-11] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd)
S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16463160 2022-11-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UIFlowAgentLauncherService; C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.LauncherService.exe [30240 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 UIFlowLogShipper; C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.LogShipper.exe [26656 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 UIFlowService; C:\Program Files (x86)\Power Automate Desktop\UIFlowService.exe [46624 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 UIFlowUpdateService; C:\Program Files (x86)\Power Automate Desktop\Microsoft.Flow.RPA.UpdateService.exe [43040 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [42560 2024-12-21] (Microsoft Corporation -> Microsoft)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinFsp.Launcher; C:\Program Files (x86)\WinFsp\SxS\sxs.20240621T172454Z\bin\launcher-x64.exe [34592 2023-03-16] (NAVIMATICS LLC -> Navimatics LLC)
R2 WireGuardManager; C:\Program Files\WireGuard\wireguard.exe [8185648 2021-12-22] (WireGuard LLC -> WireGuard LLC)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43168 2022-08-18] (ASUSTeK Computer Inc. -> )
R1 avm_nwim; C:\Windows\system32\DRIVERS\avmnwim.sys [396088 2017-03-17] (WDKTestCert shuebner,130916460956458304 -> AVM)
S3 BrSerIb; C:\Windows\system32\DRIVERS\BrSerIb.sys [95344 2014-06-06] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\Windows\system32\DRIVERS\BrUsbSIb.sys [21872 2014-06-06] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 dokan1; C:\Windows\System32\DRIVERS\dokan1.sys [385528 2021-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Dokan Project)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 NDivert; C:\Program Files\NordVPN\7.32.5.0\Drivers\NDivert.sys [131472 2024-10-31] (nordvpn s.a. -> Nordvpn S.A.)
R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [44928 2024-05-29] (nordvpn s.a. -> TEFINCOM S.A.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [36496 2022-03-30] (devolo AG -> Riverbed Technology, Inc.)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 ovpn-dco; C:\Windows\System32\drivers\ovpn-dco.sys [91584 2024-06-05] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [41120 2024-08-29] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2021-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [817672 2025-03-02] (Microsoft Windows Hardware Compatibility Publisher -> IDRIX)
R1 vflt; C:\Windows\system32\DRIVERS\vfilter.sys [24064 2013-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S3 vnet; C:\Windows\System32\drivers\virtualnet.sys [17408 2013-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20016 2025-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [605576 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 WinFsp+20240621T172454Z; C:\Program Files (x86)\WinFsp\SxS\sxs.20240621T172454Z\bin\winfsp-x64.sys [168512 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Navimatics LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2023-09-23] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-04-21 09:10 - 2025-04-21 09:11 - 000066414 _____ C:\Users\danie\Desktop\FRST.txt
2025-04-21 09:10 - 2025-04-21 09:11 - 000000000 ____D C:\FRST
2025-04-21 09:08 - 2025-04-21 09:09 - 002404864 _____ (Farbar) C:\Users\danie\Desktop\FRST64.exe
2025-04-15 21:31 - 2025-04-15 21:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-04-15 11:35 - 2025-04-15 11:35 - 000002221 _____ C:\Users\Public\Desktop\COM Vibilia beSt.lnk
2025-04-15 11:35 - 2025-04-15 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COM Vibilia beSt
2025-04-15 11:35 - 2025-04-15 11:35 - 000000000 ____D C:\Program Files\Governikus KG
2025-04-15 11:28 - 2025-04-15 11:28 - 000001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp.lnk
2025-04-15 11:28 - 2025-04-15 11:28 - 000001045 _____ C:\Users\Public\Desktop\AusweisApp.lnk
2025-04-12 18:10 - 2025-04-12 18:10 - 000001667 _____ C:\Users\Public\Desktop\PDF24 Toolbox.lnk
2025-04-12 18:10 - 2025-04-12 18:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2025-04-12 18:10 - 2025-04-12 18:10 - 000000000 ____D C:\Program Files\PDF24
2025-04-10 13:36 - 2025-04-10 13:36 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2025-04-10 13:36 - 2025-04-10 13:36 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2025-04-09 08:44 - 2025-04-09 08:44 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-04-09 08:38 - 2025-04-09 08:38 - 000000000 ____D C:\inetpub
2025-04-09 08:11 - 2025-04-09 08:11 - 000000000 ___HD C:\$WinREAgent
2025-04-08 16:34 - 2025-04-08 16:34 - 000000001 ____R C:\Users\danie\serverport
2025-04-08 16:34 - 2025-04-08 16:34 - 000000000 ____D C:\Users\danie\.jivex
2025-04-02 19:30 - 2025-04-02 19:30 - 000001384 _____ C:\Users\Public\Desktop\MailStore Client.lnk
2025-04-02 19:30 - 2025-04-02 19:30 - 000001343 _____ C:\Users\Public\Desktop\Konfiguration des MailStore Server-Dienstes.lnk
2025-04-02 19:30 - 2025-04-02 19:30 - 000001071 _____ C:\Users\Public\Desktop\MailStore Client auf weiteren Rechnern installieren.lnk
2025-04-02 19:30 - 2025-04-02 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MailStore Server
2025-03-30 16:56 - 2025-03-30 16:56 - 000002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung Steuerjahr 2024.lnk
2025-03-30 16:56 - 2025-03-30 16:56 - 000002211 _____ C:\Users\Public\Desktop\SteuerSparErklärung Steuerjahr 2024.lnk
2025-03-30 16:56 - 2025-03-30 16:56 - 000002183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuerwissen 2024-2025.lnk
2025-03-30 16:56 - 2025-03-30 16:56 - 000002171 _____ C:\Users\Public\Desktop\Steuerwissen 2024-2025.lnk
2025-03-30 16:56 - 2025-03-30 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung Steuerjahr 2024
2025-03-30 16:55 - 2025-03-30 16:55 - 000000000 ____D C:\Program Files\Steuertipps
2025-03-26 22:07 - 2025-03-26 22:07 - 000339824 _____ C:\Windows\SysWOW64\LxDNT122.dll
2025-03-26 22:07 - 2025-03-26 22:07 - 000247656 _____ C:\Windows\SysWOW64\LXPrnUtil10.dll
2025-03-26 22:07 - 2025-03-26 22:07 - 000172392 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxReportManage.ocx
2025-03-26 22:07 - 2025-03-26 22:07 - 000148328 _____ C:\Windows\SysWOW64\LxDNTvmc122.dll
2025-03-26 22:07 - 2025-03-26 22:07 - 000082800 _____ C:\Windows\SysWOW64\LxDNTvm122.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 005001064 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxXtreme130.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 001259880 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxTool250.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 000218992 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxBasics250.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 000131952 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxMail200.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 000095592 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxPXTree250.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 000095080 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxCI20.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 000081768 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LXCurr210.dll
2025-03-26 19:57 - 2025-03-26 19:57 - 000055656 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxTPSW210.dll
2025-03-26 18:34 - 2025-03-26 18:34 - 000121192 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxUISettingsN250.dll
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-04-21 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-21 08:59 - 2024-07-07 21:18 - 000000000 ____D C:\Users\danie\AppData\Roaming\Jabra Direct
2025-04-21 08:56 - 2021-02-20 08:13 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-04-21 08:44 - 2021-02-20 08:31 - 000000000 ___SD C:\Users\danie\AppData\Roaming\Microsoft\Credentials
2025-04-21 06:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2025-04-21 04:45 - 2021-12-15 02:27 - 000000000 ____D C:\Windows\SystemTemp
2025-04-21 00:00 - 2024-11-09 20:08 - 003763766 _____ C:\nlog-internal.txt
2025-04-20 22:15 - 2021-10-16 14:22 - 000000000 ____D C:\ProgramData\firebird
2025-04-20 20:19 - 2021-02-20 12:31 - 000000000 ____D C:\Users\danie\AppData\Roaming\Microsoft\Excel
2025-04-20 12:25 - 2021-02-20 08:13 - 000000000 ____D C:\ProgramData\NVIDIA
2025-04-20 12:06 - 2021-02-20 08:39 - 000000000 ____D C:\Program Files\ASUS
2025-04-20 08:59 - 2021-02-20 11:50 - 000000000 ____D C:\ProgramData\Lexware
2025-04-20 08:58 - 2023-06-06 22:13 - 000004090 _____ C:\Windows\system32\Tasks\LexwareAppSysOpt
2025-04-19 14:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-19 11:52 - 2025-02-06 03:29 - 000003552 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-2782327805-1913230689-3329431176-1001
2025-04-19 11:52 - 2021-12-11 19:00 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2782327805-1913230689-3329431176-1001
2025-04-19 11:52 - 2021-09-08 15:59 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-04-19 11:52 - 2021-06-20 11:00 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-04-19 11:52 - 2021-06-20 11:00 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-19 09:23 - 2021-02-20 08:33 - 000000000 ____D C:\Users\danie\AppData\Local\Packages
2025-04-19 02:38 - 2021-02-20 08:14 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-18 18:28 - 2021-02-20 10:36 - 000015911 _____ C:\Windows\BRRBCOM.INI
2025-04-18 03:18 - 2021-02-20 09:13 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-16 03:17 - 2022-09-25 12:17 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-04-16 03:17 - 2021-04-06 19:36 - 000001025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-04-15 17:51 - 2021-02-20 13:24 - 000000000 ____D C:\Users\danie\AppData\Roaming\vlc
2025-04-15 16:19 - 2022-10-19 15:00 - 000000000 ____D C:\Users\danie\AppData\Local\JDownloader 2.0
2025-04-15 11:28 - 2023-07-03 17:43 - 000000000 ____D C:\Program Files\AusweisApp2
2025-04-15 09:26 - 2021-02-21 15:48 - 000000000 ____D C:\Users\danie\AppData\Local\CrashDumps
2025-04-14 17:15 - 2023-10-05 20:51 - 000000000 ____D C:\Users\danie\AppData\Roaming\1Password
2025-04-12 10:33 - 2019-12-07 16:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2025-04-11 08:42 - 2021-02-27 21:21 - 000000000 ____D C:\Users\danie\AppData\Local\ElevatedDiagnostics
2025-04-10 13:36 - 2021-05-23 11:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2025-04-10 13:36 - 2021-02-20 12:02 - 000000000 ____D C:\Program Files\Microsoft Office
2025-04-10 06:23 - 2021-02-20 08:13 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-04-09 10:17 - 2021-04-06 19:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-04-09 08:49 - 2021-02-20 08:19 - 001717270 _____ C:\Windows\system32\PerfStringBackup.INI
2025-04-09 08:49 - 2019-12-07 16:51 - 000740668 _____ C:\Windows\system32\perfh007.dat
2025-04-09 08:49 - 2019-12-07 16:51 - 000149866 _____ C:\Windows\system32\perfc007.dat
2025-04-09 08:49 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2025-04-09 08:44 - 2024-01-03 10:10 - 000001356 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1Password.lnk
2025-04-09 08:44 - 2021-04-06 21:26 - 000000000 ____D C:\Users\danie\AppData\Local\1Password
2025-04-09 08:44 - 2021-02-20 08:31 - 000000000 ____D C:\Users\danie
2025-04-09 08:42 - 2021-02-20 08:13 - 000838760 _____ C:\Windows\system32\AsusUpdateCheck.exe
2025-04-09 08:42 - 2021-02-20 08:13 - 000568016 _____ C:\Windows\system32\FNTCACHE.DAT
2025-04-09 08:42 - 2021-02-20 08:13 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-04-09 08:41 - 2021-02-20 08:13 - 000877320 _____ C:\Windows\system32\wpbbin.exe
2025-04-09 08:39 - 2019-12-07 11:03 - 001835008 _____ C:\Windows\system32\config\BBI
2025-04-09 08:38 - 2024-06-26 22:53 - 000000000 ____D C:\Windows\system32\compatrel
2025-04-09 08:38 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-04-09 08:38 - 2019-12-07 16:52 - 000000000 ____D C:\Windows\system32\OpenSSH
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2025-04-09 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2025-04-09 08:24 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2025-04-09 08:17 - 2021-02-20 08:17 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-04-09 08:11 - 2021-02-20 08:37 - 000000000 ____D C:\ProgramData\Package Cache
2025-04-08 21:07 - 2024-12-12 14:36 - 000000000 ____D C:\Users\danie\AppData\Local\D3DSCache
2025-04-08 17:15 - 2021-02-20 12:30 - 000000000 ____D C:\Users\danie\AppData\Roaming\Microsoft\Word
2025-04-08 13:01 - 2021-02-20 10:59 - 000000000 ____D C:\Users\danie\AppData\Roaming\FileZilla
2025-04-07 16:55 - 2022-10-18 12:40 - 000000000 ____D C:\Users\danie\AppData\Roaming\Bitwarden
2025-04-07 16:02 - 2021-08-14 23:10 - 000000000 ____D C:\Program Files (x86)\Lexware
2025-04-07 15:59 - 2021-02-20 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2025-04-06 20:10 - 2023-07-03 21:23 - 000000000 ____D C:\Users\danie\AppData\Local\Haufe-Lexware_GmbH_&_Co._
2025-04-06 16:46 - 2023-10-01 10:58 - 000001128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncBackPro.lnk
2025-04-06 16:46 - 2023-10-01 10:58 - 000000906 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncBackPro (Not Elevated).lnk
2025-04-05 22:32 - 2021-02-20 08:14 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-05 22:32 - 2021-02-20 08:14 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-04 09:28 - 2021-02-28 18:40 - 000000128 _____ C:\Users\danie\AppData\Local\PUTTY.RND
2025-04-02 19:31 - 2021-02-20 12:41 - 000000000 ____D C:\Users\danie\AppData\Local\MailStore Client Launcher
2025-04-02 18:13 - 2022-09-23 13:13 - 000002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2025-04-02 18:13 - 2022-09-23 13:13 - 000002008 _____ C:\Users\danie\Desktop\Google Drive.lnk
2025-04-01 15:44 - 2021-02-20 12:17 - 000000000 ____D C:\Users\danie\AppData\Roaming\Microsoft\Outlook
2025-03-30 12:05 - 2021-02-20 12:07 - 000000000 ____D C:\Users\danie\AppData\Roaming\Microsoft\Office
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-09-21 11:19 - 2023-09-21 17:20 - 000000099 _____ () C:\ProgramData\101280_mgr.dat
2022-10-05 09:50 - 2023-11-14 20:30 - 000000128 _____ () C:\Users\danie\AppData\Roaming\PUTTY.RND
2021-02-28 18:40 - 2025-04-04 09:28 - 000000128 _____ () C:\Users\danie\AppData\Local\PUTTY.RND
2022-01-31 12:33 - 2022-01-31 12:33 - 000001662 _____ () C:\Users\danie\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
Lesestoff: