Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Verdacht auf: Win32:Vitro?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Thema geschlossen
Alt 20.09.2021, 21:15   #1
samy911
 
Verdacht auf: Win32:Vitro? - Standard

Verdacht auf: Win32:Vitro?



Moin zusammen.
Kurze Vorgeschichte: Vor kurzem habe ich eine größere Lieferung an USB Sticks aus Fernost erhalten. ca 20-30 sticks lang keine Probleme. Dann plötzlich beim reinstecken klingelt der Avast: Win32:vitro erkannt. infizierte Datei: CMD.exe. ich habe den Ordner weder geöffnet noch ausgeführt. die Datei wurde auch in Quarantäne verschoben.
so weit so gut. allerdings bekomme ich seitdem regelmäßig BSOD mit wechselnen Fehlermeldungen. Beispiel:

DPC_WATCHDOG_VIOLATION
oder
KMODE_EXCEPTION_NOT_HANDLED

Die Ereignisanzeige zeigt den kritischen Fehler Kernel power(41) an, was genau wie die Bluescreen Meldung erstmal an ein Treiberproblem denken lässt.

ich habe bereits mehrfach Avast, Malwarebytes und Spybot S&D über das system laufen lassen. Auch alle Treiber überprüft und ggfs. aktualisiert.

Bis jetzt leider keine Besserung. Meine Befürchtung ist jetzt, dass der Virus sich doch irgendwie eingeschlichen hat, vllt aber auch nur Paranoia?

Hier einmal das HijackThis Logfile:
HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:22:46, on 20.09.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1202)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Razer\Synapse3\Service\..\UserProcess\Razer Synapse Service Process.exe
C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\EKAG20NT.EXE
C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
C:\Users\Start\Desktop\MediaCreationTool21H1.exe
C:\$Windows.~WS\Sources\SetupHost.Exe
C:\Users\Start\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com/?fr=avantsearch6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\93.0.961.52\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Opera Browser Assistant] C:\Program Files\Opera\assistant\browser_assistant.exe
O4 - HKLM\..\Run: [Adobe CCXProcess] C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX2] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe /FORCE
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Start\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Discord] C:\Users\Start\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [Synapse3] "C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe" /StartMinimized
O4 - HKCU\..\Run: [Adobe Reader Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [vidnotifier.exe] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe
O4 - HKCU\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\51.0.9.0\GoogleDriveFS.exe --startup_mode
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Lokaler Dienst')
O4 - HKUS\S-1-5-19\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\51.0.9.0\GoogleDriveFS.exe --startup_mode (User 'Lokaler Dienst')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Netzwerkdienst')
O4 - HKUS\S-1-5-18\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\51.0.9.0\GoogleDriveFS.exe --startup_mode (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\51.0.9.0\GoogleDriveFS.exe --startup_mode (User 'Default user')
O4 - Global Startup: Avast SecureLine VPN.lnk = C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe
O8 - Extra context menu item: An OneNote s&enden - res://F:\MSOFFI~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://F:\MSOFFI~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\office\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\office\Office12\REFIEBAR.DLL (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{CFDB48C0-11FF-4308-99E6-55CBB3A809BE}: NameServer = 100.120.1.1
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Acronis Agent Core Service (aakore) - Acronis International GmbH - C:\Program Files (x86)\Acronis\Agent\aakore.exe
O23 - Service: Acronis Active Protection (TM) Service (AcronisActiveProtectionService) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Browser Update-Dienst (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
O23 - Service: Avast AntiTrack Service (AvastAntiTrackSvc) - AVAST Software - C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
O23 - Service: Avast Browser Update-Dienst (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\93.0.11965.83\elevation_service.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - E:\Simons Sachen\Alcohol\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Avast Cleanup (CleanupPSvc) - AVAST Software - C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_3354c1 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Avast Driver Updater (DriverUpdSvc) - AVAST Software - C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epic Online Services (EpicOnlineServices) - Epic Games, Inc. - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.82\elevation_service.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Acronis Managed Machine Service Mini (mmsminisrv) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
O23 - Service: Acronis Mobile Backup Server (mobile_backup_server) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
O23 - Service: Acronis Mobile Backup Status Server (mobile_backup_status_server) - Unknown owner - C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b8346c359fcd6093\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: Razer Game Manager (Razer Game Manager Service) - Razer Inc - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
O23 - Service: Razer Synapse Service - Razer Inc. - C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - F:\Simons Sachen 2\Rockstar\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Realtek Semiconductor - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe
O23 - Service: Razer Central Service (RzActionSvc) - Razer Inc. - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot Security Center Integration Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Avast SecureLine VPN (SecureLine) - AVAST Software - C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - E:\Simons Sachen\Alcohol\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: Tib Mounter Service - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 23466 bytes
         
--- --- ---

Ich hoffe ihr könnt mir weiterhelfen

Geändert von samy911 (20.09.2021 um 21:39 Uhr)

Alt 20.09.2021, 22:20   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht auf: Win32:Vitro? - Standard

Verdacht auf: Win32:Vitro?



Was soll das bitte mit HijackThis werden?
Offensichtlich hast du die Hiwneise für Hilfesuchende komplett ignoriert, obwohl man die bei der Registrierung schon buchstäblich reingeprügelt bekommt.


Logdateien erstellen mit FRST64
  • Bitte lade dir Farbar's Recovery Scan Tool (FRST64.exe) auf deinen Desktop
  • Starte anschließend FRST64.exe per Doppelklick.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und die Addition.txt in deinem Thread in CODE-Tags (#-Symbol im Eingabefenster der Webseite anklicken)


Falls der Smartscreenfilter FRST blockiert sollte, kannst du den dort deaktivieren:
Start > Einstellungen > Update und Sicherheit > Windows Sicherheit > App- & Browsersteuerung > Zuverlässigkeitsbasierter Schutz
__________________

__________________

Alt 20.09.2021, 22:55   #3
samy911
 
Verdacht auf: Win32:Vitro? - Standard

Verdacht auf: Win32:Vitro?



Okay sorry, habe tatsächlich übersehen.
Hier beide Logfiles

FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2021
durchgeführt von Start (Administrator) auf MEINPC (Micro-Star International Co., Ltd MS-7B86) (20-09-2021 23:31:58)
Gestartet von C:\Users\Start\Downloads
Geladene Profile: Start
Platform: Windows 10 Pro Version 21H1 19043.1237 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AntiTrackSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Driver Updater\DriverUpdSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Driver Updater\DriverUpdUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Avast Software s.r.o. -> Software Security System) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekag20nt.exe
(Avast Software s.r.o. -> The CefSharp Authors) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe <5>
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\51.0.9.0\crashpad_handler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <44>
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Start\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b8346c359fcd6093\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe <2>
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(StarWind Software) [Datei ist nicht signiert] E:\Simons Sachen\Alcohol\Alcohol 120\StarWind\StarWindServiceAE.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Razer\Razer Services\GMS\SteamCmd\steamcmd.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [iTunesHelper] => F:\itunes\iTunesHelper.exe [340440 2021-04-16] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [124184 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe [1274712 2021-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2748696 2021-09-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2020-11-23] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [3158808 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-09-14] (Adobe Inc. -> )
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6787856 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5671448 2020-11-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [447520 2020-11-23] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.9.0\GoogleDriveFS.exe [54091608 2021-08-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.9.0\GoogleDriveFS.exe [54091608 2021-08-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\Run: [Discord] => C:\Users\Start\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3522168 2021-08-23] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5397216 2021-09-09] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [2419008 2020-06-23] (Digital Wave Ltd -> Digital Wave Ltd)
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.9.0\GoogleDriveFS.exe [54091608 2021-08-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Start\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Start\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\RunOnce: [Uninstall 21.160.0808.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Start\AppData\Local\Microsoft\OneDrive\21.160.0808.0002"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.9.0\GoogleDriveFS.exe [54091608 2021-08-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3522168 2021-08-23] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\Canon TS3100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDR.DLL [482816 2017-03-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55872 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3100 series: C:\Windows\system32\CNMLMDR.DLL [1302016 2017-03-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3100 series XPS: C:\Windows\system32\CNMXLMDR.DLL [1304064 2017-03-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-16] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\93.0.11965.83\Installer\chrmstp.exe [2021-09-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-09-16]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00B92118-A29D-45DA-8BC9-918F38FC895A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {03FA8DE7-56C0-48E5-9E02-3FA69204D6BF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0573E939-3223-4E05-8259-041CA182EE1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {059EF875-7FD4-4DF8-8467-9D4A7D324B12} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {05D33CBA-B127-4B41-8F67-50B5AAAE2E0B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {074CCD3A-6A48-4508-B438-4BEDE55C106F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0C111F08-4109-4056-8A47-BCD30A9B699D} - System32\Tasks\{CB186645-6F27-483C-A501-C0AB8A180F08} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall PROHYBRIDR /dll OSETUP.DLL
Task: {0C91C2BD-60B6-4406-96E1-53A2BDF02B13} - System32\Tasks\{33D74989-11EB-418A-A37B-37E1F764EBA5} => C:\Windows\system32\pcalua.exe -a C:\Users\Start\Desktop\dxwebsetup0411.exe -d C:\Users\Start\Desktop
Task: {0ED29DB5-1AE8-4301-A3E3-ABD7C20F025F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {145E3D7C-5624-40E6-B9E7-7A2DF7AA66DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2019-08-01] (Google Inc -> Google Inc.)
Task: {19CDEEB7-B279-42EE-B532-0B65867D0DE5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A19F80F-C2B1-4679-B8D7-33CDCE9740A8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1DFC9855-5A01-4E93-8C4F-20E4A7B33AFF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {26565AAF-9F61-418B-9A61-5CF940B4DC8E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {298E895A-5E4B-4FF0-9FD2-4D59C39720F8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2D499054-1225-482B-A174-700144B6EF9B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2299360 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
Task: {2EA2BEA6-67A9-4BD9-9E20-2A1BA481CBDA} - System32\Tasks\Opera scheduled assistant Autoupdate 1582801415 => C:\Program Files\Opera\launcher.exe [41907408 2021-09-13] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {3088F6FC-7DCA-4F3E-94D1-C6DD72AF7FEC} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [6386968 2021-09-16] (Avast Software s.r.o. -> Avast Software)
Task: {32233E11-A25A-4E93-9078-E2147FB42CE3} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {327B6D93-43FC-486B-947B-0519D5DCA93D} - System32\Tasks\{007D2A7B-83A3-480A-BFE8-DE44DEBDBF41} => C:\Windows\system32\pcalua.exe -a C:\Users\Start\AppData\Local\Temp\scoped_dir3136_29839\gothic1_playerkit-1.08k.exe -d C:\Users\Start\AppData\Local\Temp\scoped_dir3136_29839 <==== ACHTUNG
Task: {348B45A1-9EB7-4F0D-A010-15175D83371A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {3573D26B-43A3-49C0-8398-E7C9CF4CC709} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {46318AFD-F5F9-4B6C-BB03-FC6181DDD3D1} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {467C4861-F865-4306-BD49-CE4F75EBBE8A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {480B86F3-75B2-409F-B52A-E507797C4BAA} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6386968 2021-09-14] (Avast Software s.r.o. -> Avast Software)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4DDAF01D-A084-4EF5-9EF9-A68A27563BEC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5019376B-D341-4CB0-8C8B-9EC240EA29C9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {50CF54B3-4F3B-46DD-AE2F-88C65E78EFA2} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {526F9BBA-0B21-4669-93B3-B54AB42420CE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {57887866-4DF8-4B59-B3C0-B9D09C3C6446} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5918646C-74D7-47C7-8FFF-F503342773ED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B111855-667D-4EBA-B386-1C34F6BC5621} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5C875310-C648-49E6-AF97-1BE111DA963D} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {5E693363-2851-45A2-817A-97EEA99098DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {5ED9CF9C-D91B-4DE2-BA87-FE200B4F7DF7} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {615EB6FE-61BE-4515-AB8F-97A0D7F2452A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {656F50AC-E62A-4822-916C-6371D255DF30} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {6A8735E0-7DE0-4C8E-B536-037063E684A5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6F577678-384A-43EB-9EE6-D05D9BE77A84} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {7120EA2D-EB64-4BA5-A5E8-F022B101AE09} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7B028303-9BA6-410C-9FF9-D93D86AB2E6C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {7EBA1AA6-42CD-4F52-96DE-2A5CA58A6A1C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {81B7445D-8275-4774-BAE3-C299CCC34A04} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {86C2876E-92BC-4036-8471-3B7445C56393} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {87209380-B2A2-42C1-A48B-3E17E9EC0D47} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {889E2A66-CAFD-4EB5-8021-0B753AA97B31} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8AA68F15-C882-4A14-9125-6160DFCE6F5D} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4754712 2021-09-20] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log"  --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid c6255ce4-1cd0-4060-b564-519061e5099e
Task: {8DCF2A49-13BD-45F4-A466-302B93207AA4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {90506B20-7F95-4DCB-B5DC-E74B21DD288F} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6386968 2021-09-16] (Avast Software s.r.o. -> Avast Software)
Task: {9185802C-E0D0-4522-AD55-4E4E5FA17C88} - System32\Tasks\Opera scheduled Autoupdate 1493978488 => C:\Program Files\Opera\launcher.exe [41907408 2021-09-13] (Opera Software AS -> Opera Software)
Task: {91D0C2B8-2771-4B9D-B755-B5FDE2EF801F} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {959F6624-15A8-45F8-8C17-1DADD4B2A7E2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A29615BF-2DAD-4D91-A496-992BE6C1B4C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4929304 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
Task: {A563FD7E-9681-4736-8E22-B7E41C9DB657} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {AC411CF0-86C0-4A5A-8D9C-2EF111599BD3} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1333528 2021-09-16] (Avast Software s.r.o. -> AVAST Software)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B229C01C-D51D-47EC-BA43-1CA7F7AF9A0B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {B2B5CA8B-BA13-47EE-8B6D-CF69CE4E1D15} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B2BF0BB9-5B72-4B92-8CE8-9B1F07A07BA8} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {B4015F1D-9A4B-4CD0-A00F-089709A249D7} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4769048 2021-09-16] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 9c68aa88-7cb8-4a71-989d-f0f723601915
Task: {B5DBC953-FB1F-43D1-9ACA-7162DF045B55} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {B628C40E-A513-4CFD-A1F9-D7105E9B703F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053768 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {B850701A-AE73-4DF4-A11B-71836BC7BFA7} - System32\Tasks\CCleanerSkipUAC - Start => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BBC1BFA6-7B99-44FF-A323-F85290D363E4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {BC635B57-10B7-4DB5-B3C2-5846AEED7CEE} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC2FD039-E73D-40F7-AE7F-05FB4E3CB58E} - System32\Tasks\Opera scheduled Autoupdate 1394812387 => D:\Program Files (x86)\Opera\launcher.exe
Task: {D30E9A7D-CBBC-4E6A-89DA-B9A493B0F6F7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D3485DE0-A5F5-45B0-BF09-E5F44865DD99} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D8067212-C490-49B1-BB60-BF15ABE1FD2C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2019-08-01] (Google Inc -> Google Inc.)
Task: {D95520A5-5C23-47E0-853C-62CF39253660} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {E44A34A3-5F59-4224-B2EE-2E19210F4F41} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2299360 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
Task: {EBC53186-13C9-48DF-A5DB-0F90279ACC49} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4755224 2021-09-17] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log"  --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid fb825fea-1875-419d-84c5-b7c53af3e23e
Task: {F3BFB137-B850-41D9-8E77-365B56974343} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053768 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F52DF5DD-7FFA-4849-A066-92C0E86BB9A5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {F60A9971-5EAE-41FD-BDD7-DEC7E8262736} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {F64714CB-B91D-4337-AE4A-D49597F59FDB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe)
Task: {FCD5B379-1EE8-4F9D-9635-2C7588E685FA} - System32\Tasks\Avast Software\AvastAntiTrackPremiumStart => C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [849096 2021-09-19] (Avast Software s.r.o. -> AVAST Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{20B3F959-6988-48F1-BFFE-F1A264FF8403}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{97A24053-7E30-4F22-93F3-1276F8349EB6}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{b7c2f19e-cd4d-453c-bd3c-a88ba080ad50}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CFDB48C0-11FF-4308-99E6-55CBB3A809BE}: [NameServer] 100.120.1.1

Edge: 
=======
DownloadDir: C:\Users\Start\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (360 Viewer) -> EdgeExtension_Microsoft360Viewer_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.360Viewer_2.3.5.0_neutral__8wekyb3d8bbwe [2019-10-17]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\Start\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-20]
Edge DownloadDir: Default -> C:\Users\Start\Downloads
Edge Extension: (360 Viewer) - C:\Users\Start\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmglcbnpblebkmcllnfcgamdelbbekge [2021-08-22]

FireFox:
========
FF DefaultProfile: 0voxu2s2.default-1393439220826-1589734529568
FF ProfilePath: C:\Users\Start\AppData\Roaming\Mozilla\Firefox\Profiles\25o3mtig.default-release [2021-09-20]
FF Homepage: Mozilla\Firefox\Profiles\25o3mtig.default-release -> about:blank
FF Extension: (Ghostery – Datenschutzorientierter Werbeblocker) - C:\Users\Start\AppData\Roaming\Mozilla\Firefox\Profiles\25o3mtig.default-release\Extensions\firefox@ghostery.com.xpi [2021-06-29]
FF Extension: (HTTPS Everywhere) - C:\Users\Start\AppData\Roaming\Mozilla\Firefox\Profiles\25o3mtig.default-release\Extensions\https-everywhere@eff.org.xpi [2021-07-15]
FF Extension: (Chameleon) - C:\Users\Start\AppData\Roaming\Mozilla\Firefox\Profiles\25o3mtig.default-release\Extensions\{3579f63b-d8ee-424f-bbb6-6d0ce3285e6a}.xpi [2021-09-09]
FF Extension: (NoScript) - C:\Users\Start\AppData\Roaming\Mozilla\Firefox\Profiles\25o3mtig.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-07-28]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Start\AppData\Roaming\Mozilla\Firefox\Profiles\25o3mtig.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-01]
FF ProfilePath: C:\Users\Start\AppData\Roaming\Mozilla\Firefox\Profiles\0voxu2s2.default-1393439220826-1589734529568 [2021-09-20]
FF Homepage: Mozilla\Firefox\Profiles\0voxu2s2.default-1393439220826-1589734529568 -> about:blank
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2021-08-13] [] [ist nicht signiert]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default [2021-09-20]
CHR Notifications: Default -> hxxps://business.facebook.com
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Präsentationen) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-28]
CHR Extension: (Docs) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-28]
CHR Extension: (Google Drive) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (DuckDuckGo) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-09-03]
CHR Extension: (YouTube) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-28]
CHR Extension: (Desktop-Version Instagram ™) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjbdbkbadeaplkemgboepplolkbomd [2020-06-23]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-01]
CHR Extension: (FrankerFaceZ) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2021-03-24]
CHR Extension: (Tabellen) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-28]
CHR Extension: (Google Docs Offline) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-09-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Avast AntiTrack Premium) - C:\Users\Start\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdidpcihajhihmghhhkfnpklgdehold [2021-09-16]

Opera: 
=======
OPR Profile: C:\Users\Start\AppData\Roaming\Opera Software\Opera Stable [2021-09-20]
OPR DownloadDir: C:\Users\Start\Desktop
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (AdBlock) - C:\Users\Start\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2019-12-15]
OPR Extension: (SurfEasy VPN - Sicherheit, Privatsphäre, Entsperrung) - C:\Users\Start\AppData\Roaming\Opera Software\Opera Stable\Extensions\ebpielhlnnpkiddeeacoephkilopgblc [2018-11-17]
OPR Extension: (HTTPS Everywhere) - C:\Users\Start\AppData\Roaming\Opera Software\Opera Stable\Extensions\edaplhobcmdaneconioghljnnopmkhgm [2021-07-14]
OPR Extension: (Rich Hints Agent) - C:\Users\Start\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-08-19]
OPR Extension: (MyJDownloader Browser Erweiterung) - C:\Users\Start\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2019-07-30]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Start\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-14]
OPR Extension: (uBlock Origin) - C:\Users\Start\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2021-08-06]
OPR Extension: (Google Übersetzer) - C:\Users\Start\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2021-08-03]
OPR Extension: (Hide My IP VPN) - C:\Users\Start\AppData\Roaming\Opera Software\Opera Stable\Extensions\naapkicannpiienpabliikhbcejidhpl [2019-12-18]
OPR Extension: (Alitools Shopping Assistent) - C:\Users\Start\AppData\Roaming\Opera Software\Opera Stable\Extensions\nkekkheibgkgeepapinkalkongndfajn [2021-08-27]
OPR Extension: (YouTube Unblocker) - C:\Users\Start\AppData\Roaming\Opera Software\Opera Stable\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2017-03-21]
OPR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Start\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-07-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [15849376 2020-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12905888 2020-11-23] (Acronis International GmbH -> )
S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1421352 2020-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2020-11-23] (Acronis International GmbH -> Acronis International GmbH)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
S3 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6388072 2021-03-24] (Acronis International GmbH -> )
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936456 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8303184 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [630040 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1633048 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [377624 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R2 AvastAntiTrackSvc; C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe [1826584 2021-09-19] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\93.0.11965.83\elevation_service.exe [1436280 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
S2 AxAutoMntSrv; E:\Simons Sachen\Alcohol\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15049496 2021-09-17] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [439616 2020-06-23] (Digital Wave Ltd -> Digital Wave Ltd)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [6562584 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2019-11-12] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7785656 2021-09-18] (Malwarebytes Inc -> Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
S3 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2102600 2020-11-23] (Acronis International GmbH -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-09-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475672 2021-09-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1134616 2021-05-20] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [356376 2021-09-07] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294520 2021-08-23] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; F:\Simons Sachen 2\Rockstar\RockstarService.exe [1631360 2020-12-12] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533824 2021-08-30] (Razer USA Ltd. -> Razer Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2747312 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4583240 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe [9032472 2021-09-16] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 StarWindServiceAE; E:\Simons Sachen\Alcohol\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Datei ist nicht signiert]
S3 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7393496 2020-11-23] (Acronis International GmbH -> )
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5911456 2020-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b8346c359fcd6093\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b8346c359fcd6093\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221600 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369176 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250408 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99368 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-20] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41368 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538480 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswNetNd6; C:\WINDOWS\system32\DRIVERS\aswNetNd6.sys [38152 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107864 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851712 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [557152 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215384 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [56960 2021-08-11] (Avast Software s.r.o. -> Avast Software)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2020-11-23] (Bitdefender SRL -> Bitdefender)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-08-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [721536 2021-03-24] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2021-03-24] (Acronis International GmbH -> Acronis International GmbH)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-07-30] (Google LLC -> Google, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-18] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-09-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [68528 2021-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [108792 2021-09-19] (Avast Software s.r.o. -> Windows (R) Win 7 DDK provider)
R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [171312 2020-11-23] (Acronis International GmbH -> Acronis International GmbH)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0085; C:\WINDOWS\System32\drivers\RzDev_0085.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [394296 2019-02-27] (Disc Soft Ltd -> Duplex Secure Ltd.)
S0 Spybot3ELAM; C:\WINDOWS\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-Malware Publisher -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2021-03-24] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [176248 2021-03-24] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [694920 2021-03-24] (Acronis International GmbH -> Acronis International GmbH)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2019-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2021-03-24] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2021-03-24] (Acronis International GmbH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-09-20 23:31 - 2021-09-20 23:32 - 000060002 _____ C:\Users\Start\Downloads\FRST.txt
2021-09-20 23:31 - 2021-09-20 23:32 - 000000000 ____D C:\FRST
2021-09-20 23:30 - 2021-09-20 23:30 - 002304512 _____ (Farbar) C:\Users\Start\Downloads\FRST64.exe
2021-09-20 23:03 - 2021-09-20 23:03 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-20 23:03 - 2021-09-20 23:03 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw2db30bba44d697ef.tmp
2021-09-20 22:37 - 2021-09-20 22:37 - 000000000 ___HD C:\$SysReset
2021-09-20 22:34 - 2021-09-20 22:34 - 001277828 _____ C:\WINDOWS\Minidump\092021-11796-01.dmp
2021-09-20 22:22 - 2021-09-20 22:22 - 000000000 ___HD C:\$Windows.~WS
2021-09-20 22:20 - 2021-09-20 22:20 - 005742476 _____ C:\WINDOWS\Minidump\092021-12265-01.dmp
2021-09-20 22:01 - 2021-09-20 22:01 - 019336864 _____ C:\Users\Start\Downloads\win-ts3100-1_1-n_mcd.exe
2021-09-20 21:59 - 2021-09-20 21:59 - 000388608 _____ (Trend Micro Inc.) C:\Users\Start\Downloads\hijackthis.exe
2021-09-20 21:57 - 2021-09-20 21:58 - 006180028 _____ C:\WINDOWS\Minidump\092021-12625-01.dmp
2021-09-20 21:42 - 2021-09-20 21:42 - 000086427 _____ C:\Users\Start\Downloads\Briefmarken.13Stk.20.09.2021_2141.pdf
2021-09-20 20:38 - 2021-09-20 20:38 - 003454000 _____ C:\Users\Start\Downloads\avg_remover_virut (1).exe
2021-09-20 20:30 - 2021-05-23 15:11 - 000454806 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20210920-203018.backup
2021-09-20 20:06 - 2021-09-20 20:06 - 001359452 _____ C:\WINDOWS\Minidump\092021-12375-01.dmp
2021-09-20 19:55 - 2021-09-20 22:34 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-09-20 19:55 - 2021-09-20 19:55 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-09-20 19:55 - 2021-09-20 19:55 - 000068528 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-09-20 19:03 - 2021-09-20 19:04 - 001465236 _____ C:\WINDOWS\Minidump\092021-12593-01.dmp
2021-09-20 18:34 - 2021-09-20 18:34 - 000019590 _____ C:\Users\Start\Downloads\Produktkategorien.xlsx
2021-09-20 16:19 - 2021-09-20 16:20 - 000000000 ____D C:\Users\Start\Desktop\Windows 10 Pro 32 & 64 Bit _ Vollversion _ _ Kaufland.de_files
2021-09-20 16:19 - 2021-09-20 16:19 - 000301702 _____ C:\Users\Start\Desktop\Windows 10 Pro 32 & 64 Bit _ Vollversion _ _ Kaufland.de.html
2021-09-20 13:47 - 2021-09-20 13:47 - 001438756 _____ C:\WINDOWS\Minidump\092021-11906-01.dmp
2021-09-19 23:07 - 2021-09-19 23:07 - 000070504 _____ C:\Users\Start\Downloads\Briefmarken.7Stk.19.09.2021_2307.pdf
2021-09-19 22:51 - 2021-09-19 22:51 - 000108792 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\netfilter2.sys
2021-09-19 21:58 - 2021-09-19 21:58 - 000062339 _____ C:\Users\Start\Downloads\Briefmarken.2Stk.19.09.2021_2158.pdf
2021-09-19 21:58 - 2021-09-19 21:58 - 000062339 _____ C:\Users\Start\Downloads\Briefmarken.2Stk.19.09.2021_2158 (1).pdf
2021-09-19 12:15 - 2021-09-19 12:15 - 000061821 _____ C:\Users\Start\Downloads\Briefmarken.2Stk.19.09.2021_1215.pdf
2021-09-18 22:02 - 2021-09-18 22:02 - 000090461 _____ C:\Users\Start\Downloads\Briefmarken.4Stk.18.09.2021_2202.pdf
2021-09-18 21:22 - 2021-09-18 21:22 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-09-18 21:22 - 2021-09-18 21:22 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-09-18 13:33 - 2021-09-18 13:33 - 000064177 _____ C:\Users\Start\Downloads\Briefmarken.3Stk.18.09.2021_1333.pdf
2021-09-18 12:15 - 2021-09-18 12:15 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\636603EC.sys
2021-09-18 12:12 - 2021-09-18 12:12 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\4674B5C8.sys
2021-09-18 00:24 - 2021-09-18 13:31 - 000000000 ____D C:\Users\Start\Desktop\mbar
2021-09-18 00:24 - 2021-09-18 13:31 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2021-09-18 00:24 - 2021-09-18 00:24 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Start\Downloads\mbar-1.10.3.1001 (1).exe
2021-09-18 00:24 - 2021-09-18 00:24 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\63528180.sys
2021-09-18 00:02 - 2021-09-18 00:02 - 000065933 _____ C:\Users\Start\Downloads\Briefmarken.5Stk.18.09.2021_0002.pdf
2021-09-17 23:54 - 2021-09-17 23:54 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Start\Downloads\mbar-1.10.3.1001.exe
2021-09-17 23:50 - 2021-09-17 23:50 - 003454000 _____ C:\Users\Start\Downloads\avg_remover_virut.exe
2021-09-17 23:40 - 2021-09-17 23:40 - 001288532 _____ C:\WINDOWS\Minidump\091721-12031-01.dmp
2021-09-17 23:05 - 2021-09-17 23:05 - 001669140 _____ C:\WINDOWS\Minidump\091721-12828-01.dmp
2021-09-17 00:32 - 2021-09-17 00:32 - 000062652 _____ C:\Users\Start\Downloads\Briefmarken.2Stk.17.09.2021_0032.pdf
2021-09-16 20:12 - 2021-09-16 20:12 - 000060414 _____ C:\Users\Start\Downloads\Briefmarken.1Stk.16.09.2021_2012.pdf
2021-09-16 17:50 - 2021-09-16 17:50 - 000066401 _____ C:\Users\Start\Downloads\Briefmarken.4Stk.16.09.2021_1749.pdf
2021-09-16 16:12 - 2021-09-16 16:12 - 000060277 _____ C:\Users\Start\Downloads\Briefmarken.1Stk.16.09.2021_1612.pdf
2021-09-16 13:42 - 2021-09-16 13:42 - 001284588 _____ C:\WINDOWS\Minidump\091621-13375-01.dmp
2021-09-16 12:53 - 2021-08-27 18:54 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-09-16 12:49 - 2021-09-16 12:50 - 755560304 _____ (NVIDIA Corporation) C:\Users\Start\Downloads\471.96-desktop-win10-win11-64bit-international-dch-whql.exe
2021-09-16 12:45 - 2021-09-16 12:45 - 001369588 _____ C:\WINDOWS\Minidump\091621-14015-01.dmp
2021-09-16 12:41 - 2021-09-16 12:41 - 000070481 _____ C:\Users\Start\Downloads\Briefmarken.7Stk.16.09.2021_1241.pdf
2021-09-16 00:50 - 2021-09-20 22:34 - 000000000 ____D C:\Users\Start\AppData\Local\AvastAntiTrackPremium
2021-09-16 00:50 - 2021-09-16 00:50 - 000000000 _RSHD C:\ProgramData\Key-Base
2021-09-16 00:50 - 2021-09-16 00:50 - 000000000 ____D C:\ProgramData\{66D59AF4-2118-C1E1-FC66-8EB016F7CD80}
2021-09-16 00:48 - 2021-09-16 00:48 - 000002402 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast AntiTrack Premium.lnk
2021-09-16 00:48 - 2021-09-16 00:48 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2021-09-16 00:40 - 2021-09-16 00:44 - 000340089 _____ C:\Users\Start\Desktop\Schreiben an Simon Hanke (Mandant) .pdf
2021-09-16 00:38 - 2021-09-16 00:38 - 000000000 ___HD C:\$WinREAgent
2021-09-16 00:04 - 2021-09-16 00:04 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-09-16 00:00 - 2021-09-16 00:00 - 006673184 _____ (EnigmaSoft Limited) C:\Users\Start\Downloads\SpyHunter-5.10-67-8521-Installer.exe
2021-09-16 00:00 - 2021-09-16 00:00 - 000000000 ____D C:\WINDOWS\system32\lxss
2021-09-15 23:59 - 2021-09-15 23:59 - 006673184 _____ (EnigmaSoft Limited) C:\Users\Start\Downloads\SpyHunter-Installer.exe
2021-09-15 23:52 - 2021-09-15 23:52 - 000002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater.lnk
2021-09-15 23:45 - 2021-09-15 23:45 - 008553680 _____ (Malwarebytes) C:\Users\Start\Downloads\adwcleaner_8.3.0.exe
2021-09-15 23:39 - 2021-09-15 23:39 - 005731964 _____ C:\WINDOWS\Minidump\091521-12000-01.dmp
2021-09-15 23:32 - 2021-09-15 23:32 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-15 23:32 - 2021-09-15 23:32 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-15 23:32 - 2021-09-15 23:32 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-15 23:32 - 2021-09-15 23:32 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-15 23:32 - 2021-09-15 23:32 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-15 23:32 - 2021-09-15 23:32 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 23:32 - 2021-09-15 23:32 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-15 23:32 - 2021-09-15 23:32 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-15 23:32 - 2021-09-15 23:32 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-15 23:32 - 2021-09-15 23:32 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-15 23:32 - 2021-09-15 23:32 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-15 23:32 - 2021-09-15 23:32 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-15 23:32 - 2021-09-15 23:32 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-15 23:32 - 2021-09-15 23:32 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-15 23:32 - 2021-09-15 23:32 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-15 23:32 - 2021-09-15 23:32 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-09-15 23:32 - 2021-09-15 23:32 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-15 23:32 - 2021-09-15 23:32 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-15 23:32 - 2021-09-15 23:32 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-15 23:32 - 2021-09-15 23:32 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-15 23:32 - 2021-09-15 23:32 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-15 23:20 - 2021-09-15 23:20 - 001359828 _____ C:\WINDOWS\Minidump\091521-13890-01.dmp
2021-09-15 19:04 - 2021-09-15 19:04 - 000059187 _____ C:\Users\Start\Downloads\Briefmarken.1Stk.15.09.2021_1903.pdf
2021-09-15 19:00 - 2021-09-15 19:00 - 007320260 _____ C:\WINDOWS\Minidump\091521-16093-01.dmp
2021-09-15 18:43 - 2021-09-20 20:06 - 000000000 ____D C:\Users\Start\AppData\LocalLow\IGDump
2021-09-14 23:44 - 2021-09-14 23:44 - 000060197 _____ C:\Users\Start\Downloads\Briefmarken.1Stk.14.09.2021_2344.pdf
2021-09-14 23:42 - 2021-09-14 23:42 - 000064762 _____ C:\Users\Start\Downloads\Briefmarken.3Stk.14.09.2021_2342.pdf
2021-09-14 19:45 - 2021-09-14 19:45 - 000062543 _____ C:\Users\Start\Downloads\Briefmarken.2Stk.14.09.2021_1945.pdf
2021-09-14 19:10 - 2021-09-14 19:10 - 003028488 _____ C:\Users\Start\Downloads\pidgen.v1.2.0.606.rar
2021-09-14 17:20 - 2021-09-14 17:20 - 000060281 _____ C:\Users\Start\Downloads\Briefmarken.1Stk.14.09.2021_1720.pdf
2021-09-14 15:58 - 2021-09-14 15:58 - 000290916 _____ C:\Users\Start\Downloads\CEA91C55-37ED-4560-A14D-58318A51E9AE.jpeg
2021-09-14 15:58 - 2021-09-14 15:58 - 000208445 _____ C:\Users\Start\Downloads\5F066320-E00C-4756-9B34-966261F69349.jpeg
2021-09-14 15:14 - 2021-09-14 15:22 - 000000000 ____D C:\Users\Start\Desktop\BS
2021-09-14 14:36 - 2021-09-14 14:36 - 000069694 _____ C:\Users\Start\Downloads\Briefmarken.7Stk.14.09.2021_1436.pdf
2021-09-14 13:47 - 2021-09-14 13:47 - 002374383 _____ C:\Users\Start\Downloads\MSO2019PP_x64_de (3).zip
2021-09-14 13:47 - 2021-09-14 13:47 - 002374383 _____ C:\Users\Start\Downloads\MSO2019PP_x64_de (2).zip
2021-09-14 12:19 - 2021-09-14 12:19 - 000465943 _____ C:\Users\Start\Downloads\Rechnung-2021130763-2021-109591.pdf
2021-09-14 12:16 - 2021-09-14 12:16 - 000129928 _____ C:\Users\Start\Desktop\LicenseSheet.30756 (1).pdf
2021-09-14 11:49 - 2021-09-14 11:49 - 000059805 _____ C:\Users\Start\Downloads\Briefmarken.1Stk.14.09.2021_1149.pdf
2021-09-14 11:47 - 2021-09-14 11:47 - 000059895 _____ C:\Users\Start\Downloads\TestPrint.pdf
2021-09-13 23:41 - 2021-09-13 23:42 - 002374383 _____ C:\Users\Start\Downloads\MSO2019PP_x64_de (1).zip
2021-09-11 00:15 - 2021-09-11 00:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-09-10 23:50 - 2021-09-10 23:50 - 000130305 _____ C:\Users\Start\Downloads\Druckdatei mit 2 Dokumenten 10.09.2021 23-50.pdf
2021-09-10 18:52 - 2021-09-10 18:52 - 000143887 _____ C:\Users\Start\Downloads\delivermessagepart.pdf
2021-09-10 16:17 - 2021-09-11 11:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-09-08 23:00 - 2021-09-08 23:01 - 000135658 _____ C:\Users\Start\Desktop\DRUCKEN 08.09.pdf
2021-09-08 19:15 - 2021-09-08 19:15 - 000215384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-09-06 19:09 - 2021-09-06 19:12 - 000000000 ____D C:\Users\Start\Documents\Warcraft III
2021-09-06 19:05 - 2021-09-06 19:05 - 000000974 _____ C:\Users\Public\Desktop\Warcraft III.lnk
2021-09-06 19:05 - 2021-09-06 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2021-09-06 18:24 - 2021-09-18 23:59 - 000000000 ____D C:\Users\Start\AppData\Local\Battle.net
2021-09-06 18:24 - 2021-09-18 22:30 - 000000000 ____D C:\Program Files (x86)\Warcraft III
2021-09-06 18:24 - 2021-09-06 18:24 - 000000000 ____D C:\Users\Start\AppData\Roaming\Battle.net
2021-09-06 18:24 - 2021-09-06 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2021-09-06 18:24 - 2021-09-06 18:24 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2021-09-06 18:23 - 2021-09-10 00:26 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-09-06 18:23 - 2021-09-06 19:12 - 000000000 ____D C:\Users\Start\AppData\Local\Blizzard Entertainment
2021-09-06 18:22 - 2021-09-06 18:22 - 005103544 _____ (Blizzard Entertainment) C:\Users\Start\Downloads\Warcraft-III-Setup.exe
2021-09-06 18:22 - 2021-09-06 18:22 - 000000000 ____D C:\ProgramData\Battle.net
2021-09-01 14:16 - 2021-09-01 14:17 - 000236722 _____ C:\Users\Start\Desktop\retourenschein.pdf
2021-09-01 00:38 - 2021-09-01 00:38 - 000096231 _____ C:\Users\Start\Downloads\Druckdatei mit 2 Dokumenten 01.09.2021 00-37.pdf
2021-08-31 20:05 - 2021-08-31 20:05 - 000694033 _____ C:\Users\Start\Desktop\contacts (1).csv
2021-08-31 20:05 - 2021-08-31 20:05 - 000130150 _____ C:\Users\Start\Desktop\contacts.csv
2021-08-31 15:19 - 2021-08-31 15:19 - 000000379 _____ C:\Users\Start\Downloads\Retourenübersicht_2021-08-31.csv
2021-08-30 13:24 - 2021-08-30 13:24 - 000130305 _____ C:\Users\Start\Downloads\Druckdatei mit 2 Dokumenten 30.08.2021 13-23.pdf
2021-08-28 14:25 - 2021-08-28 14:25 - 001858664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-08-28 14:25 - 2021-08-28 14:25 - 001858664 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-08-28 14:25 - 2021-08-28 14:25 - 001474704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-08-28 14:25 - 2021-08-28 14:25 - 001438848 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-08-28 14:25 - 2021-08-28 14:25 - 001438848 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-08-28 14:25 - 2021-08-28 14:25 - 001212536 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-08-28 14:25 - 2021-08-28 14:25 - 001097856 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-08-28 14:25 - 2021-08-28 14:25 - 001097856 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-08-28 14:25 - 2021-08-28 14:25 - 000951936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-08-28 14:25 - 2021-08-28 14:25 - 000951936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-08-28 14:22 - 2021-08-28 14:22 - 001520760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-08-28 14:22 - 2021-08-28 14:22 - 001171064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-08-28 14:22 - 2021-08-28 14:22 - 000716920 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-08-28 14:22 - 2021-08-28 14:22 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-08-28 14:22 - 2021-08-28 14:22 - 000645240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-08-28 14:22 - 2021-08-28 14:22 - 000577168 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-08-28 14:22 - 2021-08-28 14:22 - 000564344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-08-28 14:21 - 2021-08-28 14:21 - 002112128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-08-28 14:21 - 2021-08-28 14:21 - 001595536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-08-28 14:21 - 2021-08-28 14:21 - 000919184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-08-28 14:21 - 2021-08-28 14:21 - 000750224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-08-28 14:21 - 2021-08-28 14:21 - 000706192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-08-28 14:20 - 2021-08-28 14:20 - 008854144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-08-28 14:20 - 2021-08-28 14:20 - 007920760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-08-28 14:20 - 2021-08-28 14:20 - 005681280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-08-28 14:20 - 2021-08-28 14:20 - 004987512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-08-28 14:20 - 2021-08-28 14:20 - 002925688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-08-28 14:20 - 2021-08-28 14:20 - 000447104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-08-28 14:19 - 2021-08-28 14:19 - 000849016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-08-28 14:18 - 2021-08-28 14:18 - 006216336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-08-27 22:54 - 2021-08-27 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2021-08-27 18:54 - 2021-08-27 18:54 - 000083133 _____ C:\WINDOWS\system32\nvinfo.pb
2021-08-27 13:17 - 2021-08-27 13:17 - 000130021 _____ C:\Users\Start\Downloads\Druckdatei mit 2 Dokumenten 27.08.2021 13-17.pdf
2021-08-26 12:50 - 2021-08-26 12:50 - 001043066 _____ C:\Users\Start\Documents\IMG_20210826_0001.pdf
2021-08-25 13:55 - 2021-08-25 13:55 - 000034269 _____ C:\Users\Start\Downloads\DHL-Paketmarke_8UWVS8GM4QE9_1_Simon_Hanke.pdf
2021-08-25 12:32 - 2021-08-25 12:32 - 000220182 _____ C:\Users\Start\Desktop\Schreiben an Mandant (1).pdf
2021-08-25 12:23 - 2021-08-25 12:34 - 000363312 _____ C:\Users\Start\Desktop\Schreiben an Mandant.pdf
2021-08-25 12:22 - 2021-08-25 12:22 - 000220182 _____ C:\Users\Start\Downloads\Schreiben an Mandant.pdf
2021-08-25 00:07 - 2021-08-25 00:07 - 000069588 _____ C:\Users\Start\Desktop\Rechnung-202120515-19973.pdf
2021-08-24 17:10 - 2021-08-24 17:14 - 002457481 _____ C:\Users\Start\Documents\Abmahnung.pdf
2021-08-24 13:37 - 2021-08-24 13:37 - 000000250 _____ C:\Users\Start\Downloads\Retourenempfängerlinks_2021-08-24.csv
2021-08-22 00:10 - 2021-08-22 00:10 - 000130317 _____ C:\Users\Start\Downloads\Druckdatei mit 2 Dokumenten 22.08.2021 00-10.pdf
2021-08-21 13:21 - 2021-08-21 13:28 - 000187677 _____ C:\Users\Start\Desktop\Download und Anleitung.pdf
2021-08-21 12:53 - 2021-08-21 13:44 - 000227065 _____ C:\Users\Start\Desktop\LSWA2133004225.30756.pdf
2021-08-21 12:53 - 2021-08-21 13:20 - 000129928 _____ C:\Users\Start\Desktop\LicenseSheet.30756.pdf

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-09-20 23:28 - 2020-10-28 17:40 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-20 23:10 - 2019-05-23 17:50 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-20 23:06 - 2019-08-14 13:50 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-09-20 23:04 - 2020-10-28 17:40 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2905781529-3402289820-1227717512-1000
2021-09-20 23:04 - 2020-10-28 17:34 - 000002399 _____ C:\Users\Start\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-20 23:03 - 2021-05-28 12:33 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-09-20 23:03 - 2020-10-28 17:40 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-20 23:03 - 2020-10-26 14:46 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-20 23:03 - 2020-04-11 23:47 - 000538480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-20 23:03 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-20 23:03 - 2019-10-07 17:15 - 000851712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-20 23:03 - 2019-10-07 17:15 - 000557152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-20 23:03 - 2019-10-07 17:15 - 000369176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-20 23:03 - 2019-10-07 17:15 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-20 23:03 - 2019-10-07 17:15 - 000250408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-20 23:03 - 2019-10-07 17:15 - 000221600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-20 23:03 - 2019-10-07 17:15 - 000107864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-20 23:03 - 2019-10-07 17:15 - 000099368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-20 23:03 - 2019-10-07 17:15 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-20 23:03 - 2019-10-07 17:15 - 000041368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-20 22:40 - 2020-10-28 17:42 - 001886944 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-20 22:40 - 2019-12-07 16:51 - 000785726 _____ C:\WINDOWS\system32\perfh007.dat
2021-09-20 22:40 - 2019-12-07 16:51 - 000167840 _____ C:\WINDOWS\system32\perfc007.dat
2021-09-20 22:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-20 22:36 - 2020-12-16 23:03 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-20 22:36 - 2016-09-15 20:15 - 000000000 ____D C:\Program Files\CCleaner
2021-09-20 22:34 - 2021-05-10 14:03 - 000000000 ____D C:\WINDOWS\Minidump
2021-09-20 22:34 - 2021-01-20 18:57 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-09-20 22:34 - 2020-10-28 17:40 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-09-20 22:34 - 2020-10-28 17:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-20 22:34 - 2020-10-28 17:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-20 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-20 22:33 - 2021-05-10 14:02 - 1535217187 _____ C:\WINDOWS\MEMORY.DMP
2021-09-20 22:33 - 2020-10-28 17:32 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-20 22:31 - 2019-10-13 15:27 - 000000000 ____D C:\ESD
2021-09-20 22:22 - 2020-10-19 18:04 - 000000000 ___DC C:\WINDOWS\Panther
2021-09-20 22:20 - 2020-10-28 17:34 - 000000000 ____D C:\Users\Start
2021-09-20 22:18 - 2019-08-14 13:50 - 000000000 ____D C:\Program Files (x86)\Canon
2021-09-20 22:09 - 2019-10-13 19:03 - 000000000 ____D C:\Users\Start\AppData\Local\ClassicShell
2021-09-20 22:06 - 2019-12-07 11:14 - 000000000 __RSD C:\WINDOWS\Media
2021-09-20 22:06 - 2019-08-14 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2021-09-20 22:06 - 2019-08-14 13:51 - 000000000 ____D C:\Program Files\Canon
2021-09-20 21:58 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-20 21:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-20 21:57 - 2019-10-13 18:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-09-20 21:52 - 2019-12-21 14:14 - 000000000 __SHD C:\Users\Start\wc
2021-09-20 20:30 - 2013-04-22 17:41 - 000000000 ____D C:\Users\TEMP
2021-09-20 20:07 - 2016-01-28 01:03 - 000000000 ____D C:\Users\Start\AppData\Local\CrashDumps
2021-09-20 19:55 - 2019-05-23 17:48 - 000000000 ____D C:\ProgramData\AVAST Software
2021-09-20 19:47 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-09-20 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-09-20 18:45 - 2016-12-20 18:32 - 000000000 ____D C:\Users\Start\AppData\LocalLow\Mozilla
2021-09-20 13:06 - 2021-03-31 18:05 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-09-19 22:51 - 2020-10-28 17:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-09-19 22:47 - 2019-05-23 17:50 - 000000000 ____D C:\Users\Start\AppData\Local\AVAST Software
2021-09-18 23:59 - 2021-08-19 12:42 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Start
2021-09-18 23:59 - 2021-03-31 18:06 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-09-18 23:59 - 2020-12-13 22:20 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-18 23:59 - 2020-12-13 22:20 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-18 23:59 - 2020-12-13 22:20 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-18 23:59 - 2020-12-13 22:20 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-18 23:59 - 2020-12-13 22:20 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-18 23:59 - 2020-12-13 22:20 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-18 23:59 - 2020-12-13 22:20 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-18 23:59 - 2020-12-13 22:20 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-18 23:59 - 2020-12-13 22:19 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-18 23:59 - 2020-12-13 22:19 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-18 23:59 - 2020-10-29 13:41 - 000003434 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ad405169e00f
2021-09-18 23:59 - 2020-10-28 17:40 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-09-18 23:59 - 2020-10-28 17:40 - 000003560 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-18 23:59 - 2020-10-28 17:40 - 000003336 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-18 23:59 - 2020-10-28 17:40 - 000003310 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1493978488
2021-09-18 23:59 - 2020-10-28 17:40 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-09-18 23:59 - 2020-10-28 17:40 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-09-18 21:22 - 2020-07-01 17:56 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-09-18 18:33 - 2020-06-17 12:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-18 18:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-18 00:24 - 2016-09-15 20:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-09-17 23:47 - 2019-10-13 20:50 - 000000000 ____D C:\Users\Start\AppData\Local\D3DSCache
2021-09-17 17:28 - 2021-05-25 20:18 - 000000000 ____D C:\Users\Start\Desktop\SiKiHa
2021-09-16 22:16 - 2019-10-25 13:26 - 000000000 ____D C:\Program Files\Microsoft Office
2021-09-16 19:42 - 2017-10-16 10:12 - 000007597 _____ C:\Users\Start\AppData\Local\Resmon.ResmonCfg
2021-09-16 17:24 - 2020-02-10 20:07 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-09-16 15:37 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-16 13:42 - 2017-05-05 12:01 - 000000000 ____D C:\Program Files\Opera
2021-09-16 13:04 - 2016-09-15 14:44 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-16 13:01 - 2020-12-16 23:03 - 000000000 ____D C:\Users\Start\AppData\Local\NVIDIA
2021-09-16 12:56 - 2020-12-16 23:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-09-16 12:54 - 2016-09-15 14:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-09-16 12:54 - 2016-09-15 13:58 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-09-16 12:53 - 2020-12-16 23:03 - 000000000 ____D C:\Users\Start\AppData\Local\NVIDIA Corporation
2021-09-16 12:47 - 2017-05-05 12:01 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2021-09-16 12:46 - 2012-04-02 18:37 - 000000000 ___RD C:\Users\Start\Desktop\Programme & Sicherheit
2021-09-16 12:11 - 2020-03-28 18:11 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-16 00:49 - 2019-12-14 05:47 - 000000000 ____D C:\Users\Start\AppData\Local\ElevatedDiagnostics
2021-09-16 00:48 - 2020-02-10 20:07 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2021-09-16 00:48 - 2018-11-09 05:01 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2021-09-16 00:44 - 2016-09-16 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-09-16 00:44 - 2016-09-16 11:23 - 000000000 ____D C:\Program Files (x86)\7-Zip
2021-09-16 00:04 - 2019-12-14 05:28 - 000000000 ____D C:\WINDOWS\system32\DAX3
2021-09-16 00:04 - 2019-12-14 05:28 - 000000000 _____ C:\WINDOWS\system32\fpfftResultsFile.txt
2021-09-16 00:04 - 2019-05-16 19:12 - 000000000 ____D C:\WINDOWS\system32\DAX2
2021-09-16 00:00 - 2020-12-16 23:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-09-15 23:52 - 2019-10-07 17:16 - 000000000 ____D C:\Users\Start\AppData\Roaming\AVAST Software
2021-09-15 23:51 - 2019-10-07 17:15 - 000000000 ____D C:\Program Files\AVAST Software
2021-09-15 23:41 - 2020-10-28 17:32 - 000456416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-15 23:40 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-09-15 23:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-15 23:40 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-15 23:24 - 2016-09-16 00:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-15 23:21 - 2021-08-02 20:11 - 000000000 ____D C:\Program Files\dotnet
2021-09-15 23:21 - 2016-09-16 00:59 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-15 23:21 - 2016-09-15 14:02 - 000000000 ____D C:\ProgramData\Package Cache
2021-09-15 20:47 - 2021-03-18 01:41 - 000000000 ____D C:\Program Files (x86)\Origin
2021-09-15 20:47 - 2016-09-15 23:17 - 000000000 ____D C:\ProgramData\Origin
2021-09-14 19:23 - 2020-03-17 13:34 - 000000000 ____D C:\Users\Start\Desktop\Produkte
2021-09-14 15:26 - 2020-07-28 15:02 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-09-11 11:13 - 2016-12-20 18:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-09-11 00:15 - 2020-05-17 20:15 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-09-09 11:23 - 2020-05-14 13:28 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2021-09-08 19:15 - 2020-10-26 14:46 - 000184120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw5430728f048d351f.tmp
2021-09-08 19:15 - 2020-04-11 23:47 - 000538464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswcbd78938e544e8d9.tmp
2021-09-08 19:15 - 2019-10-07 17:15 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswcf3c11d1355f07aa.tmp
2021-09-08 19:15 - 2019-10-07 17:15 - 000553496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw42bfc963e23488d0.tmp
2021-09-08 19:15 - 2019-10-07 17:15 - 000367632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc8d932b2dcfa87cc.tmp
2021-09-08 19:15 - 2019-10-07 17:15 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswa46681c36075475f.tmp
2021-09-08 19:15 - 2019-10-07 17:15 - 000250384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw6ce36a54cef0a102.tmp
2021-09-08 19:15 - 2019-10-07 17:15 - 000221584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw58ccb31f9d704c94.tmp
2021-09-08 19:15 - 2019-10-07 17:15 - 000107840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf78b623a03063234.tmp
2021-09-08 19:15 - 2019-10-07 17:15 - 000099344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw651cca8f954faa36.tmp
2021-09-08 19:15 - 2019-10-07 17:15 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswa71bc4706d77138b.tmp
2021-09-08 19:15 - 2019-10-07 17:15 - 000041344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw84483a7945394105.tmp
2021-09-07 17:13 - 2021-02-01 19:14 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-09-07 11:22 - 2012-04-22 23:21 - 000000000 ____D C:\Users\Start\Desktop\a- spiele
2021-09-06 01:14 - 2021-03-18 01:40 - 000000000 ____D C:\Users\Start\AppData\Roaming\Origin
2021-09-05 23:18 - 2021-03-18 01:41 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-09-05 23:18 - 2021-03-18 01:40 - 000000000 ____D C:\Users\Start\AppData\Local\Origin
2021-09-04 00:52 - 2017-03-22 21:13 - 000000000 ____D C:\Program Files (x86)\Steam
2021-09-04 00:20 - 2020-01-10 20:10 - 000000000 ____D C:\Users\Start\AppData\Roaming\Discord
2021-09-03 23:49 - 2020-01-10 20:10 - 000000000 ____D C:\Users\Start\AppData\Local\Discord
2021-09-03 15:10 - 2020-09-30 19:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-03 12:40 - 2020-05-14 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-08-31 02:02 - 2020-06-20 00:04 - 000079840 _____ (Razer Inc) C:\WINDOWS\system32\RazerS3Coinstaller.dll
2021-08-29 21:47 - 2012-08-30 13:09 - 000000000 ____D C:\Users\Start\AppData\Roaming\The Creative Assembly
2021-08-28 14:18 - 2020-12-16 23:01 - 007280848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-08-27 18:54 - 2020-12-16 23:03 - 001293680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2021-08-27 18:54 - 2020-12-16 23:03 - 000168304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2021-08-27 18:54 - 2020-12-16 23:03 - 000144240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2021-08-27 18:54 - 2020-12-16 23:03 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-08-27 18:54 - 2020-12-16 23:02 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-08-27 18:54 - 2020-12-13 22:20 - 002838384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-08-27 18:54 - 2020-12-13 22:20 - 002186608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-08-27 18:54 - 2020-12-13 22:20 - 000078192 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-08-27 18:54 - 2020-12-13 22:20 - 000067952 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-08-24 22:46 - 2019-10-29 23:56 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-24 21:19 - 2020-04-16 15:55 - 000000000 ____D C:\Users\Start\Documents\Mount and Blade II Bannerlord
2021-08-24 18:15 - 2020-10-28 17:39 - 000004508 _____ C:\WINDOWS\diagwrn.xml
2021-08-24 18:15 - 2020-10-28 17:39 - 000003813 _____ C:\WINDOWS\diagerr.xml
2021-08-22 18:39 - 2019-10-17 16:46 - 000000000 ____D C:\Users\Start\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR
2021-08-22 18:31 - 2019-10-13 18:59 - 000000000 ____D C:\Users\Start\AppData\Local\Packages
2021-08-21 16:02 - 2021-08-14 18:15 - 000000000 ____D C:\Users\Start\Desktop\Bluesoft
2021-08-21 16:02 - 2020-12-10 21:33 - 000000000 ____D C:\Users\Start\Desktop\Lizensoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2012-03-31 17:43 - 2016-09-15 11:30 - 009175040 ___SH () C:\Users\Start\ntuser (1).dat
2009-04-03 13:09 - 2009-04-03 13:09 - 000142152 _____ (Microsoft Corporation) C:\Users\Start\oarpman.exe
2012-08-22 12:14 - 2012-08-22 12:14 - 000000091 _____ () C:\Users\Start\AppData\Roaming\mbam.context.scan
2020-01-12 22:54 - 2020-01-12 23:04 - 000000916 _____ () C:\Users\Start\AppData\Local\belegtransfer_setup.log
2012-04-04 14:37 - 2012-04-04 14:37 - 000017446 _____ () C:\Users\Start\AppData\Local\dt.dat
2021-03-31 18:02 - 2021-03-31 18:02 - 000000410 _____ () C:\Users\Start\AppData\Local\oobelibMkey.log
2014-03-31 17:04 - 2014-03-31 17:04 - 000001988 _____ () C:\Users\Start\AppData\Local\recently-used.xbel
2017-10-16 10:12 - 2021-09-16 19:42 - 000007597 _____ () C:\Users\Start\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         
__________________

Alt 20.09.2021, 22:56   #4
samy911
 
Verdacht auf: Win32:Vitro? - Standard

Verdacht auf: Win32:Vitro?



Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2021
durchgeführt von Start (20-09-2021 23:33:19)
Gestartet von C:\Users\Start\Downloads
Windows 10 Pro Version 21H1 19043.1237 (X64) (2020-10-28 15:40:10)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2905781529-3402289820-1227717512-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2905781529-3402289820-1227717512-503 - Limited - Disabled)
Gast (S-1-5-21-2905781529-3402289820-1227717512-501 - Limited - Disabled)
Start (S-1-5-21-2905781529-3402289820-1227717512-1000 - Administrator - Enabled) => C:\Users\Start
WDAGUtilityAccount (S-1-5-21-2905781529-3402289820-1227717512-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4K YouTube to MP3 3.10 (HKLM\...\{C6C89131-2764-42F3-9821-A40B39831DB5}) (Version: 3.10.1.3255 - Open Media LLC)
7-Zip 16.02 (HKLM-x32\...\7-Zip) (Version: 16.02 - Igor Pavlov)
7-Zip 19.00 (HKLM-x32\...\{23170F69-40C1-2701-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Acronis Drivers (HKLM\...\{2D29ABFE-DEF8-4B57-A9E2-ACE305C6FA11}) (Version: 25.6.34340 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{B0FA840D-C781-44E3-B41B-C51618BDD892}) (Version: 25.6.34340 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{B0FA840D-C781-44E3-B41B-C51618BDD892}Visible) (Version: 25.6.34340 - Acronis)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_1_1) (Version: 22.1.1.138 - Adobe Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.28 - Advanced Micro Devices, Inc.)
Any Video Converter 7.0.1 (HKLM-x32\...\Any Video Converter) (Version: 7.0.1 - Anvsoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version:  - Ubisoft)
Avant Browser (remove only) (HKLM-x32\...\AvantBrowser) (Version: 12.5.0.0 - Avant Force)
Avast AntiTrack Premium (HKLM-x32\...\AvastAntiTrackPremium) (Version: 3.0.461.530 - Avast Software)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.3.10678.4990 - Avast Software)
Avast Driver Updater (HKLM\...\Avast Driver Updater) (Version: 21.3.1842.6194 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.8.2487 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 93.0.11965.83 - Die Avast Secure Browser-Autoren)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.13.5699.2906 - Avast Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS3100_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
ContentMod3.0 (HKLM-x32\...\ContentMod_3.0) (Version:  - )
CPUID CPU-Z 1.96 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.96 - CPUID, Inc.)
D3D11 Renderer Clockwork Edition Gothic (HKLM-x32\...\D3D11 Renderer Clockwork Edition Gothic) (Version: 17.6.7 - Clockwork Origins)
D3D11 Renderer Clockwork Edition Gothic II (HKLM-x32\...\D3D11 Renderer Clockwork Edition Gothic II) (Version: 17.7.13 - Clockwork Origins)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Direct3D11 Renderer for Gothic (HKLM-x32\...\Direct3D11 Renderer for Gothic) (Version: X17.4 - Andre Taulien)
Direct3D11 Renderer für Gothic 2 DNDR (HKLM-x32\...\Direct3D11 Renderer für Gothic 2 DNDR) (Version: X15 - Andre Taulien)
Discord (HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
Druckerregistrierung (HKLM-x32\...\Canon EISRegistration) (Version: 1.8.0 - Canon Inc.)
Epic Games Launcher (HKLM-x32\...\{2A27CA16-E158-4B0A-A502-3E6364B1F03E}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout New California (HKLM-x32\...\FONC) (Version:  - )
FIFA 21 (HKLM-x32\...\{A918ACE7-A83B-41F4-8746-AEF8DC821879}) (Version: 1.0.71.64347 - Electronic Arts)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Freddy's Texture Patch BETA (HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\Gothic Texture Patch - Freddy) (Version: 0.52 - Fred Metger)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.3.18.623 - Digital Wave Ltd)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.58.912 - Digital Wave Ltd)
Free YouTube Uploader (HKLM-x32\...\Free YouTube Uploader_is1) (Version: 4.0.66.1027 - Digital Wave Ltd)
G I - Die Welt der Verurteilten (mit neuen Texturen) (HKLM-x32\...\G I - Die Welt der Verurteilten (mit neuen Texturen)) (Version: 1.03 - Issues (Deadgame Inc.))
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.82 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 51.0.9.0 - Google LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{13C3829F-9D26-4CAD-B631-4B28FF24E993}) (Version: 12.11.3.17 - Apple Inc.)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2-1) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ledger Live 2.21.3 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.21.3 - Ledger Live Team)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Macromedia Flash Player 8 Plugin (HKLM-x32\...\{91057632-CA70-413C-B628-2D3CDBBB906B}) (Version: 8.0.22.0 - Macromedia)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.13 - Magical Jelly Bean)
Malwarebytes version 4.4.6.132 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.6.132 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.14326.20404 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\OneDriveSetup.exe) (Version: 21.170.0822.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\f9a89bd2a46a7606) (Version: 16.0.3306.3 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.10 (x64) (HKLM-x32\...\{422d8da1-2e1a-4704-b462-db5439c6d1b9}) (Version: 5.0.10.30418 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 92.0 (x64 de)) (Version: 92.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 76.0.1 - Mozilla)
Ninja (HKLM-x32\...\Ninja) (Version: 2.4.09 - )
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 471.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.96 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
OpenIV (HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\OpenIV) (Version: 3.1.1032 - .black/OpenIV Team)
OpenVR Advanced Settings (HKLM-x32\...\OpenVRAdvancedSettings) (Version:  - )
Opera Stable 78.0.4093.231 (HKLM-x32\...\Opera 78.0.4093.231) (Version: 78.0.4093.231 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.104.48966 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{BA8E5744-1CA9-41D1-98D4-09029A919D3B}) (Version: 2.0.2.0 - Paradox Interactive)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.0831.082317 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
Rename Expert 5.19.0 (HKLM-x32\...\{C4401B9F-F462-44F3-B96E-390AF4DC0EE6}_is1) (Version: 5.19.0 - Gillmeister Software)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.33.319 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
South Park The Fractured But Whole MULTi9 - ElAmigos Version 1.0 (HKLM-x32\...\{20B35921-1CC1-41AF-BEDC-92F6006DB5A4}_is1) (Version: 1.0 - Ubisoft)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.8.68.0 - Safer-Networking Ltd.)
STAR WARS Jedi - Fallen Order™ (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.9.0 - Electronic Arts, Inc.)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version:  - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 99.0 - Ubisoft)
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.3.13 - Black Tree Gaming Ltd.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
WeMod (HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\WeMod) (Version: 6.3.12 - WeMod)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Packages:
=========
AltspaceVR -> C:\Program Files\WindowsApps\Microsoft.AltspaceVR_4.2.45.2_x64__8wekyb3d8bbwe [2021-09-11] (Microsoft Corporation)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
HMD Odyssey Home -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungHMDOdysseyHome_3.0.12.0_x64__3c1yjt4zspk6g [2019-12-07] (Samsung Electronics Co. Ltd.)
Into the Rhythm VR for Samsung HMD Odyssey -> C:\Program Files\WindowsApps\Barunson.IntotheRhythmVRforSamsungHMDOdyssey_1.3.7.0_x64__42be32z7e6c2p [2019-10-19] (Barunson)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-11] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-09-16] (NVIDIA Corp.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-10-14] (Adobe Systems Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.254.0_x64__dt26b99r8h8gj [2021-09-17] (Realtek Semiconductor Corp)
Samsung HMD Odyssey+ Setup -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.Samsung800ZBADCA_1.10.0.0_x64__3c1yjt4zspk6g [2019-10-17] (Samsung Electronics Co. Ltd.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_34340.dll [2020-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_34340.dll [2020-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_34340.dll [2020-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_34340.dll [2020-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\51.0.9.0\drivefsext.dll [2021-08-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\51.0.9.0\drivefsext.dll [2021-08-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\51.0.9.0\drivefsext.dll [2021-08-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\51.0.9.0\drivefsext.dll [2021-08-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-25] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-25] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-25] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-08] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-08] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-08] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-25] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AVG Shell Extension] -> [CC]{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} =>  -> Keine Datei
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.9.0\drivefsext.dll [2021-08-26] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => F:\Neuer Ordner (2)\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2: [AlcoholShellEx] -> [CC]{32020A01-506E-484D-A2A8-BE3CF17601C3} =>  -> Keine Datei
ContextMenuHandlers2: [AlcoholShellEx64] -> [CC]{AF67B665-D752-424E-9A03-C7C218F2844F} =>  -> Keine Datei
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => F:\Neuer Ordner (2)\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.9.0\drivefsext.dll [2021-08-26] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.9.0\drivefsext.dll [2021-08-26] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b8346c359fcd6093\nvshext.dll [2021-08-28] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-25] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Start\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2015-09-24 17:41 - 2015-09-24 17:41 - 000336384 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\Acrobat Elements\ContextMenu64.deu
2021-05-04 05:55 - 2021-05-04 05:55 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2021-05-04 05:55 - 2021-05-04 05:55 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2021-05-04 05:55 - 2021-05-04 05:55 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2021-05-04 05:55 - 2021-05-04 05:55 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2021-05-04 05:55 - 2021-05-04 05:55 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2021-05-04 05:55 - 2021-05-04 05:55 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2021-09-20 22:06 - 2016-12-09 11:09 - 000008704 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_DEU.DLL
2021-09-20 22:06 - 2016-12-09 11:09 - 000104960 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\WINDOWS\System32\StartMenuHelper64.dll
2003-04-02 18:22 - 2003-04-02 18:22 - 000024576 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1031\mdmui.dll
2020-11-16 14:58 - 2020-11-16 14:58 - 000000000 ____L (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner) C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-11-16 14:58 - 2020-11-16 14:58 - 000000000 ____L (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner) C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-09-16 00:48 - 2021-09-16 00:48 - 000180224 _____ (Software Security System) [Datei ist nicht signiert] C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\Ekc3220.dll
2020-11-23 14:02 - 2020-11-23 14:02 - 025338368 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
2020-11-23 14:02 - 2020-11-23 14:02 - 002056704 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
2020-11-23 14:02 - 2020-11-23 14:02 - 001425408 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll
2021-03-18 01:41 - 2021-03-18 01:40 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-03-18 01:41 - 2021-03-18 01:41 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2021-03-18 01:41 - 2021-03-18 01:40 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-09-15 20:47 - 2021-03-18 01:41 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-09-15 20:47 - 2021-03-18 01:41 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-09-15 20:47 - 2021-03-18 01:41 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-09-15 20:47 - 2021-03-18 01:41 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-09-15 20:47 - 2021-03-18 01:41 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-09-15 20:47 - 2021-03-18 01:41 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Start\Anwendungsdaten:b2471a6db8deb9681d22d6d26ae65e4b [394]
AlternateDataStreams: C:\Users\Start\AppData\Roaming:b2471a6db8deb9681d22d6d26ae65e4b [394]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com/?fr=avantsearch6
SearchScopes: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000 -> {9D774018-9118-4DCA-8E67-81E6C0A27368} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000 -> {A10D45FF-5C4B-4B9F-8A71-24C191257C4D} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000 -> {A9DEB5BE-FD0C-4717-9BF4-7E65C0C1A4AC} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
SearchScopes: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000 -> {B5FA26E9-2FB0-4391-9F46-AA10AFC6071B} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000 -> {FCAAA64C-46D3-4F49-9C7D-1C956CEE629D} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7942 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7947 mehr Seiten.


==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2021-09-20 20:30 - 000454806 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1	activation.acronis.com web-api-tih.acronis.com
127.0.0.1	systweak.com
127.0.0.1	updateservice1.systweak.com
127.0.0.1	www.systweak.com
127.0.0.1	systemspeedup.systweak.com
127.0.0.1	systweak.com/STCheckGenuineness
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com

Da befinden sich 15609 zusätzliche Einträge.


==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Windows Live\Shared;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files\dotnet\
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Start\Downloads\pexels-philippe-donn-1114690.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
 ist aktiviert.

Network Binding:
=============
SecureLine: Avast Firewall NDIS6 Helper -> aswNetNd6 (enabled) 
Ethernet: Avast Firewall NDIS6 Helper -> aswNetNd6 (enabled) 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: iTunesHelper => "D:\itunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: sysdca => "C:\Program Files (x86)\FarStone\DriveClone\Dca\dca.exe"
MSCONFIG\startupreg: vidnotifier.exe => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe
MSCONFIG\startupreg: VirtualCloneDrive => "D:\Neuer Ordner (2)\VCDDaemon.exe" /s
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\StartupApproved\Run: => "vidnotifier.exe"
HKU\S-1-5-21-2905781529-3402289820-1227717512-1000\...\StartupApproved\Run: => "GoogleDriveFS"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{84B94BFB-5520-42FD-BB58-F9D2CC1873C8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F66C6AB1-5D88-497C-B228-F47E5AE57C1A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{63AABEB0-DCD7-4173-A4D8-13324897648B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6DE74377-B328-444A-B0E0-EBFBA0B1A590}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{413504FA-6E7F-4BFE-92C6-DC0E3DDE162F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => Keine Datei
FirewallRules: [{0D3EBC15-5A9B-485F-B7B0-9A7F1E0AB579}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => Keine Datei
FirewallRules: [{DAAB9C13-7B86-478C-9663-37359C7A4578}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => Keine Datei
FirewallRules: [{0794A44A-2E19-4304-81EE-9D2F3B301FAD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => Keine Datei
FirewallRules: [{55907491-CA4E-4819-9190-75517251CA01}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BE12F801-A375-4982-9C23-0FE957228CDF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{71EB3DEE-586C-4BC9-B3C8-5D279E0AE976}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{17556ED8-1A2C-46CF-BF35-CA5F4DC756EB}] => (Allow) LPort=2869
FirewallRules: [{25B1136A-D01B-4178-8693-A844DB2D034E}] => (Allow) LPort=1900
FirewallRules: [{FEB096B3-D7A6-4299-9DAF-8056E9BF90D7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7A5C1971-0AEF-49BE-AAD2-E6729C593853}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B5E30997-95AC-4D95-AAE5-C12741CF4571}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D26A15DD-4F94-4BD4-B908-B319D4DFA821}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B4170559-A8DB-4D82-AF04-41EFD81A1264}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
rewallRules: [{D2D4262A-9101-436E-9584-E3AC2B259636}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{056CCEFE-7E28-4CBC-A471-475C88AD7021}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69C19ACB-7A19-4DEA-9AAC-0E4D2B5AA6B0}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{8B6A80E6-EAE4-43EC-829F-5EED4D19A7E9}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{2AADA74B-64CD-4C2E-B845-53C6CCD283DD}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{686DA811-5C39-445D-9412-4E8FFD7EA4C1}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{164D7443-45DD-4859-B339-3D08365D833C}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{DB697B47-BC37-47FC-B4B6-D7415C36BCA0}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{AC8A39BF-00FE-4C76-B609-E7523C22D00A}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{F498AFD8-32E4-4F67-B325-6AE5AE2E4739}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{EB8E6F1F-EECF-400B-9C4A-14540DBC8F54}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{B879B29C-AC56-4C5C-AAAB-08F781EC1248}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{C4CD7E78-C829-41E1-B453-B9EF9E302ACC}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{CC4DA582-C3B5-4575-8457-39738234D45F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{AA71AC27-24DC-4EEF-8853-A049AE25AAED}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{B1779100-C554-4949-BDE8-18B2A6961425}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{9A73517E-92FF-47EF-84AB-2C426FEA0C39}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{1D32F6B2-EA5E-4B02-B7FB-FD9FF4D1AF89}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{D8DD0DB5-94CC-4BF5-A040-B7B1E8FB32D6}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
FirewallRules: [{0861D366-FC09-4C59-B794-08E50DE1A216}] => (Allow) C:\Program Files (x86)\Acronis\Agent\aakore.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{26FFCB65-AB43-45D6-B9FE-8D70BC5F6CB1}] => (Allow) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{7EAD4ECE-238A-4F30-B93F-A486F853EB6D}] => (Allow) F:\itunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ED1755B7-4D6D-44D1-B687-464B6D7C31AC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1600B8B9-231D-4450-BF21-B3D6AABC39EF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5BF3E7C7-53DA-4531-944C-4FC0F93B92B5}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Legendary Edition\Game\Launcher\MassEffectLauncher.exe (BioWare) [Datei ist nicht signiert]
FirewallRules: [{A911558E-78C1-4E3C-AD7B-564149E7B33C}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Legendary Edition\Game\Launcher\MassEffectLauncher.exe (BioWare) [Datei ist nicht signiert]
FirewallRules: [{A7796F83-3D76-4923-B18F-DDD570CD941F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{04FF4F6C-B75D-4DA5-B7D2-250405050DA4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{492AD481-55A1-4B8D-8C81-31374418A496}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB3EC986-3865-4940-8277-331D6F56216B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{802DE985-7514-4532-83E7-89E67E1A1BF7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.AltspaceVR_4.2.45.2_x64__8wekyb3d8bbwe\AltspaceVR.exe (Zugriff verweigert)  [Datei ist nicht signiert]
FirewallRules: [{4F550EC9-0A10-4851-86C1-A994EBC45E2D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.AltspaceVR_4.2.45.2_x64__8wekyb3d8bbwe\AltspaceVR.exe (Zugriff verweigert)  [Datei ist nicht signiert]
FirewallRules: [{D0E61AB1-421A-4CBD-82E4-2E738291E95D}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9F86DA92-FB18-4822-8396-FB77FFD7EB5B}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{EA255EB5-7CF3-4462-A0AC-98C847EA6236}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D6B6A332-F7CB-4D2A-894B-503A9A2FE314}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2F14C16A-0784-4CDD-95DF-0430AFA12DD5}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F811EF85-4634-40CE-9D1C-124957C2B844}] => (Allow) C:\Program Files\Opera\78.0.4093.231\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{2D15D2C0-4827-41CA-BDF6-C0BE32ECE6A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F541AD49-455A-4FD7-ACE3-7D4214196763}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{041B8D45-61DE-4DF3-9FA7-E77761132B44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E316DFC3-4CBB-4116-BDE3-4759AEF0B003}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C6E2F76-5BCF-4B3F-A575-AA11BEAAB4C9}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FA44C9BD-6BF5-4E3C-9EDA-284579689CCD}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{67E59C01-EB79-4D81-B926-08D82B8E9570}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6C6587CE-A903-4DF0-8C89-FF2BC857FA8B}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B332199C-F84C-4E08-99F5-2F0D775EDAB6}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{712D2B19-88EE-4E17-9338-B9B819DBC242}] => (Allow) C:\Users\Start\AppData\Local\Temp\win-ts3100-1_1-n_mcd\win\MSetup64.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{8EB5E225-FDAB-4C3B-9469-B2BB8305E76D}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5C49148C-12C4-4614-9F4A-93B2AE495413}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

==================== Wiederherstellungspunkte =========================

17-09-2021 23:48:15 Avast Driver Updater - Update 1.46.831.832
17-09-2021 23:52:06 Avast Driver Updater - Update 4.13.0.0
18-09-2021 12:12:30 Avast Driver Updater - Update 2.2.0.130
18-09-2021 12:15:26 Avast Driver Updater - Update 6.10.2.10
20-09-2021 22:00:42 Avast Driver Updater - Update 6.10.2.10

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (09/20/2021 10:34:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AntiTrackSvc.exe, Version: 1.0.0.42, Zeitstempel: 0x614053f2
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.19041.789, Zeitstempel: 0x82dc99a2
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0009eddb
ID des fehlerhaften Prozesses: 0x2744
Startzeit der fehlerhaften Anwendung: 0x01d7ae5ee0681687
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: 0468cb25-3f4d-4ba9-9689-e08dcf557da4
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/20/2021 10:34:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ed78
ID des fehlerhaften Prozesses: 0x12b0
Startzeit der fehlerhaften Anwendung: 0x01d7ae5ed9f75d7c
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
Berichtskennung: 2974f61d-20d7-4eae-b03d-7aac2fb7ef2f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/20/2021 10:34:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AntiTrackSvc.exe, Version: 1.0.0.42, Zeitstempel: 0x614053f2
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.19041.789, Zeitstempel: 0x82dc99a2
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0009eddb
ID des fehlerhaften Prozesses: 0x15a8
Startzeit der fehlerhaften Anwendung: 0x01d7ae5ed9ffcd91
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: 104d20b8-2be8-4515-9bad-ae4ab3d9a928
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/20/2021 10:20:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AntiTrackSvc.exe, Version: 1.0.0.42, Zeitstempel: 0x614053f2
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.19041.789, Zeitstempel: 0x82dc99a2
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0009eddb
ID des fehlerhaften Prozesses: 0x3120
Startzeit der fehlerhaften Anwendung: 0x01d7ae5cfe83f7a3
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: 8c1d3e70-950e-4cf8-b830-de1da3ec92dc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/20/2021 10:20:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AntiTrackSvc.exe, Version: 1.0.0.42, Zeitstempel: 0x614053f2
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.19041.789, Zeitstempel: 0x82dc99a2
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0009eddb
ID des fehlerhaften Prozesses: 0x2880
Startzeit der fehlerhaften Anwendung: 0x01d7ae5cf852561c
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: 4c90775a-4e59-471f-8a1f-84e5e6d0f064
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/20/2021 10:20:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AntiTrackSvc.exe, Version: 1.0.0.42, Zeitstempel: 0x614053f2
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.19041.789, Zeitstempel: 0x82dc99a2
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0009eddb
ID des fehlerhaften Prozesses: 0x2de8
Startzeit der fehlerhaften Anwendung: 0x01d7ae5cf2f022b1
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: 9a399783-3c3b-4277-85e9-b4e3405ca152
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/20/2021 10:20:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atkexComSvc.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: atkexComSvc.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ed78
ID des fehlerhaften Prozesses: 0x1328
Startzeit der fehlerhaften Anwendung: 0x01d7ae5ceca30a22
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
Berichtskennung: aa448cdf-4535-4873-b00a-a004f6bcecb1
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/20/2021 10:20:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AntiTrackSvc.exe, Version: 1.0.0.42, Zeitstempel: 0x614053f2
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.19041.789, Zeitstempel: 0x82dc99a2
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0009eddb
ID des fehlerhaften Prozesses: 0x1598
Startzeit der fehlerhaften Anwendung: 0x01d7ae5ceca813d6
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: cdbe5cf9-9931-4269-ab0a-49f75b1c512d
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (09/20/2021 10:34:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avast AntiTrack Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/20/2021 10:34:15 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Der Computer wurde nach einem schwerwiegenden Fehler neu gestartet. Der Fehlercode war: 0x0000001e (0xffffffffc0000005, 0xfffff80545496c04, 0x0000000000000001, 0xffffe209a94e1730). Ein volles Abbild wurde gespeichert in: C:\WINDOWS\MEMORY.DMP. Berichts-ID: 05e434c2-b389-4f3e-9bd0-f8217e3fb478.

Error: (09/20/2021 10:34:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avast AntiTrack Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/20/2021 10:34:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "asComSvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/20/2021 10:34:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst asComSvc erreicht.

Error: (09/20/2021 10:33:53 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: not terminated, too long or invalid number of separators

Error: (09/20/2021 10:33:49 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (09/20/2021 10:34:00 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎20.‎09.‎2021 um 22:31:13 unerwartet heruntergefahren.


Windows Defender:
================
Date: 2021-09-20 22:34:18
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.303.25.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.16400.2
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 

Date: 2021-09-20 22:34:18
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.303.25.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.16400.2
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 

Date: 2021-09-20 22:34:18
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.303.25.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.16400.2
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 

Date: 2021-09-20 22:34:18
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.303.25.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.16400.2
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 

Date: 2021-09-20 22:34:18
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 
%Vorherige Version der Sicherheitsinformationen: 1.303.25.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion: 
%Vorherige Modulversion: 1.1.16400.2
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 

CodeIntegrity:
===============
Date: 2021-09-20 23:03:53
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-09-20 22:54:05
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\x86\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. M.51 11/07/2019
Hauptplatine: Micro-Star International Co., Ltd B450-A PRO MAX (MS-7B86)
Prozessor: AMD Ryzen 7 3700X 8-Core Processor 
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 32717.13 MB
Verfügbarer physikalischer RAM: 23065.11 MB
Summe virtueller Speicher: 65485.13 MB
Verfügbarer virtueller Speicher: 53116.92 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.87 GB) (Free:286.16 GB) NTFS
Drive d: (Schnauze ich seh nix) (Fixed) (Total:1863.01 GB) (Free:1347.65 GB) NTFS
Drive e: (Alter Kartoffelsack) (Fixed) (Total:4657.3 GB) (Free:2813.42 GB) NTFS
Drive f: (Kalte Dosenravioli) (Fixed) (Total:1855.02 GB) (Free:450.31 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

\\?\Volume{09813412-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{09813412-0000-0000-0000-e0bde8000000}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS
\\?\Volume{4726fac6-0f26-11e7-8fdc-806e6f6e6963}\ (_OEMBP) (Fixed) (Total:8 GB) (Free:6.33 GB) NTFS
\\?\Volume{37dc78ce-d322-47e4-93d1-4e72e93df432}\ () (Fixed) (Total:0.1 GB) (Free:0.1 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 09813412)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=559 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 4657.5 GB) (Disk ID: 87E7A44E)

Partition: GPT.

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: D3E2F634)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: C48233EA)
Partition 1: (Not Active) - (Size=8 GB) - (Type=27)
Partition 2: (Active) - (Size=1855 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt =======================
         

Alt 20.09.2021, 23:05   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht auf: Win32:Vitro? - Standard

Verdacht auf: Win32:Vitro?



Code:
ATTFilter
127.0.0.1	activation.acronis.com web-api-tih.acronis.com
         

Cracks, Keygens und andere illegale Software

Bitte lesen => Cracks, Keygens und andere illegale Software

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.09.2021, 19:23   #6
M-K-D-B
/// TB-Ausbilder
 
Verdacht auf: Win32:Vitro? - Standard

Verdacht auf: Win32:Vitro?



Fehlende Rückmeldung
Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten.
Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen!

Thema geschlossen

Themen zu Verdacht auf: Win32:Vitro?
adobe, antivirus, avast, bho, bluescreen, bonjour, canon, defender, excel, explorer, flash player, hijack, hijackthis, hijackthis logfile, infizierte, internet, internet explorer, logfile, mozilla, realtek, security, software, system, treiber? oder virus?, usb, virus, win32:vitro, windows




Ähnliche Themen: Verdacht auf: Win32:Vitro?


  1. Verdacht dass ich mir ein Probleme mit nicht entfernbaren Bedrohungen / Verdacht auf Viren oder Malware
    Plagegeister aller Art und deren Bekämpfung - 30.03.2021 (7)
  2. TROJANER auf USB-Stick...host.exe/copy.exe Win32:Hupigon-LCG, Win32:Agent-ILR, Win32:Small-ABY
    Plagegeister aller Art und deren Bekämpfung - 20.02.2017 (37)
  3. Win32:Malware-gen, Win32:Adware-gen, Win32:rookit-gen können nicht gelöscht werden
    Log-Analyse und Auswertung - 17.11.2015 (16)
  4. PC langsam, hängt sich beim Surfen auf, Bluescreen, Advanced System Protector, Win32:Dropper-gen, Win32:Malware-gen, Win32:Rootkit-gen u.a.
    Log-Analyse und Auswertung - 07.02.2015 (12)
  5. Win32:Malware-gen und Trojan.Win32.WinloadSDA.dewcdw und PUA.Win32.Packer.Upx-28 - falsch positive Meldungen?
    Plagegeister aller Art und deren Bekämpfung - 20.09.2014 (1)
  6. Win32/Provis!rts, Win32/Ragterneb.A, Win32/Meredrop, Win32/VB.RC, TrojanDropper:Win32/Bamital.C
    Plagegeister aller Art und deren Bekämpfung - 30.08.2010 (7)
  7. Win32 Vitro Befall oder Fehlalarm?
    Plagegeister aller Art und deren Bekämpfung - 25.04.2010 (1)
  8. Verdacht auf Trojaner gamethief.win32.OnLinegames.asgc
    Plagegeister aller Art und deren Bekämpfung - 08.01.2010 (1)
  9. Win32:Vitro - Daten richtig sichern und PC platt machen
    Alles rund um Windows - 16.10.2009 (3)
  10. Virus! -> Win32: Vitro "unbesiegbar??"
    Plagegeister aller Art und deren Bekämpfung - 21.09.2009 (15)
  11. Virus:Win32.Vitro
    Plagegeister aller Art und deren Bekämpfung - 14.05.2009 (6)
  12. Win32 Vitro hilfe
    Plagegeister aller Art und deren Bekämpfung - 10.03.2009 (11)
  13. Trojaner: Win32.KeyLogger, Win32.GreenScreen,Win32.Agent, Win32Tiny, HTML.Bankfraud
    Log-Analyse und Auswertung - 29.09.2008 (1)
  14. Verdacht auf win32/cheqtal!generic
    Plagegeister aller Art und deren Bekämpfung - 02.08.2008 (0)
  15. Verdacht auf Win32/AdClicker.HF
    Plagegeister aller Art und deren Bekämpfung - 21.07.2008 (11)
  16. Trojaner-Verdacht: Win32:Agent-PBF + Win32:Zlob-AJG
    Log-Analyse und Auswertung - 05.01.2008 (1)
  17. hjt logfile auswerten, bitte helft mir... ntos.exe! verdacht auf win32.agent.pz
    Log-Analyse und Auswertung - 26.09.2007 (8)

Zum Thema Verdacht auf: Win32:Vitro? - Moin zusammen. Kurze Vorgeschichte: Vor kurzem habe ich eine größere Lieferung an USB Sticks aus Fernost erhalten. ca 20-30 sticks lang keine Probleme. Dann plötzlich beim reinstecken klingelt der Avast: - Verdacht auf: Win32:Vitro?...
Archiv
Du betrachtest: Verdacht auf: Win32:Vitro? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.