Hallo Matthias
anbei die gewünschten Logs - Benutzernamen wurden anonymisiert
Ich kann nur das Log der FRST.txt posten, das andere ist zu lang.
Ich werde das mal um ua die Installationen von Steam und Firewall kürzen, unter anderem weil das auch mich ggf erkennbar machen würde im heutigen KI Zeitalter, da man die Steamprofile ja abgleichen könnte. Ich hoffe mal das ist OK. Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
durchgeführt von BENUTZER (Administrator) auf NAME (ASUS System Product Name) (21-01-2025 17:36:23)
Gestartet von G:\FRST64.exe
Geladene Profile: BENUTZER & Administrator
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.5371 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: "E:\Firefox\firefox.exe" -osint -url "%1"
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] X:\Razer\DeathAdder\razerhid.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0410212.inf_amd64_daae2c8b5eb35aaa\B409877\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0410212.inf_amd64_daae2c8b5eb35aaa\B409877\atieclxx.exe
(E:\Malwarebytes\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) E:\Malwarebytes\Malwarebytes.exe
(explorer.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(explorer.exe ->) (Azureus Software, Inc. -> Azureus Software, Inc) E:\Azureus\Azureus.exe
(explorer.exe ->) (Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe
(explorer.exe ->) (Logitech -> Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(explorer.exe ->) (Logitech -> Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\BENUTZER\AppData\Local\Programs\signal-desktop\Signal.exe <4>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) Z:\Steam\steam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) E:\Firefox\firefox.exe <28>
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0410212.inf_amd64_daae2c8b5eb35aaa\B409877\atiesrxx.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_815480839574a92b\RstMwService.exe
(services.exe ->) (Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) E:\Malwarebytes\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_05bfde18331c4d58\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) X:\Norton AntiVirus\Engine\22.24.8.36\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) X:\Norton AntiVirus\Engine\22.24.8.36\nsWscSvc.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7f98f584c61c8c61\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) E:\VMware Player\vmware-authd.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Telegram FZ-LLC -> Telegram FZ-LLC) E:\Telegram portable\Telegram.exe
(X:\Razer\DeathAdder\razerhid.exe ->) () [Datei ist nicht signiert] X:\Razer\DeathAdder\vdDaemon.exe
(X:\Razer\DeathAdder\razerhid.exe ->) (Razer Inc.) [Datei ist nicht signiert] X:\Razer\DeathAdder\razerofa.exe
(Z:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) Z:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech -> Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech -> Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech -> Logitech Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [824240 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7f98f584c61c8c61\RtkAudUService64.exe [3379808 2021-11-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [DeathAdder] => X:\Razer\DeathAdder\razerhid.exe [248320 2011-03-21] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695984 2011-03-25] (Brother Industries, Ltd. -> brother)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5052648 2020-03-31] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (Keine Datei)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" [83584528 2025-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [Azureus] => E:\Azureus\Azureus.exe [346568 2012-12-14] (Azureus Software, Inc. -> Azureus Software, Inc)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [88440 2020-01-17] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3527240 2022-03-29] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123172920 2024-12-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [MicrosoftEdgeAutoLaunch_9A85C123E5700B32D929996F59A117BC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3923496 2025-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [org.whispersystems.signal-desktop] => C:\Users\BENUTZER\AppData\Local\Programs\signal-desktop\Signal.exe [189027696 2025-01-15] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Policies\system: [EnableLUA] 1
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Policies\system: [ConsentPromptBehaviorAdmin] 1
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Policies\system: [ConsentPromptBehaviorUser] 1
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Policies\Explorer: [AltTabSettings] 1
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] False
HKU\S-1-5-21-3438649541-831985882-319497044-1008\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5006904 2025-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3438649541-831985882-319497044-1008\...\Policies\system: [EnableLUA] 1
HKU\S-1-5-21-3438649541-831985882-319497044-500\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5006904 2025-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3438649541-831985882-319497044-500\...\Policies\system: [EnableLUA] 1
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3527240 2022-03-29] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\Perfect PDF 10 Premium Print Processor: C:\Windows\System32\spool\prtprocs\x64\sx_p10_p.dll [264136 2021-12-01] (soft Xpansion GmbH & Co.KG -> soft Xpansion)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: c:\windows\system32\AdobePDF.dll [53656 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Auerswald Fax Monitor: c:\windows\auFaxMon.dll [98816 2011-11-03] (Auerswald GmbH & Co.KG) [Datei ist nicht signiert]
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{29447369-6968-4e86-a208-603f6f0771a6}.sdb] -> CVE-2012-1889
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{06b2b7ed-809a-44e6-8538-ca0f5b74ecc4}.sdb] -> CVE-2012-1889
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{f300e352-12de-4e7f-ace3-a376874402b6}.sdb] -> CVE-2012-1889
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{7d32ab1f-1858-4373-a75a-b7cd8feb5d92}.sdb] -> CVE-2012-1889
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{393ffabe-5a1a-43b3-8e03-8f573e1e0d01}.sdb] -> CVE-2012-1889
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{777afb2a-98e5-4f14-b455-378a925cae15}.sdb] -> CVE-2012-4969
HKLM\Software\...\AppCompatFlags\InstalledSDB\{06b2b7ed-809a-44e6-8538-ca0f5b74ecc4}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{06b2b7ed-809a-44e6-8538-ca0f5b74ecc4}.sdb
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\BENUTZER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-05-07]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Keine Datei)
Startup: C:\Users\BENUTZER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OUTLOOK.EXE.lnk [2022-12-18]
ShortcutTarget: OUTLOOK.EXE.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\BENUTZER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2017-06-05]
ShortcutTarget: Telegram.lnk -> E:\Telegram portable\Telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
GroupPolicy: Beschränkung - Edge <==== ACHTUNG
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {F5D6DFD0-2A1A-4787-99E8-7B9792577712} - System32\Tasks\{152388FE-9962-4368-8C21-2E688A0AB6D5} => C:\Windows\System32\pcalua.exe [91136 2024-12-10] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\BENUTZER\jre-8u201-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ACHTUNG
Task: {5FBD523E-F8B3-4493-92B2-408A51E6A806} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {30AB5D08-09E0-4665-886C-3878268E73EC} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1035472 2024-11-28] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {BB92FE95-96B3-4A85-9CA5-324959F8AF35} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5974480 2024-12-10] (Microsoft Windows -> Microsoft Corporation)
Task: {5DC9025E-F2C6-4C63-B86D-5A40CF9DFD3C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28707056 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {622C329F-8909-4FC9-AE02-D01D1B15EFBB} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\opushutil.exe [58600 2025-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {89959EBF-1AD7-4BD6-9BA3-50945D88D735} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28707056 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE8D4D6E-141D-48ED-96F6-8BC44CD422EA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222840 2025-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {2734642B-68CF-4BBD-9B26-D31D7DE0800E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222840 2025-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {50F0751E-104B-400F-9567-F0F14BAEE099} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {152E0F62-4233-4367-BC4E-40C3D8FCCFD5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Keine Datei)
Task: {FC91E9C6-D4AC-4052-BC2A-0B60406D43C9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Keine Datei)
Task: {D713C079-B984-497A-AF75-C68EE889628D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Keine Datei)
Task: {44278EF4-2F00-49AC-A4AD-AE20A76856AC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Keine Datei)
Task: {CCC583C7-3390-4F0E-B1BA-F2FA543C8926} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Keine Datei)
Task: {8BF36CAD-EA88-4C33-9ED9-93DD08C6A33A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Keine Datei)
Task: {FC02EF55-3F59-4597-A724-C0AA1DEDC63D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Keine Datei)
Task: {8F66EC8E-EE68-4ACD-8418-9399A90C5111} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Keine Datei)
Task: {566B38D7-3477-40BE-916E-AF7FF635BD62} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Keine Datei)
Task: {01DB6C72-ADBB-4394-8F9E-F57DC344EDA0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Keine Datei)
Task: {4A8BD7D3-209C-4120-8A9C-003D03438329} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (Keine Datei)
Task: {F0AC49B6-7D00-42EF-ACC1-2AF12A0E4E11} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Keine Datei)
Task: {4C49C5F5-0670-4B5F-B46F-F371064CDC90} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Keine Datei)
Task: {1C156EA6-09AB-4F92-A262-7FCF17204DDC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (Keine Datei)
Task: {DA0DB840-1F51-4AFF-BE4B-75667826B9C1} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Keine Datei)
Task: {ED62AA19-054F-4888-A2A5-32295997D9ED} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Keine Datei)
Task: {7E68B978-0B16-41A5-A7C0-B55EF2634551} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (Keine Datei)
Task: {73A69F11-BE5F-40F2-BFB7-5EB1C8C62610} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Keine Datei)
Task: {5731D8E0-E019-422F-8D70-1DE3F2AC4C93} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Keine Datei)
Task: {230F387B-81E1-4D09-AF73-6B436B88AB7B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Keine Datei)
Task: {CA793920-BCE4-4C9B-A5B9-32389B553F79} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Keine Datei)
Task: {10468C1E-8298-4D4F-8274-2A695FD1DF57} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {0E7BA49B-229E-46F2-90B0-D05F4FD37EEF} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2D3BB063-764B-4D75-A1CB-132DB8E99DC9} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {204F21AF-9306-468D-A61D-6E43B5E5A4A5} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {89D092E6-43A4-4E0F-8CDA-21DB9DB3F307} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {40ACD48D-FE66-4583-AA05-C3482CC08ED2} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1035472 2024-11-28] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {27D97265-AB18-43B4-BF0C-4CEB3589205E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 7E73279DF40A687A => E:\Firefox\default-browser-agent.exe [34368 2025-01-14] (Mozilla Corporation -> Mozilla Foundation) <==== ACHTUNG
Task: {8B0B6FF6-CE57-4EB7-A58A-FBCF07A8768B} - System32\Tasks\Norton AntiVirus\Norton AntiVirus Error Analyzer => X:\Norton AntiVirus\Engine\22.16.0.247\SymErr.exe /analyze (Keine Datei)
Task: {443FF67E-1B06-4A30-ADC2-BBA5A419AC91} - System32\Tasks\Norton AntiVirus\Norton AntiVirus Error Processor => X:\Norton AntiVirus\Engine\22.16.0.247\SymErr.exe /submit (Keine Datei)
Task: {61F892A7-B4B4-4BF0-A199-A927E2EF1EAF} - System32\Tasks\Norton Security\Norton Security Autofix => X:\Norton AntiVirus\Engine\22.24.8.36\symerr.exe [379024 2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {6DDA9114-8624-4276-A577-6DCAA76324CB} - System32\Tasks\Norton Security\Norton Security Error Analyzer => X:\Norton AntiVirus\Engine\22.24.8.36\symerr.exe [379024 2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {77738E82-72B4-4222-8AA8-260D33E75635} - System32\Tasks\Norton Security\Norton Security Error Processor => X:\Norton AntiVirus\Engine\22.24.8.36\symerr.exe [379024 2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {E4BBC5AF-986F-49E7-9C08-04664F7859E5} - System32\Tasks\Norton WSC Integration => X:\Norton AntiVirus\Engine\22.24.8.36\WSCStub.exe [646520 2024-09-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {666D3527-20CC-4E47-9D40-697A7B919D17} - System32\Tasks\Norton\Norton av migration => C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\migration\v28\av_migration_agent.exe [5782632 2024-10-22] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {F2A24D28-01CF-40E3-BA50-5C204F9DF681} - System32\Tasks\NWC => E:\Synchredible\nwc.exe [332288 2014-09-29] () [Datei ist nicht signiert]
Task: {DFF38E93-6AA0-4975-AA9C-F2D4761D3DBE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFDC04AC-72EE-47D2-A74F-DC4735539112} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3438649541-831985882-319497044-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DD6989F-8C99-4DB4-9C73-D44480952066} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3438649541-831985882-319497044-1008 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {E05ADB4C-4A54-4568-9F43-C46654A434D6} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3438649541-831985882-319497044-500 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {65A32A30-5FDB-4E80-985E-00B0C14F2354} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2353000 2024-09-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {C947B0AF-2093-421D-88C1-7E97D15308F3} - System32\Tasks\SamsungMagician => E:\Samsung Magician\Samsung Magician.exe [6206048 2016-05-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics.) -> E:\Samsung Magician\\/AUTOHIDE
Task: {CF070FFA-4510-4FAB-8649-678C2945DD67} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [139472 2024-11-27] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {90F7E06C-FFCA-4D35-A4D1-F6741C2CB770} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [309968 2024-11-27] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {5E6A4980-B42B-4AE3-BD7A-FF482472357B} - System32\Tasks\SystemCMD => D:\leer.bat [80 2016-10-25] () [Datei ist nicht signiert]
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{6004d4e4-b86a-47d8-97e7-9f223b8da6b2}: [NameServer] 192.168.0.250
Tcpip\..\Interfaces\{965e904d-7bcd-4223-b946-100d6a3f3977}: [DhcpNameServer] 0.0.0.0
Edge:
=======
Edge Profile: C:\Users\BENUTZER\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-21]
Edge DownloadDir: Default -> G:\
Edge HomePage: Default -> about:blank
Edge StartupUrls: Default -> "about:blank"
Edge NewTab: Default -> Active:"chrome-extension://fcjdfopidihkoadkgmcbbfgbnncipjpb/index.html"
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (Leere Seite „Neuer Tab“) - C:\Users\BENUTZER\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fcjdfopidihkoadkgmcbbfgbnncipjpb [2021-03-11]
Edge Extension: (Edge relevant text changes) - C:\Users\BENUTZER\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-14]
FireFox:
========
FF DefaultProfile: 4pow2126.default-1422113146786
FF ProfilePath: C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786 [2025-01-21]
FF DownloadDir: G:\
FF Homepage: Mozilla\Firefox\Profiles\4pow2126.default-1422113146786 -> about:blank
FF NetworkProxy: Mozilla\Firefox\Profiles\4pow2126.default-1422113146786 -> ftp", "213.136.94.158"
FF Session Restore: Mozilla\Firefox\Profiles\4pow2126.default-1422113146786 -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\4pow2126.default-1422113146786 ->
FF Extension: (CanvasBlocker) - C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\CanvasBlocker@kkapsner.de.xpi [2025-01-20]
FF Extension: (Ghostery Tracker- & Werbeblocker | Datenschutz AdBlocker) - C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\firefox@ghostery.com.xpi [2024-12-20]
FF Extension: (uMatrix) - C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\uMatrix@raymondhill.net.xpi [2021-09-05]
FF Extension: (Windows Classic) - C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\{47400c69-4f72-4fa7-b67c-55c8d76f226b}.xpi [2021-06-01]
FF Extension: (NoScript) - C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2025-01-20]
FF Extension: (Feedbro) - C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\{a9c2ad37-e940-4892-8dce-cd73c6cbbc0c}.xpi [2024-04-27]
FF Extension: (Video DownloadHelper) - C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-01-20]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-01-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - X:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - X:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2018-12-08] [] [ist nicht signiert]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> X:\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> X:\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> X:\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> X:\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> X:\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> X:\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.) [Datei ist nicht signiert]
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: Adobe Acrobat -> X:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2012-04-04] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3438649541-831985882-319497044-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\BENUTZER\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-07] (Unity Technologies SF -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3438649541-831985882-319497044-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2024-07-23] (Ubisoft Entertainment Sweden AB -> )
StartMenuInternet: FIREFOX.EXE - E:\Firefox\firefox.exe
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - X:\Norton AntiVirus\Engine\22.24.8.36\Exts\Chrome.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - X:\Norton AntiVirus\Engine\22.24.8.36\Exts\Chrome.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10341560 2020-03-31] (Acronis International GmbH -> )
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1254784 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-08] (Adobe Systems) [Datei ist nicht signiert]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
S3 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6383744 2020-04-16] (Acronis International GmbH -> )
S4 APC Data Service; E:\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (American Power Conversion -> Schneider Electric)
S4 APC UPS Service; E:\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (American Power Conversion -> Schneider Electric)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [1157088 2025-01-18] (ASUSTeK COMPUTER INC. -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8930120 2022-02-11] (BattlEye Innovations e.K. -> )
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-08-19] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-08-19] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [839288 2015-08-19] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13572312 2025-01-03] (Microsoft Corporation -> Microsoft Corporation)
S3 DAUpdaterSvc; Y:\Steam_Games_Y\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-03-29] (BioWare -> BioWare)
S3 Disc Soft Lite Bus Service; X:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3663976 2018-03-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-05-19] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-10-12] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncHelper.exe [3530280 2025-01-21] (Microsoft Corporation -> Microsoft Corporation)
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2022-03-28] (FUTUREMARK INC -> Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2368848 2024-12-03] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7627600 2024-12-03] (GOG sp. z o.o -> GOG.com)
S3 HiPatchService; Z:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-03-14] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S3 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [5452688 2018-11-29] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R3 MBAMService; E:\Malwarebytes\MBAMService.exe [9441760 2025-01-20] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; E:\Malwarebytes\MBVpnTunnelService.exe [2788304 2025-01-20] (Malwarebytes Inc. -> Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1918976 2020-03-31] (Acronis International GmbH -> )
S3 NahimicService; C:\Windows\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [309112 2020-01-17] (Locktime Software s.r.o. -> Locktime Software)
R2 NortonSecurity; X:\Norton AntiVirus\Engine\22.24.8.36\NortonSecurity.exe [344888 2024-09-13] (NortonLifeLock Inc. -> NortonLifelock Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4868640 2013-08-25] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 nsWscSvc; X:\Norton AntiVirus\Engine\22.24.8.36\nsWscSvc.exe [1059176 2024-09-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.244.1204.0003\OneDriveUpdaterService.exe [3876392 2025-01-21] (Microsoft Corporation -> Microsoft Corporation)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-06] (Even Balance, Inc. -> )
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [298056 2022-03-29] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; Y:\Rockstar Games\Launcher\RockstarService.exe [4193264 2024-06-16] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533824 2022-02-18] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234824 2021-12-01] (soft Xpansion GmbH & Co.KG -> soft Xpansion)
S4 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7395256 2020-03-31] (Acronis International GmbH -> )
R3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R2 VMAuthdService; E:\VMware Player\vmware-authd.exe [99544 2020-11-11] (VMware, Inc. -> VMware, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 amdfendrmgr; C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_05bfde18331c4d58\amdfendrmgr.sys [36016 2024-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_d4de13a10f2586d0\amdsafd.sys [112952 2024-06-15] (AMD Test Build -> Advanced Micro Devices)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0410212.inf_amd64_daae2c8b5eb35aaa\B409877\amdkmdag.sys [110965144 2024-12-04] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [63008 2024-05-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AVoluteSS3Vad; C:\Windows\System32\drivers\AVoluteSS3Vad.sys [93672 2021-10-14] (A-Volute -> Windows (R) Win 7 DDK provider)
R1 BHDrvx64; X:\Norton AntiVirus\NortonData\22.5.4.24\Definitions\BASHDefs\20250115.001\BHDrvx64.sys [1706496 2024-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-08-19] (Bluestack Systems, Inc. -> BlueStack Systems)
R1 cbfsconnect2017-0; X:\DiskInternals\RaidRecovery\cbfsconnect2017.sys [481296 2020-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1618080.024\ccSetx64.sys [199256 2024-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 CrystalSysInfo; G:\\Software\CrystalCPUID412\SysInfoX64.sys [10240 2005-09-19] () [Datei ist nicht signiert]
S3 DAdderFltr; C:\Windows\system32\drivers\dadder.sys [12032 2010-04-19] (Microsoft Windows Hardware Compatibility Publisher -> Razer (Asia-Pacific) Pte Ltd)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-01-05] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2018-01-05] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R2 ei2c; C:\Windows\system32\drivers\ei2c.sys [20784 2013-08-08] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2022-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2025-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Ext2Fsd; C:\Windows\System32\Drivers\Ext2Fsd.sys [769816 2011-07-09] (Beijing KaiXin ShengZhou Technology Co., Ltd. -> www.ext2fsd.com)
R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [687768 2020-04-16] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [390592 2020-04-16] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 fltsrv; C:\Windows\System32\DRIVERS\fltsrv.sys [182832 2020-04-16] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 HoYoProtect; C:\Windows\system32\HoYoKProtect.sys [3669520 2023-02-21] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_e11257f05c0c2f89\iaLPSS2_GPIO2_ADL.sys [139928 2021-07-29] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_778b19a5f4d49cba\iaLPSS2_I2C_ADL.sys [202896 2021-07-29] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1585856 2021-08-02] (Intel Corporation -> Intel Corporation)
R1 IDSVia64; X:\Norton AntiVirus\NortonData\22.5.4.24\Definitions\IPSDefs\20250117.064\IDSvia64.sys [1565712 2024-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [232024 2025-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2025-01-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [201280 2025-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [80448 2025-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2025-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [189776 2025-01-20] (Malwarebytes Inc. -> Malwarebytes)
R0 nldrv; C:\Windows\System32\drivers\nldrv.sys [181976 2020-01-16] (Locktime Software s.r.o. -> Locktime Software)
S3 nsvst_NGC; C:\Windows\System32\drivers\NGCx64\1618080.024\nsvst.sys [50400 2024-09-13] (Microsoft Windows Hardware Compatibility Publisher -> NortonLifeLock Inc.)
U5 PROCMON20; C:\Windows\System32\Drivers\PROCMON20.sys [60296 2022-03-23] (Sysinternals -> Sysinternals - www.sysinternals.com) [Datei ist nicht signiert]
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [80408 2025-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S4 RivaTuner64; X:\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2012-01-29] (techPowerUp -> )
S4 RTCore64; E:\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0084; C:\Windows\System32\drivers\RzDev_0084.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 Ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [97280 2010-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 SKYNET; C:\Windows\System32\drivers\SkyNET_AMD64.SYS [617048 2010-05-10] (TechniSat Digital S.A. -> TechniSat Digital, S.A.)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [29592 2011-03-18] (Sokno S.R.L. -> Almico Software)
R1 SPVDPort; C:\Windows\System32\drivers\spvdbus.sys [99496 2017-10-11] (SoftPerfect Pty. Ltd. -> )
R2 SPVVEngine; C:\Windows\system32\Drivers\spvve.sys [249920 2019-11-05] (SoftPerfect Pty. Ltd. -> )
R1 SRTSP; C:\Windows\System32\drivers\NGCx64\1618080.024\SRTSP64.SYS [962264 2024-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1618080.024\SRTSPX64.SYS [53968 2024-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SteamStreamingMicrophone; C:\Windows\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
S3 SteamStreamingSpeakers; C:\Windows\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1618080.024\SYMEFASI64.SYS [2181336 2024-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1618080.024\SymELAM.sys [37016 2024-09-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; X:\Norton AntiVirus\NortonData\22.5.4.24\SymPlatform\SymEvnt.sys [934912 2024-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1618080.024\Ironx64.SYS [307912 2024-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1618080.024\symnets.sys [493672 2024-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 tbwkern; C:\Windows\System32\DRIVERS\tbwkern.sys [32848 2011-06-13] (Kensington Computer Products Group -> ) [Datei ist nicht signiert]
S3 tib; C:\Windows\system32\DRIVERS\tib.sys [883256 2020-04-16] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [171968 2020-04-16] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [693768 2020-04-16] (Acronis International GmbH -> Acronis International GmbH)
S4 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation -> Oracle Corporation)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [330176 2020-04-16] (Acronis International GmbH -> Acronis International GmbH)
R3 VKbms; C:\Windows\System32\drivers\VKbms.sys [13312 2010-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R1 vmkbd3; C:\Windows\system32\DRIVERS\vmkbd.sys [52288 2020-11-11] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [66368 2020-11-11] (VMware, Inc. -> VMware, Inc.)
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [243472 2020-04-16] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R3 vpnpbus; C:\Windows\System32\drivers\vpnpbus.sys [20496 2020-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [443664 2022-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1618080.024\wpCtrlDrv.sys [1016792 2024-09-13] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
U3 idsvc; kein ImagePath
S3 NEProtect; \??\T:\SteamLibrary\steamapps\common\Once Human\NEProtect.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-01-21 00:26 - 2025-01-21 00:26 - 000189776 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2025-01-21 00:22 - 2025-01-21 17:27 - 000000000 ____D C:\Users\BENUTZER\AppData\Local\Malwarebytes
2025-01-21 00:21 - 2025-01-21 00:21 - 000000684 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-01-21 00:21 - 2025-01-21 00:21 - 000000684 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-01-20 22:32 - 2025-01-20 22:32 - 000000000 ____D C:\Windows\system32\Tasks\Remediation
2025-01-18 12:35 - 2025-01-18 12:35 - 000000000 ___HD C:\$WinREAgent
2025-01-18 02:39 - 2025-01-18 02:39 - 000000000 ____D C:\Users\BENUTZER\AppData\LocalLow\ChinaChongQingJuXiangStudio
2025-01-15 22:06 - 2025-01-15 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoProc Converter AI
2025-01-14 23:00 - 2025-01-14 23:00 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-01-14 17:31 - 2025-01-21 17:30 - 000003114 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2025-01-14 00:22 - 2025-01-14 00:22 - 000000000 ____D C:\Windows\system32\Tasks\Norton
2025-01-11 22:15 - 2025-01-11 22:15 - 000000000 ____D C:\Users\BENUTZER\AppData\LocalLow\Tiny Crow Games
2025-01-11 19:36 - 2025-01-11 19:36 - 000000720 _____ C:\Users\BENUTZER\Desktop\dreamboxEDIT (x64).lnk
2025-01-11 19:36 - 2025-01-11 19:36 - 000000708 _____ C:\Users\BENUTZER\Desktop\dreamboxEDIT.lnk
2025-01-11 19:36 - 2025-01-11 19:36 - 000000000 ____D C:\Users\BENUTZER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-01-21 17:36 - 2015-01-22 14:28 - 000000000 ____D C:\FRST
2025-01-21 17:34 - 2018-02-27 18:01 - 000000000 ____D C:\Users\BENUTZER\AppData\Roaming\Azureus
2025-01-21 17:32 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-21 17:30 - 2022-04-10 14:35 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-01-21 15:31 - 2024-09-21 10:22 - 000000000 ____D C:\Windows\system32\Tasks\Norton Security
2025-01-21 07:48 - 2022-10-14 20:35 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-01-21 07:48 - 2022-10-13 17:53 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3438649541-831985882-319497044-500
2025-01-21 07:48 - 2022-10-13 17:53 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-01-21 07:48 - 2022-10-13 17:53 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-01-21 07:48 - 2022-04-10 14:50 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3438649541-831985882-319497044-1008
2025-01-21 07:48 - 2022-04-10 14:50 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3438649541-831985882-319497044-1000
2025-01-21 07:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2025-01-21 07:29 - 2022-10-13 17:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2025-01-21 07:28 - 2020-11-19 00:54 - 000000000 ____D C:\ProgramData\Packages
2025-01-21 07:28 - 2020-01-11 00:32 - 000000000 ____D C:\Users\BENUTZER\AppData\Local\Packages
2025-01-21 07:28 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-21 07:22 - 2015-01-22 18:56 - 000000000 ____D C:\AdwCleaner
2025-01-21 07:16 - 2023-12-17 00:44 - 000080408 ____H (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCMON24.SYS
2025-01-21 05:01 - 2023-05-01 21:52 - 000004164 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{719EFF54-22E6-4D5A-9AD5-7150955E5CFD}
2025-01-21 04:00 - 2022-04-10 13:45 - 000000000 ____D C:\Windows\system32\msmq
2025-01-21 02:00 - 2012-11-22 07:20 - 000000000 ____D C:\Users\BENUTZER\AppData\Local\CrashDumps
2025-01-21 01:33 - 2020-10-24 00:30 - 000000000 ____D C:\Users\BENUTZER\AppData\Roaming\Notepad++
2025-01-21 01:28 - 2011-10-17 19:15 - 000000000 ____D C:\Users\BENUTZER\AppData\Roaming\vlc
2025-01-21 00:21 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2025-01-21 00:21 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2025-01-21 00:21 - 2015-09-15 00:50 - 000239568 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2025-01-21 00:21 - 2015-09-15 00:49 - 000232024 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2025-01-21 00:20 - 2015-01-22 18:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-01-20 23:20 - 2020-01-12 01:02 - 000000000 ____D C:\Users\BENUTZER\AppData\Local\VMware
2025-01-20 22:46 - 2020-01-12 01:02 - 000000000 ____D C:\Users\BENUTZER\AppData\Roaming\VMware
2025-01-20 20:24 - 2020-02-23 12:22 - 000037232 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
2025-01-20 20:03 - 2024-06-27 18:44 - 000000000 ____D C:\Users\BENUTZER\AppData\Roaming\Signal
2025-01-19 11:33 - 2014-09-29 01:42 - 000000000 ____D C:\Users\BENUTZER\AppData\LocalLow\Unity
2025-01-18 12:56 - 2022-04-10 14:47 - 001852642 _____ C:\Windows\system32\PerfStringBackup.INI
2025-01-18 12:56 - 2019-12-07 15:51 - 000793098 _____ C:\Windows\system32\perfh007.dat
2025-01-18 12:56 - 2019-12-07 15:51 - 000170100 _____ C:\Windows\system32\perfc007.dat
2025-01-18 12:51 - 2018-06-15 05:32 - 000000000 ____D C:\Users\BENUTZER\AppData\Roaming\Microsoft\Skype for Desktop
2025-01-18 12:51 - 2011-10-16 01:24 - 000000105 _____ C:\Windows\Brownie.ini
2025-01-18 12:49 - 2023-01-05 20:08 - 001205104 _____ () C:\Windows\system32\wpbbin.exe
2025-01-18 12:49 - 2023-01-05 20:08 - 001157088 _____ C:\Windows\system32\AsusUpdateCheck.exe
2025-01-18 12:49 - 2022-04-10 14:50 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-01-18 12:49 - 2022-04-10 14:04 - 000000000 ____D C:\Windows\SystemTemp
2025-01-18 12:49 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2025-01-18 12:49 - 2011-10-15 20:57 - 000000000 ____D C:\ProgramData\VMware
2025-01-18 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2025-01-18 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-01-18 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2025-01-18 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2025-01-18 12:48 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2025-01-18 12:47 - 2022-04-10 14:38 - 000000000 ____D C:\Users\BENUTZER
2025-01-18 12:41 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2025-01-18 12:39 - 2022-04-10 14:36 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-01-18 12:34 - 2013-07-09 19:27 - 000000000 ____D C:\Windows\system32\MRT
2025-01-18 12:28 - 2011-10-15 20:55 - 206927936 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-01-18 03:57 - 2020-11-19 00:53 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-18 03:57 - 2020-11-19 00:53 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-01-18 03:14 - 2020-01-11 00:36 - 000000000 ____D C:\Users\BENUTZER\AppData\Local\D3DSCache
2025-01-15 22:05 - 2019-08-20 16:55 - 000000000 ____D C:\Users\BENUTZER\AppData\Roaming\Digiarty
2025-01-15 08:11 - 2015-02-19 08:34 - 000000000 ____D C:\Users\BENUTZER\AppData\Local\Steam
2025-01-14 23:00 - 2011-10-15 21:20 - 000000667 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-01-04 17:04 - 2021-07-17 19:52 - 000000000 ____D C:\Users\BENUTZER\AppData\LocalLow\Norton
2025-01-04 10:38 - 2011-10-15 20:16 - 000000000 ____D C:\ProgramData\Norton
2025-01-02 15:53 - 2019-08-16 00:15 - 000000000 ____D C:\Users\BENUTZER\AppData\LocalLow\by redamz
2024-12-31 22:07 - 2022-04-02 18:13 - 000000000 ____D C:\Users\BENUTZER\AppData\Roaming\discord
2024-12-31 22:02 - 2022-04-02 18:12 - 000000000 ____D C:\Users\BENUTZER\AppData\Local\Discord
2024-12-22 05:51 - 2022-04-10 14:50 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-22 05:51 - 2022-04-10 14:50 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2019-02-24 13:28 - 2019-02-24 13:28 - 000924160 _____ () C:\Users\BENUTZER\Eco.Mods.dll
2015-03-13 16:27 - 2015-05-03 02:05 - 000021368 _____ (Schneider Electric) C:\Users\BENUTZER\en_res.dll
2015-03-13 16:27 - 2015-05-03 02:05 - 000021368 _____ (Schneider Electric) C:\Users\BENUTZER\es_res.dll
2015-03-13 16:27 - 2015-05-03 02:05 - 000021880 _____ (Schneider Electric) C:\Users\BENUTZER\fr_res.dll
2015-03-13 16:27 - 2015-05-03 02:05 - 000021880 _____ (Schneider Electric) C:\Users\BENUTZER\grm_res.dll
2019-04-23 07:12 - 2019-04-23 07:12 - 000000000 _____ () C:\Users\BENUTZER\i4jd904760779358137815.exe
2018-12-20 06:43 - 2019-11-13 17:59 - 000035224 _____ () C:\Users\BENUTZER\i4jdel0.exe
2015-03-13 16:27 - 2015-05-03 02:05 - 000021368 _____ (Schneider Electric) C:\Users\BENUTZER\it_res.dll
2015-03-13 16:27 - 2015-05-03 02:05 - 000020344 _____ (Schneider Electric) C:\Users\BENUTZER\jp_res.dll
2019-01-19 16:52 - 2019-01-19 16:52 - 001974624 _____ (Oracle Corporation) C:\Users\BENUTZER\jre-8u201-windows-au.exe
2019-04-18 19:00 - 2019-04-18 19:00 - 002048352 _____ (Oracle Corporation) C:\Users\BENUTZER\jre-8u211-windows-au.exe
2019-07-21 10:14 - 2019-07-21 10:14 - 002070488 _____ (Oracle Corporation) C:\Users\BENUTZER\jre-8u221-windows-au.exe
2019-10-18 16:23 - 2019-10-18 16:23 - 002071072 _____ (Oracle Corporation) C:\Users\BENUTZER\jre-8u231-windows-au.exe
2015-03-13 16:27 - 2015-05-03 02:05 - 001079808 _____ (Microsoft Corporation) C:\Users\BENUTZER\mfc80u.dll
2015-03-13 16:27 - 2015-05-03 02:05 - 000626688 _____ (Microsoft Corporation) C:\Users\BENUTZER\msvcr80.dll
2019-02-09 03:32 - 2019-02-09 03:32 - 000040448 _____ () C:\Users\BENUTZER\proxy_vole4168877087061931752.dll
2015-03-13 16:27 - 2015-05-03 02:05 - 000021368 _____ (Schneider Electric) C:\Users\BENUTZER\pt_res.dll
2015-03-13 16:27 - 2015-05-03 02:05 - 000018808 _____ () C:\Users\BENUTZER\ResourceReader.dll
2019-09-19 22:39 - 2019-09-19 22:39 - 051753376 _____ (Rockstar Games.) C:\Users\BENUTZER\Rockstar-Games-Launcher.exe
2015-03-13 16:27 - 2015-05-03 02:05 - 000020856 _____ (Schneider Electric) C:\Users\BENUTZER\ru_res.dll
2015-03-13 16:27 - 2015-05-03 02:05 - 000019832 _____ (Schneider Electric) C:\Users\BENUTZER\zh_res.dll
2017-01-30 20:43 - 2017-02-13 02:02 - 000000000 _____ () C:\Users\BENUTZER\AppData\Roaming\avoriontestfile
2013-05-16 09:32 - 2013-07-12 20:48 - 000000000 _____ () C:\Users\BENUTZER\AppData\Roaming\FileIn.cns
2013-05-16 09:32 - 2013-07-12 20:48 - 000000000 _____ () C:\Users\BENUTZER\AppData\Roaming\FileOut.cns
2012-04-29 01:05 - 2012-08-28 15:07 - 000000079 _____ () C:\Users\BENUTZER\AppData\Local\CrystalDiskMark30.ini
2012-02-08 15:57 - 2012-06-13 19:30 - 001348976 _____ () C:\Users\BENUTZER\AppData\Local\parallels.log
2020-10-01 23:37 - 2023-04-01 09:50 - 000003323 _____ () C:\Users\BENUTZER\AppData\Local\PlariumPlay.log
2022-07-25 19:37 - 2024-11-05 18:58 - 000000128 _____ () C:\Users\BENUTZER\AppData\Local\PUTTY.RND
2023-05-03 16:32 - 2023-05-03 16:32 - 000000862 _____ () C:\Users\BENUTZER\AppData\Local\recently-used.xbel
2011-10-22 13:01 - 2020-01-11 11:17 - 000007663 _____ () C:\Users\BENUTZER\AppData\Local\Resmon.ResmonCfg
2017-04-16 00:44 - 2017-05-03 12:44 - 000000271 _____ () C:\Users\BENUTZER\AppData\Local\TherianSaga.bridge
==================== FLock ==============================
2011-10-15 21:10 C:\ProgramData\Brother
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ======================== |