FRST

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-
2022
durchgeführt von sufffi (Administrator) auf DESKTOP-QG2LG1G (Micro-Star
International Co., Ltd. MS-7C98) (30-07-2022 11:34:29)
Gestartet von C:\Users\sufffi\Downloads
Geladene Profile: sufffi
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.1865 (X64) Sprache: Deutsch
(Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen.
Die Datei wird nicht verschoben.)
(A. & M. Neuber Software -> Neuber Software - www.neuber.com) C:\Program Files
(x86)\Security Task Manager\SpyProtector.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\
EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files
(x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <3>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\
Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\
Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia
Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA
GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia
Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\
nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->)
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\
Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(dllhost.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\
steam.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\
Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\
Application\chrome.exe <9>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\
NVIDIA Web Helper.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\
ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\
DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\
DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel
Corporation) C:\Windows\System32\DriverStore\FileRepository\
dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\
Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\
ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\
ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\
NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\
DriverStore\FileRepository\nv_dispi.inf_amd64_c43eff7079c4c90c\Display.NvContainer\
NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\
Windows\System32\DriverStore\FileRepository\
realtekservice.inf_amd64_eb52bf0d4dccfcf3\RtkAudUService64.exe
(services.exe ->) (VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware
Workstation\vmware-hostd.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common
Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\
VMware Workstation\vmware-authd.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\
dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\
UtcDecoderHost.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\
vmware-tray.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den
Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\

realtekservice.inf_amd64_eb52bf0d4dccfcf3\RtkAudUService64.exe [3479488 2022-04-12]
(Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [168064 2022-
03-15] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Spy Protector] => C:\Program Files (x86)\Security Task Manager\
SpyProtector.exe [145280 2018-10-19] (A. & M. Neuber Software -> Neuber Software -
www.neuber.com)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware
Workstation\vmware-tray.exe [104128 2015-08-14] (VMware, Inc. -> VMware, Inc.)
HKU\S-1-5-21-2642554700-2840593517-3385852446-1001\...\MountPoints2: {977c5660-
afe7-11ec-a981-2cf05d83414b} - "F:\OnePlus_setup.exe" /s
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-
AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\101.0.4951.67\
Installer\chrmstp.exe [2022-05-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-
9F64-1857B5D58CEE}] -> "C:\Program Files (x86)\Microsoft\Edge\Application\
103.0.1264.49\Installer\setup.exe" --configure-user-settings --verbose-logging --
system-level --msedge --channel=stable
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry
entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet
wird.)
Task: {05D8BC9E-267A-4D4C-A7B0-10C0FE617D74} - System32\Tasks\OneDrive Standalone

Update Task-S-1-5-21-2642554700-2840593517-3385852446-1002 => C:\Users\sufffi\
AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Keine Datei)
Task: {085B1270-BD8D-4611-9BD4-B8BEFDB31363} - System32\Tasks\Microsoft\Windows\
Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-
55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-07-29] (Microsoft
Windows -> Microsoft Corporation)
Task: {261BF118-EF0F-47D8-A144-2D1AC5D75EAF} - System32\Tasks\OneDrive Reporting
Task-S-1-5-21-2642554700-2840593517-3385852446-1002 => C:\Users\sufffi\AppData\
Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Keine Datei)
Task: {27248C2B-7508-4B53-8933-EF8337E4894B} - System32\Tasks\Microsoft\Windows\
Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\
Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-07] (Microsoft
Windows Publisher -> Microsoft Corporation)
Task: {35B67591-7819-4D4D-94DC-1DD5F1693023} - System32\Tasks\
CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {36CBBAEA-4C43-463F-A690-B20AA1FF2CAE} - System32\Tasks\
NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\
NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-04-21] (Nvidia
Corporation -> NVIDIA Corporation)
Task: {7DA29AFC-1C7B-4BC7-BEDE-53813E8880E2} - System32\Tasks\
NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program
Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-04-21] (Nvidia
Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\
NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7F1AE36C-77DC-4DE3-9807-63CD50E14CEA} - System32\Tasks\MSIAfterburner => C:\
Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-
STAR INTERNATIONAL CO., LTD. -> )
Task: {7FEC22A1-1D5A-46A9-8579-6FB129E7F903} - System32\Tasks\NVIDIA GeForce
Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080
2022-04-21] (Nvidia Corporation -> NVIDIA Corporation)
Task: {816B8072-3F08-4006-AEE6-8AB507852BCC} - System32\Tasks\
NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-04-21] (Nvidia Corporation -
> NVIDIA Corporation)
Task: {819B195A-90CF-4454-9578-AA993DD83D1A} - System32\Tasks\
MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\
MicrosoftEdgeUpdate.exe /ua /installsource scheduler (Keine Datei)
Task: {871251CA-0A68-4EF6-AFE8-6E6EF0D81BE7} - System32\Tasks\Microsoft\Windows\
Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows
Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-07] (Microsoft Windows
Publisher -> Microsoft Corporation)
Task: {871FEED6-5AE3-430C-85E9-9A0F56418D70} - System32\Tasks\Microsoft\Windows\
Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\
Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-07] (Microsoft
Windows Publisher -> Microsoft Corporation)
Task: {93A19022-0EA9-4297-86AB-E6884C46B632} - System32\Tasks\
NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (Keine Datei)
Task: {93B71812-54F7-4CAA-A48C-1E2E6D55F653} - System32\Tasks\
MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\
MicrosoftEdgeUpdate.exe /c (Keine Datei)
Task: {AFBE11A3-2C50-46FF-9D51-C8303EDE6756} - System32\Tasks\
Task: {B2326C1A-F68D-4656-A860-311A63D65A9C} - System32\Tasks\
GoogleUpdateTaskMachineCore{27E0B69D-9248-4073-9C03-7EED85811A84} => C:\Program
Files (x86)\Google\Update\GoogleUpdate.exe /c (Keine Datei)
Task: {BE7AEA56-F5CC-438A-8DA3-7B9AF34C1A81} - System32\Tasks\AutoPico Daily
Restart => C:\Program Files\KMSpico\AutoPico.exe [745664 2016-01-12] (@ByELDI ->
@ByELDI) [Datei ist nicht signiert]
Task: {C780B1AE-58D6-4AF0-8919-8A1539F01E6B} - System32\Tasks\PrivaZer_SkipUAC =>
C:\Program Files (x86)\PrivaZer\PrivaZer.exe [21127512 2022-07-29] (Goversoft LLC -
> Goversoft LLC)
Task: {C80B7E43-98DE-479B-9826-9B7F4DE8A5EA} - System32\Tasks\Intel PTT EK
Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\
iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008
2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {C96AADD7-F39A-4341-A4C4-1229D1BF9960} - System32\Tasks\Microsoft\Windows\
Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215}
C:\WINDOWS\System32\Autopilot.dll [192000 2022-07-29] (Microsoft Windows ->
Microsoft Corporation)
Task: {DA4800A4-85BE-4A09-8C8F-CB50171EAA47} - System32\Tasks\Microsoft\Windows\
Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows
Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-07] (Microsoft Windows
Publisher -> Microsoft Corporation)
Task: {E5CECF2E-0800-47F9-9B98-A430D865D7C6} - System32\Tasks\
Task: {F3C49BEF-7E6F-41EE-BFE8-33840F4B716E} - System32\Tasks\
GoogleUpdateTaskMachineUA{1B8CBDC6-5359-4C44-8D2E-8D245802F570} => C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Keine Datei)
Task: {F6D12FB1-8321-44D0-9C98-2A6D5C67FA5B} - System32\Tasks\
NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (Keine Datei)
Task: {F95BE6BA-7C46-41E8-BBF5-24F4470CF624} - System32\Tasks\
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die
Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder
auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\vsocklib.dll [64192 2015-08-04] (VMware,

Inc. -> VMware, Inc.)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\vsocklib.dll [64192 2015-08-04] (VMware,
Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [68288 2015-08-04]
(VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [68288 2015-08-04]
Tcpip\..\Interfaces\{3b6b1b26-01e9-45a8-8207-4d2825070f74}: [DhcpNameServer]
192.168.178.1
Edge:
=======
Edge Profile: C:\Users\sufffi\AppData\Local\Microsoft\Edge\User Data\Default [2022-
07-30]
Edge Notifications: Default -> hxxps://www.onworks.net
Edge Extension: (Fedora kostenloser Online-Linux-Server) - C:\Users\sufffi\AppData\
Local\Microsoft\Edge\User Data\Default\Extensions\afklibafmpfkdmjjfpmlbjjjaoihjgcp
[2022-07-29]
Edge Extension: (Ubuntu kostenloser Online-Linux-Server) - C:\Users\sufffi\AppData\
Local\Microsoft\Edge\User Data\Default\Extensions\halfhhnbpmdlppkmbgnhljeepllcikec
[2022-07-29]
Edge Extension: (Fake Data - A form filler you won't hate) - C:\Users\sufffi\
AppData\Local\Microsoft\Edge\User Data\Default\Extensions\
kaabapeemblncdbnnkpajpbjebhochob [2022-07-29]
Edge Extension: (AdGuard Werbeblocker) - C:\Users\sufffi\AppData\Local\Microsoft\
Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2022-07-28]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\sufffi\AppData\Local\Google\Chrome\User Data\Default [2022-
07-30]
CHR Extension: (AdGuard Werbeblocker) - C:\Users\sufffi\AppData\Local\Google\
Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2022-07-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\sufffi\AppData\Local\Google\
Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-30]
CHR Profile: C:\Users\sufffi\AppData\Local\Google\Chrome\User Data\Guest Profile
[2022-07-30]
CHR Profile: C:\Users\sufffi\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-
07-29]
CHR Extension: (AdGuard Werbeblocker) - C:\Users\sufffi\AppData\Local\Google\
Chrome\User Data\Profile 1\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2022-05-30]
CHR Extension: (Youtube smart phone control) - C:\Users\sufffi\AppData\Local\
Google\Chrome\User Data\Profile 1\Extensions\mondcdfmmhjiedhgchekbfekojflncfg
[2022-05-30]
Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-30]
07-29]
CHR Extension: (Google Docs Offline) - C:\Users\sufffi\AppData\Local\Google\Chrome\
User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-29]
07-29]
CHR Extension: (Google Docs Offline) - C:\Users\sufffi\AppData\Local\Google\Chrome\
User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-29]
CHR Profile: C:\Users\sufffi\AppData\Local\Google\Chrome\User Data\System Profile
[2022-07-30]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
wird.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET,

spol. s r.o. -> ESET)
S3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15]
(ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\
service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic
Games, Inc.)
S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [301056 2022-06-16]
(Microsoft Windows -> Microsoft Corporation)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
[2458576 2022-07-20] (Rockstar Games, Inc. -> Rockstar Games)
S2 rsAssistant; C:\Program Files\RAVAntivirus\rsAssistant.exe [1042248 2022-07-11]
(Reason Cybersecurity Inc. -> )
S2 rsDNSClientSvc; C:\Program Files\ReasonSaferWeb\rsDNSClientSvc.exe [741704 2022-
07-11] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
[6255400 2022-07-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746736 2022-01-17]
(Oracle Corporation -> Oracle Corporation)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
[12465344 2015-08-14] (VMware, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\
NisSrv.exe [3120992 2022-07-07] (Microsoft Windows Publisher -> Microsoft
Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\
MsMpEng.exe [133544 2022-07-07] (Microsoft Windows Publisher -> Microsoft
Corporation)
S2 edgeupdate; "C:\Program Files (x86)\Microsoft\EdgeUpdate\
MicrosoftEdgeUpdate.exe" /svc [X]
S3 edgeupdatem; "C:\Program Files (x86)\Microsoft\EdgeUpdate\
MicrosoftEdgeUpdate.exe" /medsvc [X]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 MicrosoftEdgeElevationService; "C:\Program Files (x86)\Microsoft\Edge\
Application\103.0.1264.49\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\
nv_dispi.inf_amd64_c43eff7079c4c90c\Display.NvContainer\NVDisplay.Container.exe -s
NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\
NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\
FileRepository\nv_dispi.inf_amd64_c43eff7079c4c90c\Display.NvContainer\plugins\
LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
wird.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-10-06] (Microsoft

Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [154112 2021-10-06]
(Microsoft Corporation) [Datei ist nicht signiert]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183888 2022-03-15] (ESET, spol.
s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107944 2022-03-15] (ESET,
S4 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [108512 2022-03-15] (ESET,
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2022-03-11] (Microsoft
Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [226264 2022-03-15] (ESET, spol. s
r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [44968 2022-03-15] (ESET, spol.
s r.o. -> ESET)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft
Windows Hardware Compatibility Publisher -> )
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70776 2022-03-15] (ESET, spol. s
r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [111624 2022-03-15] (ESET,
R1 KProcessHacker3; C:\Program Files\Process Hacker 2\kprocesshacker.sys [45208
2016-03-29] (Wen Jia Liu -> wj32)
R3 MpKsl85728ea6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\
{71103399-4F0C-4FA2-959A-CB8400334885}\MpKslDrv.sys [141576 2022-07-30] (Microsoft
Windows -> Microsoft Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft
Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2022-04-
21] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 rsDwf; C:\WINDOWS\system32\DRIVERS\rsDwf.sys [54144 2022-07-11] (Reason
CyberSecurity Inc. -> Reason CyberSecurity Inc.)
S3 RtNdPt640; C:\WINDOWS\system32\DRIVERS\RtNdPt640.sys [58464 2020-12-29] (Realtek
Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239648 2022-01-17]
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249560 2022-01-17]
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1046416 2022-01-17] (Oracle
Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174752 2022-01-17] (Oracle
Corporation -> Oracle Corporation)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [48832 2015-08-14]
R0 vsock; C:\WINDOWS\System32\drivers\vsock.sys [75512 2015-08-04] (VMware, Inc. ->
VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys
[34520 2015-07-09] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-07-07] (Microsoft
Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-07-07]
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-07-07]
U4 npcap_wifi; kein ImagePath
S3 NTIOLib_CC_Clock; \??\C:\Program Files (x86)\MSI\One Dragon Center\Lib\
NTIOLib_X64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\
MODAPI.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
wird.)
==================== Drei Monate (erstellte) (Nicht auf der Ausnahmeliste)

=========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner
verschoben.)
2022-07-30 11:31 - 2022-07-30 11:31 - 000046753 _____ C:\Users\sufffi\Downloads\

Shortcut.txt
Addition.txt
FRST.txt
2022-07-30 11:28 - 2022-07-30 11:34 - 000000000 ____D C:\FRST
2022-07-30 11:28 - 2022-07-30 11:28 - 000000000 ____D C:\Users\sufffi\Downloads\
FRST-OlderVersion
2022-07-30 11:27 - 2022-07-30 11:27 - 000003190 _____ C:\WINDOWS\system32\Tasks\
PrivaZer_SkipUAC
2022-07-30 10:52 - 2022-07-30 10:52 - 000000000 ____D C:\Users\sufffi\AppData\
LocalLow\Funselektor Labs Inc_
2022-07-30 10:42 - 2022-07-30 10:46 - 000000105 _____ C:\Users\sufffi\AppData\
Local\taskman.cmd.errors
Local\taskman.cmd.done
2022-07-30 10:33 - 2022-07-30 10:33 - 000000441 _____ C:\WINDOWS\system32\Drivers\
etc\hosts.ics
2022-07-30 10:30 - 2022-07-30 10:30 - 000000000 ___HD C:\$WinREAgent
2022-07-30 10:27 - 2022-07-30 10:28 - 000001162 _____ C:\WINDOWS\system32\config\
VSMIDK
2022-07-30 09:53 - 2022-07-30 09:53 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2022-07-30 09:53 - 2022-07-30 09:53 - 000000000 ___SD C:\WINDOWS\system32\
containers
2022-07-30 09:53 - 2022-07-30 09:53 - 000000000 ___RD C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\IIS
2022-07-30 09:53 - 2022-07-30 09:53 - 000000000 ____D C:\WINDOWS\SysWOW64\
BestPractices
2022-07-30 09:53 - 2022-07-30 09:53 - 000000000 ____D C:\WINDOWS\system32\msmq
2022-07-30 09:53 - 2022-07-30 09:53 - 000000000 ____D C:\WINDOWS\system32\
HvsiSettingsProviders
2022-07-30 09:53 - 2022-07-30 09:53 - 000000000 ____D C:\Users\Public\Documents\
Hyper-V
2022-07-30 09:53 - 2022-07-30 09:53 - 000000000 ____D C:\Program Files\Windows
MultiPoint Server
Identity Foundation
2022-07-30 09:53 - 2022-07-30 09:53 - 000000000 ____D C:\Program Files\Hyper-V
2022-07-30 09:53 - 2022-07-30 09:53 - 000000000 ____D C:\inetpub
2022-07-30 01:48 - 2022-07-30 04:01 - 000000000 ____D C:\Users\sufffi\Desktop\
Credit
2022-07-29 17:29 - 2022-07-29 17:29 - 3286951263 _____ C:\WINDOWS\MEMORY.DMP
2022-07-29 17:29 - 2022-07-29 17:29 - 001699652 _____ C:\WINDOWS\Minidump\072922-
7421-01.dmp
2022-07-29 17:04 - 2022-07-29 17:04 - 000581120 _____ (Microsoft Corporation) C:\
WINDOWS\system32\PhotoScreensaver.scr
WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-07-29 17:04 - 2022-07-29 17:04 - 000288768 _____ C:\WINDOWS\system32\
Windows.Management.InprocObjects.dll
2022-07-29 17:04 - 2022-07-29 17:04 - 000162304 _____ C:\WINDOWS\system32\
DataStoreCacheDumpTool.exe
2022-07-29 17:04 - 2022-07-29 17:04 - 000089088 _____ C:\WINDOWS\system32\
windows.applicationmodel.conversationalagent.proxystub.dll
2022-07-29 17:04 - 2022-07-29 17:04 - 000080720 _____ C:\WINDOWS\system32\
hvsifiletrust.dll
2022-07-29 17:04 - 2022-07-29 17:04 - 000073216 _____ C:\WINDOWS\system32\
windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-07-29 17:04 - 2022-07-29 17:04 - 000060928 _____ C:\WINDOWS\system32\
runexehelper.exe
2022-07-29 17:04 - 2022-07-29 17:04 - 000011797 _____ C:\WINDOWS\system32\
DrtmAuthTxt.wim
2022-07-29 16:46 - 2022-07-29 16:46 - 000001146 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\PC Health Check.lnk
2022-07-29 16:46 - 2022-07-29 16:46 - 000000000 ____D C:\Program Files\
PCHealthCheck
2022-07-29 16:40 - 2022-07-29 17:29 - 000258864 _____ C:\WINDOWS\system32\
FNTCACHE.DAT
2022-07-29 13:17 - 2022-07-29 13:17 - 000001511 _____ C:\Users\Public\Desktop\iLike
Android Data Recovery Pro.lnk
Roaming\iLike Android Data Recovery
2022-07-29 13:17 - 2022-07-29 13:17 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\iLike Android Data Recovery Pro
2022-07-29 13:17 - 2022-07-29 13:17 - 000000000 ____D C:\Program Files (x86)\iLike
Android Data Recovery Pro
2022-07-29 11:51 - 2022-07-29 11:51 - 000002647 _____ C:\Users\sufffi\Desktop\
YouTube.lnk
Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
Windows\Start Menu\Programs\KMSpico
2022-07-29 09:42 - 2022-07-30 04:22 - 000000000 ____D C:\Program Files\KMSpico
2022-07-29 09:42 - 2022-07-29 09:42 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
AutoPico Daily Restart
Roaming\NCH Software
2022-07-29 09:42 - 2010-12-06 04:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\
system32\Vestris.ResourceLib.dll
Roaming\46050B75811C9DC5
Roaming\MOBILeditForensic
2022-07-29 07:00 - 2022-07-29 07:19 - 000000000 ____D C:\Users\sufffi\Documents\
MOBILedit! Forensic
2022-07-29 06:59 - 2022-07-29 06:59 - 000001228 _____ C:\Users\Public\Desktop\
MOBILedit! Forensic.lnk
Windows\Start Menu\Programs\MOBILedit! Forensic
MOBILedit.Forensic.v7.5.4.4232-rG
2022-07-29 06:48 - 2022-07-29 16:21 - 000000000 ____D C:\ProgramData\firebird
PrivaZer.lnk
Local\PrivaZer
2022-07-29 05:57 - 2022-07-29 05:58 - 000000000 ____D C:\Program Files (x86)\
PrivaZer
Windows\Start Menu\Programs\PrivaZer.lnk
Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
2022-07-29 05:57 - 2022-07-29 05:57 - 000000000 ____D C:\ProgramData\privazer
Oxygen Data Extraction Wizard.lnk
Oxygen Forensic Suite 2014.lnk
2022-07-29 03:14 - 2022-07-29 03:14 - 000000000 ____D C:\Users\sufffi\Oxygen
Forensic Suite
Roaming\Oxygen Software
Roaming\OxyForensic
Local\Oxygen Software
Windows\Start Menu\Programs\Oxygen Software
2022-07-29 03:14 - 2022-07-29 03:14 - 000000000 ____D C:\Program Files (x86)\Oxygen
Software
Roaming\MOBILedit Forensic
MOBILedit Forensic
Cookie Cruncher For Chrome.lnk
Windows\Start Menu\Programs\SanDune Technologies
SanDune Technologies
2022-07-29 03:08 - 2022-07-29 03:08 - 000000000 ____D C:\Program Files\Compiled
Driver Disk (Android)
2022-07-29 03:08 - 2014-09-29 15:03 - 000015616 _____ (Motorola) C:\WINDOWS\
system32\mot_ci.dll
2022-07-29 03:07 - 2022-07-29 03:07 - 000000000 ____D C:\Program Files\Phone
Drivers Downloader
Suricata 5.0.9-64bit IDS-IPS.lnk
Roaming\Microsoft\Windows\Start Menu\Programs\Suricata
2022-07-29 02:42 - 2022-07-29 02:42 - 000000000 ____D C:\Program Files\Suricata
MobilEdit! Forensic
MOBILedit! Forensic
COMPELSON Labs
Local\IDScan.net
2022-07-29 00:37 - 2022-07-29 00:37 - 000000000 ____D C:\ProgramData\Nautilus
VeriAge.lnk
Windows\Start Menu\Programs\Nautilus
2022-07-29 00:36 - 2022-07-29 00:36 - 000000000 ____D C:\Program Files\Microsoft
Synchronization Services
2022-07-29 00:36 - 2022-07-29 00:36 - 000000000 ____D C:\Program Files\Microsoft
SQL Server Compact Edition
Nautilus
Microsoft Synchronization Services
Microsoft SQL Server Compact Edition
2022-07-29 00:20 - 2022-07-29 00:20 - 000000000 ____D C:\Users\Christos
2022-07-29 00:18 - 2022-07-29 16:13 - 000001314 _____ C:\Users\sufffi\Desktop\Easy
Credit Card Verifier.lnk
Windows\Start Menu\Programs\Easy Credit Card Verifier
2022-07-29 00:18 - 2022-07-29 00:18 - 000000000 ____D C:\Program Files (x86)\Ashkon
Software
Virtual Machines
Roaming\VMware
Local\VMware
2022-07-28 20:57 - 2022-07-30 10:28 - 000000000 ____D C:\ProgramData\VMware
2022-07-28 20:57 - 2022-07-28 20:57 - 001753172 _____ C:\WINDOWS\SysWOW64\
PerfStringBackup.INI
VMware Workstation Pro.lnk
2022-07-28 20:57 - 2022-07-28 20:57 - 000001024 _____ C:\WINDOWS\SysWOW64\%TMP%
Shared Virtual Machines
Windows\Start Menu\Programs\VMware
2022-07-28 20:57 - 2022-07-28 20:57 - 000000000 ____D C:\Program Files\Common
Files\VMware
2022-07-28 20:57 - 2022-07-28 20:57 - 000000000 ____D C:\Program Files (x86)\VMware
2022-07-28 20:57 - 2015-08-14 14:03 - 000934080 _____ (VMware, Inc.) C:\WINDOWS\
system32\vnetlib64.dll
SysWOW64\vmnat.exe
SysWOW64\vmnetdhcp.exe
system32\Drivers\vmx86.sys
system32\Drivers\VMkbd.sys
system32\Drivers\vmnetuserif.sys
system32\Drivers\hcmon.sys
system32\Drivers\vsock.sys
system32\vsocklib.dll
SysWOW64\vsocklib.dll
2022-07-28 17:24 - 2022-07-28 17:24 - 000000000 ____D C:\Users\sufffi\creepy
2022-07-28 17:24 - 2022-07-28 17:24 - 000000000 ____D C:\Users\sufffi\.creepy
Windows\Start Menu\Programs\cree.py
Roaming\Microsoft\Windows\Start Menu\Programs\isaac-ng.lnk
2022-07-27 23:23 - 2022-07-27 23:23 - 000000222 _____ C:\Users\sufffi\Desktop\The
Binding of Isaac Rebirth.url
1FRisaac-ng_1.6.CT
Roaming\NOW TV Player
WOW.lnk
Roaming\WOW
Roaming\Microsoft\Windows\Start Menu\Programs\WOW
LocalLow\Synamedia
2022-07-23 17:46 - 2022-07-23 17:46 - 049849240 _____ (WOW ) C:\Users\sufffi\
Downloads\WOW-Windows.exe
Roaming\Teeworlds
teeworlds-0.7.5-win64.zip
2022-07-15 11:58 - 2022-07-15 11:58 - 000530944 _____ (curl, hxxps://curl.se/) C:\
WINDOWS\system32\curl.exe
2022-07-15 11:58 - 2022-07-15 11:58 - 000470528 _____ (curl, hxxps://curl.se/) C:\
WINDOWS\SysWOW64\curl.exe
MTK_Android_USB_Driver
MTK_Android_USB_Driver.zip
2022-07-12 04:23 - 2022-07-12 04:23 - 000000382 _____ C:\Users\sufffi\Desktop\TOOL
ALL IN ONE.appref-ms
Roaming\Microsoft\Windows\Start Menu\Programs\Mauronofrio
TOOL_ALL_IN_ONE_2.0.1.4.zip
Roaming\Microsoft\Windows\Start Menu\Programs\yuzu.lnk
yuzu.lnk
Roaming\Microsoft\Windows\Start Menu\Programs\yuzu Maintenance Tool.lnk
Local\yuzu
yuzu_install.exe
2022-07-11 15:10 - 2022-07-11 15:10 - 002260480 _____ C:\WINDOWS\system32\
TextInputMethodFormatter.dll
2022-07-11 15:10 - 2022-07-11 15:10 - 000693248 _____ C:\WINDOWS\system32\
FsNVSDeviceSource.dll
2022-07-11 15:10 - 2022-07-11 15:10 - 000640512 _____ C:\WINDOWS\system32\
SettingSyncDownloadHelper.dll
2022-07-11 15:10 - 2022-07-11 15:10 - 000270848 _____ C:\WINDOWS\system32\
EsclScan.dll
2022-07-11 15:10 - 2022-07-11 15:10 - 000152064 _____ C:\WINDOWS\system32\
EsclProtocol.dll
2022-07-11 15:10 - 2022-07-11 15:10 - 000061952 _____ C:\WINDOWS\system32\
printticketvalidation.dll
2022-07-11 15:10 - 2022-07-11 15:10 - 000057344 _____ C:\WINDOWS\system32\
APMonUI.dll
WINDOWS\system32\mode.com
WINDOWS\SysWOW64\mode.com
2022-07-11 15:10 - 2022-07-11 15:10 - 000024576 _____ C:\WINDOWS\system32\
WsdProviderUtil.dll
WINDOWS\system32\tree.com
2022-07-11 15:10 - 2022-07-11 15:10 - 000018944 _____ C:\WINDOWS\SysWOW64\
WsdProviderUtil.dll
WINDOWS\SysWOW64\tree.com
WINDOWS\system32\chcp.com
WINDOWS\SysWOW64\chcp.com
2022-07-11 14:41 - 2022-07-11 14:41 - 000000000 ____D C:\ProgramData\
ReasonSaferWebService
2022-07-11 13:34 - 2022-07-30 11:28 - 002369536 _____ (Farbar) C:\Users\sufffi\
Downloads\FRST64.exe
User_Feed_Synchronization-{34C376F5-D820-494E-B5F3-95368D923C64}
swflash.cab
Local\Deployment
DarkWarsClient.rar
2022-07-11 08:15 - 2022-07-11 08:15 - 000054144 _____ (Reason CyberSecurity Inc.)
C:\WINDOWS\system32\Drivers\rsDwf.sys
2022-07-11 08:12 - 2022-07-12 04:19 - 000000000 ____D C:\Program Files\
ReasonSaferWeb
2022-07-11 08:06 - 2022-07-11 13:37 - 000000000 ____D C:\Program Files\RAVAntivirus
2022-07-11 08:06 - 2022-07-11 08:27 - 000000000 ____D C:\Users\sufffi\Documents\My
Cheat Tables
2022-07-11 08:06 - 2022-07-11 08:06 - 000000931 _____ C:\Users\sufffi\Desktop\Cheat
Engine.lnk
2022-07-11 08:05 - 2022-07-28 12:13 - 000000000 ____D C:\Program Files\Cheat Engine
7.4
Windows\Start Menu\Programs\Cheat Engine 7.4
2022-07-11 07:59 - 2022-07-11 08:00 - 003354920 _____ ( ) C:\Users\sufffi\
Downloads\CheatEngine74.exe
Roaming\darkorbit-client
AncientOrbitTest.rar
Local\Bigpoint GmbH
DarkOrbit.lnk
Roaming\Microsoft\Windows\Start Menu\Programs\DarkOrbit
2022-07-10 10:07 - 2022-07-10 10:09 - 000000000 ____D C:\Users\sufffi\Dark Orbit
DarkOrbitInstaller.69.172172726.exe
jquery-1.11.0.min.js
aci.js
xxx.xxx.gz
Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
Local\JDownloader 2.0
Local\Adaware
Roaming\FileZilla
Local\FileZilla
2022-07-01 06:51 - 2022-07-01 06:52 - 012243720 _____ (Tim Kosse) C:\Users\sufffi\
Downloads\FileZilla_3.60.1_win64_sponsored2-setup.exe
lokinet-0.9.9 (1).zip
lokinet-windows-64bit-v0.9.9.zip
lokinet-0.9.9.zip
2022-06-29 10:22 - 2022-06-29 10:22 - 000000000 ____D C:\Users\sufffi\Downloads\
lokinet-0.9.9
lokinet-v0.9.9.tar.xz
2022-06-16 18:28 - 2022-06-16 18:28 - 001333760 _____ C:\WINDOWS\SysWOW64\
TextInputMethodFormatter.dll
2022-06-16 18:28 - 2022-06-16 18:28 - 000479744 _____ C:\WINDOWS\system32\
AssignedAccessCsp.dll
2022-06-16 18:28 - 2022-06-16 18:28 - 000232288 _____ C:\WINDOWS\system32\
containerdevicemanagement.dll
2022-06-16 18:28 - 2022-06-16 18:28 - 000104448 _____ C:\WINDOWS\system32\
nettraceex.dll
2022-06-16 18:28 - 2022-06-16 18:28 - 000040960 _____ C:\WINDOWS\system32\
uwfservicingapi.dll
2022-06-16 13:30 - 2022-06-07 19:13 - 000041992 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\Drivers\nvhdap64.dll
2022-06-16 12:16 - 2022-06-08 23:01 - 001905920 _____ C:\WINDOWS\system32\
vulkaninfo-1-999-0-0-0.exe
2022-06-16 12:16 - 2022-06-08 23:01 - 001905920 _____ C:\WINDOWS\system32\
vulkaninfo.exe
2022-06-16 12:16 - 2022-06-08 23:01 - 001478400 _____ C:\WINDOWS\SysWOW64\
vulkaninfo-1-999-0-0-0.exe
2022-06-16 12:16 - 2022-06-08 23:01 - 001478400 _____ C:\WINDOWS\SysWOW64\
vulkaninfo.exe
2022-06-16 12:16 - 2022-06-08 23:01 - 001432320 _____ C:\WINDOWS\system32\vulkan-1-
999-0-0-0.dll
2022-06-16 12:16 - 2022-06-08 23:01 - 001432320 _____ C:\WINDOWS\system32\vulkan-
1.dll
2022-06-16 12:16 - 2022-06-08 23:01 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1-
999-0-0-0.dll
2022-06-16 12:16 - 2022-06-08 23:01 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-
1.dll
2022-06-16 12:16 - 2022-06-08 23:00 - 001471104 _____ (Khronos Group) C:\WINDOWS\
system32\OpenCL.dll
2022-06-16 12:16 - 2022-06-08 23:00 - 001212544 _____ (Khronos Group) C:\WINDOWS\
SysWOW64\OpenCL.dll
2022-06-16 12:16 - 2022-06-08 22:57 - 000865784 _____ C:\WINDOWS\system32\
nvofapi64.dll
WINDOWS\system32\nvml.dll
2022-06-16 12:16 - 2022-06-08 22:57 - 000687608 _____ C:\WINDOWS\SysWOW64\
nvofapi.dll
WINDOWS\system32\NvFBC64.dll
WINDOWS\SysWOW64\NvFBC.dll
WINDOWS\system32\NvIFR64.dll
WINDOWS\SysWOW64\NvIFR.dll
WINDOWS\system32\nvEncodeAPI64.dll
WINDOWS\SysWOW64\nvEncodeAPI.dll
WINDOWS\system32\nvidia-smi.exe
WINDOWS\SysWOW64\nvcuvid.dll
WINDOWS\system32\nvcuvid.dll
WINDOWS\system32\nvcpl.dll
WINDOWS\SysWOW64\nvcuda.dll
WINDOWS\system32\nvcuda.dll
WINDOWS\system32\nvdebugdump.exe
WINDOWS\system32\MCU.exe
WINDOWS\SysWOW64\nvapi.dll
2022-06-16 12:16 - 2022-06-07 06:08 - 000093121 _____ C:\WINDOWS\system32\nvinfo.pb
2022-05-31 03:04 - 2022-05-27 20:33 - 000034064 ____N (ASUSTeK Computer Inc.) C:\
WINDOWS\system32\Drivers\IOMap64.sys
2022-05-30 17:48 - 2022-05-30 17:48 - 000002016 _____ C:\Users\Public\Desktop\ESET
Sicheres Online-Banking und Bezahlen.lnk
Local\ESET
Windows\Start Menu\Programs\ESET
2022-05-30 17:44 - 2022-05-30 17:44 - 000000000 ____D C:\ProgramData\ESET
2022-05-30 17:44 - 2022-05-30 17:44 - 000000000 ____D C:\Program Files\ESET
2022-05-30 17:19 - 2022-05-30 17:19 - 008500248 _____ (ESET) C:\Users\sufffi\
Downloads\eset_smart_security_premium_live_installer.exe
Local\unmineable-miner-mfi-updater
2022-05-30 14:56 - 2022-05-30 15:09 - 000002388 _____ C:\Users\sufffi\Desktop\Gayl
- Chrome.lnk
2022-05-30 14:56 - 2022-05-30 15:03 - 000002432 _____ C:\Users\sufffi\Desktop\alt
(swählen) - Chrome.lnk
LocalLow\Bloober Team
2022-05-28 14:42 - 2022-05-28 14:42 - 000000355 _____ C:\Users\sufffi\Desktop\The
Stanley Parable.url
2022-05-28 12:05 - 2022-07-29 04:59 - 000000000 ____D C:\Users\sufffi\Documents\My
Games
The.Binding.of.Isaac.Rebirth.Repentance.Nexusgames.to
Roaming\WinRAR
Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
Windows\Start Menu\Programs\WinRAR
2022-05-28 12:04 - 2022-05-28 12:04 - 000000000 ____D C:\Program Files\WinRAR
2022-05-28 12:03 - 2022-05-28 12:04 - 003616392 _____ (Alexander Roshal) C:\Users\
sufffi\Downloads\winrar-x64-611d.exe
The.Binding.of.Isaac.Rebirth.Repentance.Nexusgames.to.rar
Local\cache
Roaming\Aspyr Media
Local\Aspyr Media
Layers of Fear.url
Roaming\NVIDIA
Local\Rockstar Games
Rockstar Games
2022-05-28 09:07 - 2022-07-20 14:36 - 000000000 ____D C:\ProgramData\Rockstar Games
2022-05-28 09:07 - 2022-07-20 14:36 - 000000000 ____D C:\Program Files\Rockstar
Games
Rockstar Games
Rockstar Games Launcher.lnk
Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2022-05-28 08:43 - 2022-05-28 08:43 - 000000368 _____ C:\Users\sufffi\Desktop\Grand
Theft Auto V.url
SQUARE ENIX
2022-05-27 15:36 - 2022-05-27 15:36 - 000000000 ____D C:\Users\sufffi\Documents\GTA
Vice City User Files
Local\BANDAI NAMCO Games
2022-05-26 13:36 - 2022-05-26 13:36 - 000000222 _____ C:\Users\sufffi\Desktop\FINAL
FANTASY XX-2 HD Remaster.url
DRAGON BALL XENOVERSE.url
2022-05-26 13:35 - 2022-05-26 13:35 - 000000220 _____ C:\Users\sufffi\Desktop\DOOM
3.url
LocalLow\WeirdBeard
2022-05-26 13:08 - 2022-05-26 13:08 - 000000221 _____ C:\Users\sufffi\Desktop\Grand
Theft Auto Vice City.url
GTA3 User Files
Tricky Towers.url
2022-05-26 12:40 - 2022-07-29 11:40 - 000000000 ____D C:\Program Files\Epic Games
Local\Epic Games
Local\EpicGamesLauncher
2022-05-26 12:06 - 2022-05-26 12:35 - 000000000 ____D C:\ProgramData\Epic
Windows\Start Menu\Programs\Epic Games Launcher.lnk
2022-05-26 12:06 - 2022-05-26 12:06 - 000001260 _____ C:\Users\Public\Desktop\Epic
Games Launcher.lnk
Local\UnrealEngineLauncher
Local\UnrealEngine
2022-05-26 12:06 - 2022-05-26 12:06 - 000000000 ____D C:\Program Files (x86)\Epic
Games
Roaming\Microsoft\Windows\Start Menu\Programs\Steam
Fahrenheit Indigo Prophecy Remastered.url
Local\Steam
2022-05-26 11:55 - 2022-07-30 11:35 - 000000000 ____D C:\Program Files (x86)\Steam
EpicInstaller-13.3.0.msi
SteamSetup.exe
Steam.lnk
Windows\Start Menu\Programs\Steam
Roaming\AnyDesk
2022-05-22 07:38 - 2022-05-22 07:38 - 000394240 _____ (Google Inc.) C:\Users\
sufffi\Downloads\gcapi.dll
2022-05-22 01:12 - 2019-12-06 16:35 - 000374784 _____ (Windows (R) Win 7 DDK
provider) C:\WINDOWS\system32\DXCpl.exe
2022-05-22 01:12 - 2019-12-06 16:34 - 000417792 _____ C:\WINDOWS\system32\
d3dconfig.exe
2022-05-22 01:12 - 2019-12-06 16:27 - 000347136 _____ (Windows (R) Win 7 DDK
provider) C:\WINDOWS\SysWOW64\DXCpl.exe
2022-05-22 01:12 - 2019-12-06 16:26 - 000365056 _____ C:\WINDOWS\SysWOW64\
d3dconfig.exe
2022-05-22 00:56 - 2022-05-22 00:56 - 000001704 _____ C:\Users\sufffi\Downloads.pem
Intel PTT EK Recertification
2022-05-19 17:05 - 2022-05-19 17:05 - 000000000 ____D C:\ProgramData\Oracle
2022-05-19 14:35 - 2022-05-19 14:40 - 256179512 _____ (ManageEngine) C:\Users\
sufffi\Downloads\ManageEngine_FirewallAnalyzer_64bit.exe
2022-05-17 11:26 - 2022-05-17 11:26 - 000000000 ____D C:\WINDOWS\system32\appmgmt
SOFTWARE
2022-05-16 09:08 - 2022-05-16 09:10 - 000000000 ____D C:\WINDOWS\Microsoft
Antimalware
OneDrive Reporting Task-S-1-5-21-2642554700-2840593517-3385852446-1002
2022-05-16 06:04 - 2022-05-16 06:04 - 000000000 ___HD C:\OneDriveTemp
OneDrive Standalone Update Task-S-1-5-21-2642554700-2840593517-3385852446-1002
2022-05-16 02:52 - 2022-05-16 02:52 - 000188928 _____ C:\WINDOWS\system32\
uwfcfgmgmt.dll
cimfs.sys
2022-05-15 15:02 - 2022-07-12 04:18 - 000000000 ____D C:\ProgramData\AnyDesk
2022-05-15 15:02 - 2022-05-15 15:02 - 003848888 _____ (AnyDesk Software GmbH) C:\
Users\sufffi\Downloads\AnyDesk.exe
Parrot-security-5.0_amd64 - Verknüpfung.lnk
2022-05-06 04:41 - 2022-07-30 10:46 - 000000000 ____D C:\ProgramData\SecTaskMan
Security Task Manager
Windows\Start Menu\Programs\Spy Protector.lnk
Windows\Start Menu\Programs\Security Task Manager.lnk
Security Task Manager.lnk
SecurityTaskManager_Setup.exe
network-taskmanager.exe
neuber.txt
Local\CrashDumps
2022-05-05 17:20 - 2022-04-12 00:33 - 006189504 _____ (Realtek Semiconductor Corp.)
C:\WINDOWS\system32\Drivers\RTKVHD64.sys
RTAIODAT.DAT
2022-05-05 17:20 - 2021-05-17 10:50 - 002875968 _____ (Realtek Semiconductor Corp.)
C:\WINDOWS\RtlExUpd.dll
Windows\Start Menu\Programs\Intel
2022-05-05 17:18 - 2021-02-10 11:20 - 000432560 _____ (Intel Corporation) C:\
WINDOWS\system32\PROUnstl.exe
2022-05-05 17:18 - 2021-02-10 11:20 - 000001088 ____N C:\WINDOWS\system32\
SetupBD.din
2022-05-05 17:16 - 2022-05-05 17:18 - 000000000 ____D C:\Program Files\Intel
2022-05-05 16:16 - 2022-05-05 16:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\
Intel
2022-05-05 16:16 - 2022-05-05 16:16 - 000000000 ____D C:\Intel
WINDOWS\system32\iaStorAfsService.exe
WINDOWS\system32\Drivers\iaStorAC.sys
WINDOWS\system32\iaStorAfsNative.exe
WINDOWS\system32\Optane.dll
WINDOWS\system32\Drivers\iaStorAfs.sys
WINDOWS\system32\RstMwEventLogMsg.dll
WINDOWS\system32\OptaneEventLogMsg.dll
2022-05-05 14:53 - 2022-05-17 11:05 - 000144646 _____ C:\WINDOWS\
cFosSpeed_Setup_Log.txt
2022-05-05 14:52 - 2022-05-18 01:37 - 000000000 ____D C:\MSI
2022-05-05 14:52 - 2022-05-05 14:52 - 000000000 ____D C:\Program Files (x86)\ENE
ene.sys
2022-05-05 14:52 - 2020-01-19 20:49 - 000017424 _____ (MICSYS Technology Co., LTd)
C:\WINDOWS\system32\Drivers\MsIo64.sys
Local\NVIDIA
Local\NVIDIA Corporation
GeForce Experience.lnk
Local\CEF
2022-05-05 14:47 - 2022-05-05 14:47 - 000000000 ____D C:\Users\sufffi\ansel
NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
Windows\Start Menu\Programs\NVIDIA Corporation
WINDOWS\system32\nvspcap64.dll
WINDOWS\SysWOW64\nvspcap.dll
WINDOWS\system32\NvRtmpStreamer64.dll
2022-05-05 14:33 - 2022-04-21 04:16 - 000082552 _____ C:\WINDOWS\system32\
FvSDK_x64.dll
2022-05-05 14:33 - 2022-04-21 04:16 - 000071288 _____ C:\WINDOWS\SysWOW64\
FvSDK_x86.dll
2022-05-05 14:33 - 2022-04-21 04:16 - 000001951 _____ C:\WINDOWS\
NvContainerRecovery.bat
2022-05-05 14:32 - 2022-07-30 09:53 - 000000000 ___SD C:\WINDOWS\system32\lxss
2022-05-05 14:32 - 2022-05-05 14:33 - 000000000 ____D C:\Program Files (x86)\NVIDIA
Corporation
NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
WINDOWS\system32\nvaudcap64v.dll
WINDOWS\SysWOW64\nvaudcap32v.dll
WINDOWS\system32\Drivers\nvvhci.sys
WINDOWS\system32\Drivers\NvModuleTracker.sys
WINDOWS\system32\Drivers\nvvad64v.sys
2022-05-05 11:21 - 2022-07-29 17:29 - 000000000 ____D C:\WINDOWS\Minidump
2022-05-05 11:21 - 2022-05-05 14:53 - 000000000 ____D C:\ProgramData\MSI
2022-05-05 11:08 - 2022-05-17 11:27 - 000000000 ____D C:\ProgramData\Intel Package
Cache {d8170687-85fa-4716-bafd-087205d0db72}
Cache {9f9c9e51-d42f-4462-a27a-7d419da18045}
Cache {58E22E6B-0E58-4E93-AF9A-036556EB66F5}
Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2022-05-05 11:08 - 2022-05-05 11:08 - 000000000 ____D C:\Users\sufffi\Intel
2022-05-05 11:07 - 2022-05-05 11:07 - 000000000 ____D C:\ProgramData\Intel
DriversCloud_Install
Roaming\Cybelsoft
DriversCloud_Win.exe
2022-05-05 10:18 - 2022-05-05 10:18 - 000000000 ____D C:\Program Files\CPUID
Dragon-Center.zip
2022-05-05 10:12 - 2022-05-05 10:12 - 001443872 _____ (CPUID, Inc. ) C:\Users\
sufffi\Downloads\hwmonitor_1.46.exe
2022-05-04 02:10 - 2022-05-04 02:10 - 002261896 _____ (wj32 ) C:\Users\sufffi\
Downloads\processhacker-2.38-setup.exe
processhacker-2.39-bin (1).zip
2022-05-03 15:34 - 2022-07-29 06:05 - 000000000 ____D C:\WINDOWS\pss
JottiScanGui.zip
==================== Drei Monate (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner
verschoben.)
2022-07-30 11:24 - 2022-03-29 18:25 - 000000000 ____D C:\ProgramData\regid.1991-

06.com.microsoft
MSIAfterburner
2022-07-30 10:43 - 2022-04-01 11:01 - 000000000 ____D C:\Program Files (x86)\MSI
Afterburner
2022-07-30 10:35 - 2022-03-29 18:26 - 000789222 _____ C:\WINDOWS\system32\
perfh007.dat
2022-07-30 10:35 - 2022-03-29 18:26 - 000163182 _____ C:\WINDOWS\system32\
perfc007.dat
2022-07-30 10:35 - 2022-03-29 18:24 - 000000000 ____D C:\WINDOWS\INF
2022-07-30 10:35 - 2022-03-29 17:36 - 001830626 _____ C:\WINDOWS\system32\
PerfStringBackup.INI
2022-07-30 10:29 - 2022-03-30 07:07 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-30 10:29 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-30 10:28 - 2022-03-29 17:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
SleepStudy
2022-07-30 09:53 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-07-30 09:53 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-07-30 09:53 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\schemas
2022-07-30 09:53 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-07-30 09:53 - 2022-03-29 18:25 - 000000000 ____D C:\Program Files\Common
Files\microsoft shared
BBI
2022-07-30 02:19 - 2022-03-29 18:23 - 000000000 ____D C:\WINDOWS\CbsTemp
WINDOWS\system32\WindowsSandbox.exe
WINDOWS\system32\mqsnap.dll
WINDOWS\SysWOW64\mqsnap.dll
WINDOWS\system32\vsconfig.dll
WINDOWS\system32\mqoa.dll
WINDOWS\SysWOW64\mqoa.dll
WINDOWS\system32\WindowsSandboxClient.exe
WINDOWS\system32\RemoteFileBrowse.dll
WINDOWS\system32\HyperVSysprepProvider.dll
WINDOWS\system32\hgclientservice.dll
2022-07-30 02:14 - 2021-10-06 12:41 - 000087552 _____ C:\WINDOWS\system32\
hvsiDspdvcclient.dll
WINDOWS\system32\madrid.dll
WINDOWS\system32\Drivers\hvsifltr.sys
2022-07-30 02:14 - 2021-10-06 12:41 - 000061264 _____ C:\WINDOWS\SysWOW64\
hvsifiletrust.dll
WINDOWS\system32\admwprox.dll
WINDOWS\SysWOW64\admwprox.dll
WINDOWS\SysWOW64\hvsimgrps.dll
WINDOWS\system32\iisreset.exe
WINDOWS\SysWOW64\iisreset.exe
WINDOWS\system32\wamregps.dll
WINDOWS\system32\VmComputeProxy.dll
WINDOWS\system32\iisrstap.dll
WINDOWS\SysWOW64\wamregps.dll
WINDOWS\SysWOW64\iisrstap.dll
WINDOWS\system32\Drivers\lxcore.sys
2022-07-30 02:14 - 2021-10-06 12:40 - 000374072 _____ C:\WINDOWS\system32\vp9fs.dll
WINDOWS\system32\vmsif.dll
WINDOWS\system32\hcsdiag.exe
WINDOWS\system32\Drivers\prjflt.sys
WINDOWS\system32\hnsdiag.exe
WINDOWS\system32\vmvirtio.dll
WINDOWS\system32\rdp4vs.dll
WINDOWS\system32\vmsifcore.dll
WINDOWS\system32\vmwpevents.dll
WINDOWS\system32\ProjectedFSLib.dll
WINDOWS\system32\VrdUmed.dll
WINDOWS\system32\Drivers\hvsocketcontrol.sys
WINDOWS\system32\vmsifproxystub.dll
WINDOWS\system32\Drivers\hnswfpdriver.sys
WINDOWS\system32\Drivers\lxss.sys
WINDOWS\system32\Drivers\vpcivsp.sys
WINDOWS\system32\Drivers\vkrnlintvsc.sys
WINDOWS\system32\Drivers\Synth3dVsp.sys
2022-07-30 02:14 - 2019-12-07 11:10 - 001579818 _____ C:\WINDOWS\system32\
WindowsVirtualization.V2.mof
2022-07-30 02:14 - 2019-12-07 11:10 - 001152064 _____ C:\WINDOWS\system32\
WindowsHyperVCluster.V2.mof
WINDOWS\system32\vmconnect.exe
WINDOWS\system32\mqutil.dll
WINDOWS\SysWOW64\mqutil.dll
WINDOWS\system32\nfscimprov.dll
WINDOWS\system32\mqrt.dll
WINDOWS\system32\nfscommgmt.dll
WINDOWS\system32\Drivers\mqac.sys
WINDOWS\system32\vmsp.exe
WINDOWS\SysWOW64\mqrt.dll
WINDOWS\system32\nfsadmin.exe
2022-07-30 02:14 - 2019-12-07 11:10 - 000144967 _____ C:\WINDOWS\system32\
virtmgmt.msc
WINDOWS\system32\mqlogmgr.dll
WINDOWS\system32\rpcinfo.exe
WINDOWS\system32\nfsnp.dll
WINDOWS\SysWOW64\mqoa.tlb
WINDOWS\system32\mqoa.tlb
2022-07-30 02:14 - 2019-12-07 11:10 - 000093510 _____ C:\WINDOWS\system32\
nfsmgmt.msc
WINDOWS\SysWOW64\mqoa30.tlb
WINDOWS\system32\mqoa30.tlb
WINDOWS\system32\showmount.exe
WINDOWS\system32\wcsetupagent.exe
WINDOWS\system32\nfscprop.dll
WINDOWS\system32\Drivers\msdcb.sys
WINDOWS\system32\vmmsprox.dll
2022-07-30 02:14 - 2019-12-07 11:10 - 000057856 _____ C:\WINDOWS\system32\
hgsclientplugin.dll
2022-07-30 02:14 - 2019-12-07 11:10 - 000056320 _____ C:\WINDOWS\system32\
vmstaging.dll
WINDOWS\system32\mqbkup.exe
WINDOWS\system32\Drivers\WmsWlFltr.sys
WINDOWS\system32\Drivers\ramparser.sys
WINDOWS\system32\vmplatformca.exe
2022-07-30 02:14 - 2019-12-07 11:10 - 000040960 _____ C:\WINDOWS\SysWOW64\
vmstaging.dll
WINDOWS\system32\AttestationWmiProvider.dll
WINDOWS\system32\Drivers\lunparser.sys
WINDOWS\system32\Drivers\WmsVolFilter.sys
WINDOWS\system32\aspperf.dll
WINDOWS\system32\UtilityVmSysprep.dll
WINDOWS\system32\mqsvc.exe
WINDOWS\SysWOW64\aspperf.dll
WINDOWS\system32\mqcertui.dll
2022-07-30 02:14 - 2019-12-07 11:10 - 000016384 _____ C:\WINDOWS\system32\
hgclientserviceps.dll
WINDOWS\SysWOW64\mqcertui.dll
WINDOWS\system32\f1db7d81-95be-4911-935a-8ab71629112a_vmsvcext_sys.dll
WINDOWS\system32\c28c7a4e-a619-4463-82b7-0fc9cc7187f5_HyperV-ComputeStorage.dll
2022-07-30 02:14 - 2019-12-07 11:10 - 000009096 _____ C:\WINDOWS\SysWOW64\
msmqtrc.mof
2022-07-30 02:14 - 2019-12-07 11:10 - 000009096 _____ C:\WINDOWS\system32\
msmqtrc.mof
WINDOWS\system32\nfsrc.dll
WINDOWS\system32\p9np.dll
WINDOWS\system32\Drivers\p9rdr.sys
WINDOWS\SysWOW64\p9np.dll
WINDOWS\system32\Drivers\l2bridge.sys
WINDOWS\system32\Drivers\vhdparser.sys
WINDOWS\system32\NvAgent.dll
WINDOWS\system32\Drivers\passthruparser.sys
WINDOWS\system32\vmcomputeeventlog.dll
WINDOWS\system32\TFTP.EXE
WINDOWS\system32\simptcp.dll
WINDOWS\system32\f989b52d-f928-44a3-9bf1-bf0c1da6a0d6_HyperV-
DeviceVirtualization.dll
WINDOWS\system32\d4d78066-e6db-44b7-b5cd-2eb82dce620c_HyperV-ComputeLegacy.dll
WINDOWS\system32\c4d66f00-b6f0-4439-ac9b-c5ea13fe54d7_HyperV-ComputeCore.dll
WINDOWS\system32\07409496-a423-4a3e-b620-2cfb01a9318d_HyperV-ComputeNetwork.dll
WINDOWS\system32\Drivers\vkrnlintvsp.sys
2022-07-29 17:34 - 2022-03-29 18:26 - 000000000 ____D C:\WINDOWS\system32\de
Local\Packages
2022-07-29 17:31 - 2022-03-29 17:56 - 000000000 ____D C:\Users\sufffi
2022-07-29 17:29 - 2022-03-29 18:25 - 000000000 ___RD C:\WINDOWS\
ImmersiveControlPanel
2022-07-29 17:29 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\SysWOW64\
WinMetadata
2022-07-29 17:29 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-07-29 17:29 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\SystemResources
WinMetadata
2022-07-29 17:29 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-29 17:29 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-07-29 17:29 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-29 17:29 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\bcastdvr
Defender Advanced Threat Protection
Windows Photo Viewer
2022-07-29 17:29 - 2022-03-29 17:30 - 000008192 ___SH C:\DumpStack.log.tmp
WINDOWS\SysWOW64\PrintConfig.dll
2022-07-29 16:47 - 2022-03-29 18:27 - 000000000 ____D C:\WINDOWS\Panther
2022-07-29 06:05 - 2022-03-31 12:36 - 000000000 ____D C:\Users\sufffi\.VirtualBox
2022-07-29 06:05 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\system32\NDF
Local\ElevatedDiagnostics
Local\Comms
Local\ConnectedDevicesPlatform
2022-07-28 23:27 - 2022-03-29 17:57 - 000000000 __RHD C:\Users\Public\
AccountPictures
2022-07-24 18:55 - 2022-03-29 18:25 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-15 12:13 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-15 11:55 - 2022-03-30 06:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-15 11:54 - 2022-03-30 06:54 - 146546848 ____C (Microsoft Corporation) C:\
WINDOWS\system32\MRT.exe
2022-07-11 23:27 - 2022-03-31 12:36 - 000000000 ____D C:\ProgramData\VirtualBox
2022-07-11 19:05 - 2022-03-30 03:39 - 000000000 ____D C:\WINDOWS\ADAM
2022-07-11 19:05 - 2022-03-29 18:25 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-07-11 19:05 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-11 19:05 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-07-11 19:05 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\ShellComponents
Local\D3DSCache
ELAM
2022-07-11 14:17 - 2022-03-29 18:25 - 000000000 ____D C:\WINDOWS\LiveKernelReports
Local\Apps\2.0
2022-07-10 10:08 - 2022-03-30 06:03 - 000000000 ____D C:\ProgramData\Package Cache
Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-07 00:38 - 2022-03-29 17:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\
wd
GoogleUpdateTaskMachineUA{1B8CBDC6-5359-4C44-8D2E-8D245802F570}
2022-07-01 15:13 - 2022-03-30 06:52 - 000000000 ____D C:\Program Files (x86)\Google
Local\Google
Local\PlaceholderTileLogoFolder
2022-07-01 14:38 - 2022-03-29 17:57 - 000000000 ____D C:\ProgramData\Packages
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2022-07-29 00:38 - 2022-07-29 00:38 - 000024064 _____ () C:\Users\sufffi\AppData\

Roaming\VeriAge.log
Local\resmon.resmoncfg
Local\taskman.cmd.done
Local\taskman.cmd.errors
==================== SigCheckExt =========================
2022-07-29 09:42 - 2010-12-06 04:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\

system32\Vestris.ResourceLib.dll
2022-07-29 09:42 - 2022-07-29 09:42 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
2022-07-11 13:34 - 2022-07-30 11:28 - 002369536 _____ (Farbar) C:\Users\sufffi\
Downloads\FRST64.exe
2022-05-22 07:38 - 2022-05-22 07:38 - 000394240 _____ (Google Inc.) C:\Users\
sufffi\Downloads\gcapi.dll
yuzu_install.exe
==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation
gescheitert sind.)
==================== BCD ================================
Start-Manager fr Firmware

--------------------------
Bezeichner {fwbootmgr}
displayorder {bootmgr}
{fd8e4f13-afd2-11ec-a97d-b4f3648b17bc}
{f092ce32-d4e6-11ec-9cad-806e6f6e6963}
{f092ce33-d4e6-11ec-9cad-806e6f6e6963}
{f092ce34-d4e6-11ec-9cad-806e6f6e6963}
timeout 0
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
flightsigning Yes
default {current}
resumeobject {0eb734e2-af7d-11ec-ab8a-b68328853783}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Firmwareanwendung (101fffff)
----------------------------
Bezeichner {f092ce32-d4e6-11ec-9cad-806e6f6e6963}
description UEFI:CD/DVD Drive
----------------------------
description UEFI:Removable Device
----------------------------
description UEFI:Network Device
----------------------------
Bezeichner {fd8e4f13-afd2-11ec-a97d-b4f3648b17bc}
description USB Entry for Windows To Go
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale de-DE
inherit {bootloadersettings}
recoverysequence {62c53816-af56-11ec-ae92-85c348c3b7d6}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {0eb734e2-af7d-11ec-ab8a-b68328853783}
nx OptIn
numproc 20
bootmenupolicy Standard
hypervisorlaunchtype Auto
usefirmwarepcisettings No
Windows-Startladeprogramm
-------------------------
Bezeichner {62c53816-af56-11ec-ae92-85c348c3b7d6}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{62c53817-af56-
11ec-ae92-85c348c3b7d6}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale de-de
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{62c53817-af56-
11ec-ae92-85c348c3b7d6}
systemroot \windows
nx OptIn
winpe Yes
Wiederaufnahme aus dem Ruhezustand

----------------------------------
Bezeichner {0eb734e2-af7d-11ec-ab8a-b68328853783}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
recoverysequence {62c53816-af56-11ec-ae92-85c348c3b7d6}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Windows-Speicherdiagnose
locale de-DE
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems No
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Local
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
{hypervisorsettings}
Hypervisoreinstellungen
-----------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung

-----------------------------------------
Bezeichner {resumeloadersettings}
Ger„teoptionen
--------------
Bezeichner {62c53817-af56-11ec-ae92-85c348c3b7d6}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Ende von FRST.txt ========================

FRST

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

FRST

Uploaded by

Copyright:

Available Formats

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

==================== Registry (Nicht auf der Ausnahmeliste) ===================

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

Task: {05D8BC9E-267A-4D4C-A7B0-10C0FE617D74} - System32\Tasks\OneDrive Standalone

==================== Internet (Nicht auf der Ausnahmeliste) ====================

Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\vsocklib.dll [64192 2015-08-04] (VMware,

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET,

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-10-06] (Microsoft

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

==================== Drei Monate (erstellte) (Nicht auf der Ausnahmeliste)

2022-07-30 11:31 - 2022-07-30 11:31 - 000046753 _____ C:\Users\sufffi\Downloads\

==================== Drei Monate (geänderte) ==================

2022-07-30 11:24 - 2022-03-29 18:25 - 000000000 ____D C:\ProgramData\regid.1991-

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2022-07-29 00:38 - 2022-07-29 00:38 - 000024064 _____ () C:\Users\sufffi\AppData\

==================== SigCheckExt =========================

2022-07-29 09:42 - 2010-12-06 04:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\

==================== SigCheck ============================

==================== BCD ================================

Start-Manager fr Firmware

Wiederaufnahme aus dem Ruhezustand

Einstellungen zur Ladeprogrammfortsetzung

==================== Ende von FRST.txt ========================

You might also like

Start-Manager fr Firmware