| |
| |||||||
Log-Analyse und Auswertung: Win 10: Adware.Mindspark installiert sich immer wieder neuWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
08.12.2021, 14:06
| #1 |
 |  Win 10: Adware.Mindspark installiert sich immer wieder neu Hallo Forum, ich habe seit einigen Tagen das Problem, dass mir dieses Adware.Mindspark das Leben schwer macht. Ich habe hier im Forum einen Beitrag zu dem Thema Win32 Mindspark gefunden, aber leider war die Anleitung zum entfernen nicht erfolgreich. Das Problem taucht im Chrome Browser auf. Mittlerweile installiert sich Malwarebytes Browser Guard 2.3.13, Adobe Acrobat 15.1.3.5 und Antivirus Browser Guard selbstständig in die Browsererweiterung! Des Weiteren ist die Geschwindigkeit sehr stark eingeschränkt. Die Logfiles aus FRST und adwcleaner füge ich an. Ich hoffe, ihr könnt mir helfen. Beste Grüße John Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2021
durchgeführt von **** (Administrator) auf CINEGRAFFIX (08-12-2021 12:45:14)
Gestartet von C:\Users\****\Desktop
Geladene Profile: **** & ****
Plattform: Microsoft Windows 10 Pro Version 20H2 19042.1348 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\adp-agent.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5292bbfbf575e2d2\Display.NvContainer\NVDisplay.Container.exe <2>
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [2838384 2021-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339000 2021-10-26] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [167496 2021-10-27] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech, Inc. -> Logitech Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5267168 2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [670856 2019-10-31] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [896136 2019-10-31] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5678624 2020-12-19] (Acronis International GmbH -> )
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [447520 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2021-11-28] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\Run: [EPLTarget\P0000000000000003] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATISTE.EXE [416408 2017-05-30] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\Run: [com.squirrel.splice.Splice] => C:\Users\****\AppData\Local\splice\app-4.0.15476\Splice.exe [113645568 2021-11-16] (Splice) [Datei ist nicht signiert]
HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\...\MountPoints2: {7041f22f-9933-11e2-a65a-806e6f6e6963} - "Q:\START.exe"
HKU\S-1-5-21-3458773745-2075050605-1070322646-1020\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATISTE.EXE [416408 2017-05-30] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2009-07-14] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Windows x64\Print Processors\Canon iP4200 Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD78.DLL [27136 2006-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzpp5k2: C:\Windows\System32\spool\prtprocs\x64\hpzpp5k2.dll [224768 2007-06-27] (Hewlett-Packard Corporation) [Datei ist nicht signiert]
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Hewlett-Packard Corporation) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65160 2021-05-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\Windows\system32\CNBLM4.DLL [267776 2009-07-14] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP4200: C:\Windows\system32\CNMLM78.DLL [234496 2006-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON PC-FAX Driver2 64Monitor: C:\Windows\system32\EFXLM16A.DLL [182784 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON WF-3520 Series 64MonitorBE: C:\Windows\system32\E_YLMJJE.DLL [120320 2012-09-27] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON WF-C5790BA 64MonitorBE: C:\Windows\system32\E_YLMBSTE.DLL [183296 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\PCL hpz3l5k2: C:\Windows\system32\hpz3l5k2.dll [130048 2007-06-27] (Hewlett-Packard Company) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\Windows\system32\hpz3lw71.dll [46080 2009-07-14] (Hewlett-Packard Corporation) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.93\Installer\chrmstp.exe [2021-12-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
IFEO\notepad.exe: [Debugger] "C:\Program Files\Notepad2\Notepad2.exe" /z
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AudioFuseControlCenterAgent.lnk [2021-01-27]
ShortcutTarget: AudioFuseControlCenterAgent.lnk -> C:\Program Files (x86)\Arturia\AudioFuse Control Center\AudioFuseControlCenterAgent.exe (Arturia) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Native Instruments Komplete Audio Control Panel Autostart.lnk [2021-01-09]
ShortcutTarget: Native Instruments Komplete Audio Control Panel Autostart.lnk -> C:\Program Files\Native Instruments\Komplete Audio Driver\W10_x64\NativeInstrumentsUsbAudioCpl.exe (Thesycon Software Solutions GmbH & Co. KG -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk [2020-03-08]
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NIHardwareAccessibilityHelper.exe.lnk [2021-10-14]
ShortcutTarget: NIHardwareAccessibilityHelper.exe.lnk -> C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe (Native Instruments GmbH -> Native Instruments GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NTKDaemon.lnk [2021-10-14]
ShortcutTarget: NTKDaemon.lnk -> C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe (Native Instruments GmbH -> Native Instruments GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAndroidAppHelper.lnk [2021-05-17]
ShortcutTarget: WSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\Dr.Fone\Addins\SocialApps\WSAndroidAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAppHelper.lnk [2021-05-17]
ShortcutTarget: WSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\Dr.Fone\Addins\SocialApps\WSAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RCMService.lnk [2021-07-01]
ShortcutTarget: RCMService.lnk -> C:\Program Files\RolandCloudManager\RCMservice.exe (Roland VS LLC -> )
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Roland Cloud Manager.lnk [2021-07-01]
ShortcutTarget: Roland Cloud Manager.lnk -> C:\Program Files\RolandCloudManager\Roland Cloud Manager.exe (Roland VS LLC -> )
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0E690D30-9495-4DF7-8E66-DDE9B56B12B3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Keine Datei)
Task: {108DB759-47C3-411F-AEDC-CDAF6A53BBF2} - System32\Tasks\{607301E9-00CB-4C3E-A34F-1DEE45016138} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {127B4F6E-3E77-42E1-91EF-868BD7F1B2A0} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {14FCFF6B-B468-47E8-9F24-8F6BB139AC6A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {189DE712-832D-4919-A53B-6357C43F7065} - System32\Tasks\{5FEBF72B-F635-4170-AA26-F34DF43D86CD} => C:\Windows\system32\pcalua.exe -a "C:\Users\****\Desktop\LCTR2_PCAPP_LA_2_00_29.exe" -d "C:\Users\****\Desktop"
Task: {1DD6AEEF-36C8-4C2B-A5F3-30647557F044} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Keine Datei)
Task: {1FC5301A-09B5-4896-92C7-143D4F7B50CE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {22067370-523F-4563-A69B-BCA4FF99ABD6} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Keine Datei)
Task: {221976AF-2A1A-485A-AB18-6627345EE66F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\EPSON WF-C5790BA Update {7DF818DD-CDCD-4E08-95C6-B1653B8C2E8F}" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\EPSON WF-C5790BA Update {AC948215-8EA6-416D-884C-8E34C0CAA3FB}" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\EPSON WF-C5790BA Update {F10322D3-ADAD-4C15-B3DD-CAECA836EEF3}" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\EPSON WF-C5790BA Update {F77C7074-6D54-4FF5-B2F4-35224D31037C}" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_ipoint_exe" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_itype_exe" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_mousekeyboardcenter_exe" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_ipoint.exe" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_itype.exe" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3458773745-2075050605-1070322646-1000" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3458773745-2075050605-1070322646-500" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\Red Giant Link" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\{2C55730F-333E-4E6E-8A28-89D4F7F1BA48}" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\{2D71D111-9023-483C-94DE-F1FCE16654A0}" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\{4F0AAACB-AECC-406C-A08D-407A742F2531}" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\{5FEBF72B-F635-4170-AA26-F34DF43D86CD}" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(22): schtasks.exe -> /Change /TN "\{607301E9-00CB-4C3E-A34F-1DEE45016138}" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(23): schtasks.exe -> /Change /TN "\{D644A3B7-7C94-4752-8CF6-86230EB4A039}" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(24): schtasks.exe -> /Change /TN "\{E41365F9-5119-4C0B-AC95-9FDBAA4F8E7A}" /ENABLE
Task: {2B432E4D-3B2E-4CDF-BF1E-507A18DBD12C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(25): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {30570C8C-2AC6-45B2-B4E4-9219BEF0F314} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Keine Datei)
Task: {362C8F2A-661C-4248-B854-A25CF8998CB3} - System32\Tasks\{4F0AAACB-AECC-406C-A08D-407A742F2531} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Pioneer\rekordbox 5.0.3\drivers\DDJ-RZX_1.021.exe" -d "C:\Program Files\Pioneer\rekordbox 5.0.3\drivers"
Task: {37F93044-64E9-41D2-A620-C4D3855EE8F6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A174055-AE3C-4AA3-95EA-C0A5FF902430} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {3D56042C-FB4B-46D0-A747-7A7A1D30CDBC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {405B67F9-1DAE-4709-95AD-48A61136AD7A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Keine Datei)
Task: {40A791E0-DD79-40F5-A5A4-6D2C49C1402C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40BB49E8-7B78-4040-A99D-57E55D8A7BEA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Keine Datei)
Task: {46EC3832-1E01-4B74-AAEB-9BB37DFA140F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Keine Datei)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {48842036-DCDF-44AF-ABAE-99A66FF438C5} - System32\Tasks\EPSON WF-C5790BA Update {AC948215-8EA6-416D-884C-8E34C0CAA3FB} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSTE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {4EAD633B-E8B6-4792-BFD7-E9FA4229907B} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {567900EA-FFB8-44D7-8247-C4FA3E4BCF40} - System32\Tasks\AdobeAAMUpdater-1.0-cinegraffix-**** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {57613E69-95EA-46EC-83A8-990BA2471FE8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {5918E50F-3679-4D31-8A9E-D7960D401E20} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Keine Datei)
Task: {5B049B41-825F-49A8-B8CA-1AD7265D7C31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Keine Datei)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6AEAFC2B-ABA7-4ABF-9062-9D122D568511} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E4D6E2F-85C2-4509-83F8-D33871FFB53D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {712E968D-490E-4174-8A92-5969E22532B0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {767D4C25-7E35-4CD8-B792-81E506DC0A9A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Keine Datei)
Task: {7697AB97-7863-430D-859B-D294CB569D2C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Keine Datei)
Task: {7F8806E2-7E1E-43CF-9F7D-BAFA4C4AE1B7} - System32\Tasks\EPSON WF-C5790BA Update {F77C7074-6D54-4FF5-B2F4-35224D31037C} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSTE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {7FD1F503-2E3A-4ED3-901F-CFFD653B2D49} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-10-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {82C0A610-8C88-4D7C-80AD-C378C2F21B6F} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe --silent (Keine Datei)
Task: {83C896D7-FF62-46D8-BC76-0B4CE1232E79} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Keine Datei)
Task: {85EADE7A-1AAA-4B8B-B1F1-9EF3DF01F3D8} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Keine Datei)
Task: {8ABDC5CC-0505-4BEC-A386-BD29ECDB3F1B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Keine Datei)
Task: {8C6160CB-DD67-4970-B074-55E54F396C59} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2211024 2014-03-19] (Microsoft Corporation -> Microsoft)
Task: {8E4F49F6-0575-43A4-BF4F-2D7A2BEA786D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Keine Datei)
Task: {8E5D754B-C57D-4592-B8AD-EFD78A098411} - System32\Tasks\{2C55730F-333E-4E6E-8A28-89D4F7F1BA48} => C:\Windows\system32\pcalua.exe -a "C:\Users\****\Desktop\lide25vst6411011ade\SetupSG.exe" -d "C:\Users\****\Desktop\lide25vst6411011ade"
Task: {8EA91377-0FC7-4DFF-85B2-F0A29FD40723} - System32\Tasks\EPSON WF-C5790BA Update {7DF818DD-CDCD-4E08-95C6-B1653B8C2E8F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSTE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {8F38F928-198A-404F-8D5C-75C4298A7DA1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Keine Datei)
Task: {93F45096-FD0A-498E-B3DF-F95A9583AED9} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Keine Datei)
Task: {94FA5128-FA4F-43FE-877C-0C9DECE127CB} - System32\Tasks\{0E1CDC93-43E3-4BA8-9037-7741DC39FBD1} => C:\Users\****\AppData\Roaming\Sky\Sky Go\Sky Go.exe (Keine Datei)
Task: {957DC4EB-6723-474B-A36E-9DCFDF3D163C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Keine Datei)
Task: {97AD16E5-F2DB-4034-A92F-D9B61DB02127} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-12-08] (Google LLC -> Google LLC)
Task: {9A758125-4C1B-4267-9372-8F3947F11886} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-10-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {9B2D1C2B-7046-47D1-8D44-D159413A02C4} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9F632FF1-58B5-4D3A-9C94-1AB70B87A4BA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A05B792D-E0B6-41B2-A3E3-01402600145F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {A0CF97C3-C714-47B0-91C0-A84875519721} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Keine Datei)
Task: {A23A02B9-A614-46A1-A5AD-CB5AFEB6F350} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B7D1E065-CD35-4CDD-851B-9CE9F6DF5D99} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {BC0DB215-9BAF-4F4F-A0E4-5379761BF84F} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {BCEB3C72-CD4B-40FB-9818-8FB487341A8D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-12-08] (Google LLC -> Google LLC)
Task: {C0A0C6E6-0DC6-442E-95A6-C249FC61EA52} - System32\Tasks\EPSON WF-C5790BA Update {F10322D3-ADAD-4C15-B3DD-CAECA836EEF3} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSTE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {C36591E9-6201-43B8-AD8C-CEA0C78B37FB} - System32\Tasks\{D644A3B7-7C94-4752-8CF6-86230EB4A039} => C:\Windows\system32\pcalua.exe -a "C:\Users\****\Downloads\vcredist_x64.exe" -d "C:\Users\****\Downloads"
Task: {C665CE07-49DB-4FF4-828A-84902C389238} - System32\Tasks\{2D71D111-9023-483C-94DE-F1FCE16654A0} => C:\Windows\system32\pcalua.exe -a "C:\Users\****\Downloads\ActiveSetupN (1).exe" -d "C:\Users\****\Downloads"
Task: {C88CA9A3-225E-4047-A0E9-B6D4D01E8522} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {C9394A09-352C-4335-815D-873D0221EEB8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Keine Datei)
Task: {D166A093-93B3-4539-A166-217B4D6FA068} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D67AF03E-7D9E-4D83-94A5-33DC628659BA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (Keine Datei)
Task: {D826433C-9DA7-4A02-96DC-B57C0AA5CB85} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E066C0D4-883A-4FEE-B76F-003296BA8D87} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Keine Datei)
Task: {E2266FDE-DD00-41B2-98CB-AB98AFD0BC13} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EAB3CCD7-D844-4127-AB56-6A18D5E4F56E} - System32\Tasks\{76DFCB5B-6EF5-4FFC-9DD0-F3C7A1B0E8C3} => C:\Users\****\AppData\Roaming\Sky\Sky Go\Sky Go.exe (Keine Datei)
Task: {EC4FEDF3-35D7-4086-B6B9-34CCA11B0899} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {ECB02AAF-5113-4F8E-8C8C-3BA9CCC50427} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1600416 2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {EEB51FC5-9C65-4E79-B0A7-B7472F98DC79} - System32\Tasks\{85C03D2B-E1ED-4A9F-AF9C-6E592EA3551C} => C:\Users\****\AppData\Roaming\Sky\Sky Go\Sky Go.exe (Keine Datei)
Task: {EF87B51A-049E-4466-8703-6650CA9D7F41} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Keine Datei)
Task: {FA35CCD3-2DFE-4CB6-9205-BFDF68594E33} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON WF-C5790BA Update {7DF818DD-CDCD-4E08-95C6-B1653B8C2E8F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSTE.EXE:/EXE:{7DF818DD-CDCD-4E08-95C6-B1653B8C2E8F} /F:UpdateWORKGROUP\CINEGRAFFIX$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-C5790BA Update {AC948215-8EA6-416D-884C-8E34C0CAA3FB}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSTE.EXE:/EXE:{AC948215-8EA6-416D-884C-8E34C0CAA3FB} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-C5790BA Update {B9610610-508A-494B-8F3B-92F950261942}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSTE.EXE:/EXE:{B9610610-508A-494B-8F3B-92F950261942} /F:UpdateWORKGROUP\CINEGRAFFIX$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-C5790BA Update {F10322D3-ADAD-4C15-B3DD-CAECA836EEF3}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSTE.EXE:/EXE:{F10322D3-ADAD-4C15-B3DD-CAECA836EEF3} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-C5790BA Update {F77C7074-6D54-4FF5-B2F4-35224D31037C}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSTE.EXE:/EXE:{F77C7074-6D54-4FF5-B2F4-35224D31037C} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{35acc825-0636-42b8-966d-5e640ec271d3}: [DhcpNameServer] 192.168.1.254
HKU\S-1-5-21-3458773745-2075050605-1070322646-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
FireFox:
========
FF DefaultProfile: k741u5pw.default-1497732525045
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\k741u5pw.default-1497732525045 [2021-12-08]
FF Homepage: Mozilla\Firefox\Profiles\k741u5pw.default-1497732525045 -> hxxps://www.google.de/
FF Notifications: Mozilla\Firefox\Profiles\k741u5pw.default-1497732525045 -> hxxps://www.facebook.com; hxxps://chayns.net; hxxps://www.youtube.com
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-12-02]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2018-05-19] [] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC -> DivX, LLC.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.1 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-11-28] (Adobe Inc. -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.) [Datei ist nicht signiert]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-11-28] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-3458773745-2075050605-1070322646-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
Chrome:
=======
CHR Profile: C:\Users\****\AppData\Local\Google\Chrome\User Data\Default [2021-12-08]
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Extension: (ProxFlow) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2021-12-04]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-12-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-05]
CHR Extension: (Click&Clean App) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2019-12-19]
CHR Extension: (Speedtest by Ookla) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2021-12-05]
CHR Profile: C:\Users\****\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-12-04]
CHR Notifications: Profile 1 -> hxxps://www.facebook.com
CHR HomePage: Profile 1 -> hxxp://www.google.de/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.de/"
CHR Extension: (ProxFlow) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aakchaleigkohafkfjfjbblobjifikek [2021-05-11]
CHR Extension: (Präsentationen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-03]
CHR Extension: (Docs) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-03]
CHR Extension: (Google Drive) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-03]
CHR Extension: (Tabellen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-03]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-11-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Click&Clean App) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2020-08-14]
CHR Extension: (Speedtest by Ookla) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2021-04-15]
CHR Extension: (Google Mail) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Profile: C:\Users\****\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-04]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [15839648 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
S2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12905888 2020-12-19] (Acronis International GmbH -> )
S2 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1421352 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2021-11-28] (Adobe Inc. -> Adobe Inc.)
S2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6388072 2021-01-06] (Acronis International GmbH -> )
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
S2 Asset Management Daemon; C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe [118784 2009-06-26] () [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
S2 DDJ-RZX_AutoSetup; C:\Program Files (x86)\Pioneer\DDJ-RZX\DDJ-RZX_AutoSetup.exe [79864 2016-12-15] (Pioneer DJ Corporation -> Pioneer DJ Corporation)
S2 DFWSIDService; C:\Program Files (x86)\Wondershare\Dr.Fone\WsidService.exe [1051136 2021-03-01] (wondershare) [Datei ist nicht signiert]
S2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249312 2017-06-29] (DTS, Inc. -> DTS, Inc)
S2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [69632 2009-06-26] () [Datei ist nicht signiert]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3139904 2021-10-27] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3139904 2021-10-27] (ESET, spol. s r.o. -> ESET)
S2 ElevationService; C:\Program Files (x86)\Wondershare\Dr.Fone\Addins\SocialApps\ElevationService.exe [913408 2021-05-13] () [Datei ist nicht signiert]
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2019-03-26] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-06-28] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-12] (Malwarebytes Inc -> Malwarebytes)
S2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2019-11-18] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-11-18] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2102096 2020-12-19] (Acronis International GmbH -> )
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [18849168 2021-07-26] (Native Instruments GmbH -> Native Instruments GmbH)
S2 NovacomD; C:\Program Files (x86)\HP webOS\SDK\bin\novacomd\x86\novacomd.exe [61440 2011-09-19] (Palm) [Datei ist nicht signiert]
S2 Palm_TCP_Relay; C:\Program Files (x86)\HP webOS\PDK\tcprelay.exe [11776 2011-12-21] () [Datei ist nicht signiert]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Datei ist nicht signiert]
S2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7394008 2020-12-19] (Acronis International GmbH -> )
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5911456 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262824 2021-04-13] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5292bbfbf575e2d2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5292bbfbf575e2d2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S1 acedrv05; C:\Windows\system32\drivers\acedrv05.sys [136192 2016-04-05] () [Datei ist nicht signiert]
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [367096 2020-12-19] (Bitdefender SRL -> Bitdefender)
R3 bomebus; C:\WINDOWS\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 CtClsFlt; C:\WINDOWS\System32\DRIVERS\CtClsFlt.sys [178176 2011-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159800 2021-04-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183408 2021-10-27] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [124496 2021-10-27] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-10-25] (Microsoft Windows Early Launch Anti-Malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [201984 2021-10-27] (ESET, spol. s r.o. -> ESET)
S2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43920 2021-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [69736 2021-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107456 2021-10-27] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-08-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [721536 2021-01-06] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2021-01-06] (Acronis International GmbH -> Acronis International GmbH)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 moogsub37midi; C:\WINDOWS\System32\drivers\moogsub37midi.sys [352360 2017-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
S3 moogsub37midiks; C:\WINDOWS\System32\drivers\moogsub37midiks.sys [53352 2017-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
R3 NativeInstrumentsUsbAudio; C:\WINDOWS\System32\drivers\NativeInstrumentsUsbAudio.sys [381496 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 NativeInstrumentsUsbAudioks; C:\WINDOWS\System32\drivers\NativeInstrumentsUsbAudioks.sys [53816 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [154960 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
R3 nika6m2dfu; C:\WINDOWS\System32\drivers\nika6m2dfu.sys [39672 2019-03-25] (Native Instruments GmbH -> Native Instruments GmbH)
S3 nimc3audio; C:\WINDOWS\System32\Drivers\nimc3audio.sys [374296 2017-08-16] (Native Instruments GmbH -> Native Instruments GmbH)
S3 nimc3usb; C:\WINDOWS\System32\drivers\nimc3usb.sys [91088 2017-08-16] (Native Instruments GmbH -> Native Instruments GmbH)
R3 NIWinCDEmu; C:\WINDOWS\System32\drivers\NIWinCDEmu.sys [112408 2014-08-23] (NATIVE INSTRUMENTS GmbH -> )
R3 PdiPorts; C:\WINDOWS\System32\drivers\PdiPorts.sys [20520 2009-05-27] (Portrait Displays, Inc. -> Portrait Displays, Inc.)
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation -> Corel Corporation)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [887032 2021-01-06] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [176248 2021-01-06] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\System32\DRIVERS\tnd.sys [694920 2021-01-06] (Acronis International GmbH -> Acronis International GmbH)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win7.sys [41192 2018-08-25] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2021-01-06] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2021-01-06] (Acronis International GmbH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-12-05] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-12-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-12-05] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
U1 aswbdisk; kein ImagePath
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-12-08 12:45 - 2021-12-08 12:54 - 000059102 _____ C:\Users\****\Desktop\FRST.txt
2021-12-08 12:43 - 2021-12-08 12:43 - 002311168 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2021-12-08 10:21 - 2021-12-08 10:21 - 000001980 _____ C:\Users\Public\Desktop\ESET Sicheres Online-Banking und Bezahlen.lnk
2021-12-08 10:19 - 2021-12-08 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-12-08 10:19 - 2021-12-08 10:19 - 000000000 ____D C:\ProgramData\ESET
2021-12-08 10:19 - 2021-12-08 10:19 - 000000000 ____D C:\Program Files\ESET
2021-12-08 10:18 - 2021-12-08 10:18 - 008398952 _____ (ESET) C:\Users\****\Desktop\eset_smart_security_premium_live_installer.exe
2021-12-08 10:14 - 2021-12-08 10:14 - 008398952 _____ (ESET) C:\Users\****\Desktop\eset_internet_security_live_installer.exe
2021-12-08 10:08 - 2021-12-08 10:13 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-12-08 10:08 - 2021-12-08 10:13 - 000003508 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-12-08 10:08 - 2021-12-08 10:08 - 000002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-08 10:08 - 2021-12-08 10:08 - 000002238 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-12-08 10:08 - 2021-12-08 10:08 - 000000000 ____D C:\Program Files\Google
2021-12-08 09:46 - 2021-12-08 09:46 - 000001780 _____ C:\Users\Public\Desktop\iTunes.lnk
2021-12-08 09:46 - 2021-12-08 09:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-12-08 09:45 - 2021-12-08 09:46 - 000000000 ____D C:\Program Files\iTunes
2021-12-08 09:28 - 2021-12-08 09:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-12-07 21:48 - 2021-12-07 21:48 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-12-07 21:48 - 2021-12-07 21:48 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-12-07 21:48 - 2021-12-07 21:48 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-12-06 13:43 - 2021-12-06 13:43 - 000000000 ____D C:\Program Files\HitmanPro
2021-12-06 11:33 - 2021-12-06 11:33 - 000001338 _____ C:\WINDOWS\system32\.crusader
2021-12-06 10:41 - 2021-12-06 11:33 - 000000000 ____D C:\ProgramData\HitmanPro
2021-12-06 10:41 - 2021-12-06 10:41 - 011332032 _____ (SurfRight B.V.) C:\Users\****\Desktop\HitmanPro_x64.exe
2021-12-06 10:20 - 2021-12-06 10:20 - 000472016 _____ (Bleeping Computer, LLC) C:\Users\****\Desktop\sc-cleaner.exe
2021-12-05 17:20 - 2021-12-05 17:20 - 008540344 _____ (Malwarebytes) C:\Users\****\Desktop\adwcleaner_8.3.1.exe
2021-12-04 19:35 - 2021-12-04 19:35 - 000000000 ___HD C:\$SysReset
2021-12-04 18:26 - 2021-12-04 18:26 - 000000000 __SHD C:\found.000
2021-12-04 17:03 - 2021-12-04 17:04 - 000000000 ____D C:\Users\****\Desktop\DESKTOP ALL
2021-12-04 12:18 - 2021-12-04 12:22 - 000077076 _____ C:\Users\****\Downloads\1008593015_2021_Nr.011_Kontoauszug_vom_01.12.2021_20211204121821.pdf
2021-12-03 17:04 - 2021-12-03 17:04 - 011459214 _____ C:\Users\****\Downloads\Model24_OM_GI_RevE.pdf
2021-12-03 12:26 - 2021-12-03 12:26 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-12-01 21:37 - 2021-12-01 21:37 - 000000000 ____D C:\Users\****\AppData\Local\Supercharger
2021-12-01 21:34 - 2021-12-01 21:34 - 000000000 __HDC C:\ProgramData\{2193520F-B410-47C0-A002-DF03EF238C6C}
2021-12-01 21:32 - 2021-12-01 21:32 - 000001027 _____ C:\Users\Public\Desktop\Massive.lnk
2021-12-01 21:32 - 2021-12-01 21:32 - 000000000 __HDC C:\ProgramData\{3B5B250D-BC9A-407C-B0D0-5B5E67D1DC25}
2021-12-01 21:17 - 2021-12-01 21:17 - 000001059 _____ C:\Users\Public\Desktop\Traktor Pro 3.lnk
2021-12-01 21:17 - 2021-12-01 21:17 - 000000000 __HDC C:\ProgramData\{D12B8DCD-88CF-4D33-BB20-6BD921E47FC0}
2021-12-01 20:47 - 2021-12-01 20:47 - 000001131 _____ C:\Users\Public\Desktop\Controller Editor.lnk
2021-12-01 20:47 - 2021-12-01 20:47 - 000000000 __HDC C:\ProgramData\{4938857D-54DB-4BDA-8E99-5E6238E20FC7}
2021-12-01 20:43 - 2021-12-01 20:43 - 000000000 __HDC C:\ProgramData\{47BD9C62-D13D-4477-BBB7-775CFDD3DD90}
2021-12-01 20:43 - 2021-12-01 20:43 - 000000000 __HDC C:\ProgramData\{219004B9-360A-4C81-A466-5E0CE437CC62}
2021-12-01 20:43 - 2021-12-01 20:43 - 000000000 ____D C:\Users\Public\Documents\TRK-01 Bass
2021-12-01 20:42 - 2021-12-01 20:42 - 000000000 __HDC C:\ProgramData\{5BC4F37C-5D3D-458A-A743-D7CC267CCE04}
2021-12-01 20:41 - 2021-12-01 20:41 - 000000000 __HDC C:\ProgramData\{9CB151EF-FB30-4C75-A794-45C2C887FCA9}
2021-12-01 20:41 - 2021-12-01 20:41 - 000000000 ____D C:\Users\Public\Documents\Play Series Selection
2021-12-01 20:40 - 2021-12-01 20:40 - 000000000 __HDC C:\ProgramData\{3FE74569-A8F4-4CF8-9312-1879C906959A}
2021-12-01 20:38 - 2021-12-01 20:38 - 000001027 _____ C:\Users\Public\Desktop\Kontakt.lnk
2021-12-01 20:38 - 2021-12-01 20:38 - 000000000 __HDC C:\ProgramData\{E0D437A6-C13F-4762-9881-384AE51A3FBB}
2021-12-01 20:38 - 2021-12-01 20:38 - 000000000 ____D C:\Users\Public\Documents\Maschine 2 Factory Selection
2021-12-01 20:31 - 2021-12-01 20:31 - 000000000 __HDC C:\ProgramData\{4C92FBA6-EF73-4E8E-895C-058B71E4E0B9}
2021-12-01 20:30 - 2021-12-01 20:30 - 000001081 _____ C:\Users\Public\Desktop\Guitar Rig 6.lnk
2021-12-01 20:30 - 2021-12-01 20:30 - 000000000 __HDC C:\ProgramData\{72850695-ADDC-442B-9FEE-2785D4A98339}
2021-12-01 20:30 - 2021-12-01 20:30 - 000000000 ____D C:\Users\Public\Documents\Kinetic Treats
2021-12-01 20:18 - 2021-12-01 20:18 - 000000000 __HDC C:\ProgramData\{FC9F2ABE-A9B7-4378-9DDD-FCD59691CF9E}
2021-12-01 20:17 - 2021-12-01 20:17 - 000000000 __HDC C:\ProgramData\{8C4FEDD5-1BF9-48A8-82A5-765D1975BF67}
2021-12-01 20:14 - 2021-12-01 20:14 - 000000000 ____D C:\Users\Public\Documents\Expansions Selection
2021-12-01 20:13 - 2021-12-01 20:13 - 000000000 __HDC C:\ProgramData\{3188F425-C4DB-4418-8014-76D66A5B6ED5}
2021-12-01 20:12 - 2021-12-01 20:12 - 000000000 __HDC C:\ProgramData\{99B72EA3-D9F9-4199-AC97-D3EACEFBB031}
2021-12-01 20:12 - 2021-12-01 20:12 - 000000000 __HDC C:\ProgramData\{5B612635-6B08-44A8-BB7A-C898080FA16B}
2021-12-01 20:12 - 2021-12-01 20:12 - 000000000 ____D C:\Users\Public\Documents\Chromatic Fire
2021-12-01 20:12 - 2021-12-01 20:12 - 000000000 ____D C:\Users\Public\Documents\Blocks Base
2021-12-01 19:56 - 2021-12-01 19:56 - 000001091 _____ C:\Users\Public\Desktop\Native Access.lnk
2021-12-01 19:56 - 2021-12-01 19:56 - 000000000 __HDC C:\ProgramData\{0FAF319A-10AB-4310-AFCB-297525DC56AD}
2021-12-01 14:55 - 2021-12-04 13:02 - 000000000 ____D C:\Users\****\Desktop\TASCAM
2021-12-01 10:56 - 2021-12-01 10:56 - 000245862 _____ C:\Users\****\tmp3200caaaaa
2021-12-01 10:56 - 2021-12-01 10:56 - 000000000 _____ C:\Users\****\Downloads\Arturia_Software_Center__2_4_0_1764.exe
2021-12-01 09:45 - 2021-12-01 09:45 - 000632099 _____ C:\Users\****\Downloads\multinationales-korps-nordost-lebenslauf-kommandeur-brigadegeneral-wolf-juergen-stahl-mnc-ne-data.pdf
2021-12-01 09:43 - 2021-12-01 09:43 - 000113897 _____ C:\Users\****\Downloads\vita-befehlshaber-mnkdoopfue-data.pdf
2021-12-01 09:43 - 2021-12-01 09:43 - 000113897 _____ C:\Users\****\Downloads\vita-befehlshaber-mnkdoopfue-data (1).pdf
2021-11-30 21:23 - 2021-11-30 21:23 - 073962200 _____ (iZotope, Inc.) C:\Users\****\Downloads\iZotope_Ozone_Elements_v9_9_0.exe
2021-11-30 16:41 - 2021-11-30 16:41 - 000001135 _____ C:\Users\Public\Desktop\Subsequent 37 Editor.lnk
2021-11-30 16:41 - 2021-11-30 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moog Music
2021-11-30 15:52 - 2017-11-03 19:42 - 000352360 _____ (Thesycon Software Solutions GmbH & Co. KG) C:\WINDOWS\system32\Drivers\moogsub37midi.sys
2021-11-30 15:52 - 2017-11-03 19:42 - 000053352 _____ (Thesycon Software Solutions GmbH & Co. KG) C:\WINDOWS\system32\Drivers\moogsub37midiks.sys
2021-11-29 22:18 - 2021-11-29 22:18 - 011307964 _____ C:\Users\****\Downloads\audiojungle-iIGuO6Xx-cartoon-intro-theme-1.zip
2021-11-29 18:45 - 2021-11-29 18:45 - 007055927 _____ C:\Users\****\Downloads\graphicriver-SCRM0yLd-chewing-or-bubble-gum-realistic-package-mockups.zip
2021-11-29 18:26 - 2021-11-29 18:26 - 005345139 _____ C:\Users\****\Downloads\graphicriver-SOGKTCGi-berries-icon-set.zip
2021-11-29 18:19 - 2021-11-29 18:19 - 002914685 _____ C:\Users\****\Downloads\graphicriver-X4imkhVv-pepper.zip
2021-11-29 14:46 - 2021-11-29 14:46 - 002026295 _____ C:\Users\****\Downloads\download-llbrig1-vitakdr-bg-arlt-data.pdf
2021-11-29 14:44 - 2021-11-29 14:44 - 003949903 _____ C:\Users\****\Downloads\download-ksk-vitakdr-bg-meyer-data.pdf
2021-11-29 14:42 - 2021-11-29 14:42 - 000597016 _____ C:\Users\****\Downloads\download-dsk-kdr-gm-hannemann-data.pdf
2021-11-28 13:26 - 2021-11-28 13:29 - 000000000 ____D C:\Users\****\Desktop\Router
2021-11-28 11:33 - 2021-11-28 11:33 - 004317726 _____ C:\Users\****\Downloads\christmas-snowflake-background.zip
2021-11-28 11:23 - 2021-11-28 11:23 - 000000000 ___HD C:\adobeTemp
2021-11-27 17:42 - 2021-11-27 17:42 - 000000000 ____D C:\Users\****\Documents\FeedbackHub
2021-11-26 16:39 - 2021-11-26 16:39 - 000066734 _____ C:\Users\****\Downloads\All_Sounds_Subsequent_37_PD (1).zip
2021-11-26 16:39 - 2021-11-26 16:39 - 000019688 _____ C:\Users\****\Downloads\Luca De Gennaro Presets_4.zip
2021-11-26 13:04 - 2021-11-26 13:04 - 000457149 _____ C:\Users\****\Downloads\3FEPML.pdf
2021-11-23 16:27 - 2021-11-23 16:27 - 000277856 _____ C:\Users\****\Downloads\Terminsprechstunde_Ablauf_20210705.pdf
2021-11-19 16:45 - 2021-11-19 16:45 - 000042728 _____ C:\Users\****\Downloads\d26822.PDF
2021-11-16 14:27 - 2021-11-16 14:30 - 000000000 ____D C:\Users\****\AppData\Roaming\Breitbandmessung
2021-11-16 14:27 - 2021-11-16 14:27 - 000002318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Breitbandmessung.lnk
2021-11-16 14:27 - 2021-11-16 14:27 - 000002306 _____ C:\Users\Public\Desktop\Breitbandmessung.lnk
2021-11-16 14:27 - 2021-11-16 14:27 - 000000000 ____D C:\Users\****\AppData\Local\breitbandmessung-updater
2021-11-16 14:27 - 2021-11-16 14:27 - 000000000 ____D C:\Program Files\Breitbandmessung
2021-11-16 14:26 - 2021-11-16 14:26 - 139118296 _____ (zafaco GmbH) C:\Users\****\Downloads\Breitbandmessung-win.exe
2021-11-12 20:06 - 2021-11-12 20:06 - 000000000 ____D C:\Users\****\AppData\Roaming\NVIDIA
2021-11-12 11:09 - 2021-12-07 20:34 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-11 09:57 - 2021-11-11 09:57 - 001328408 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-11-11 09:57 - 2021-11-11 09:57 - 001321984 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-11-11 09:57 - 2021-11-11 09:57 - 000503576 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-11-11 09:56 - 2021-11-11 09:56 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-11 09:55 - 2021-11-11 09:55 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-11 09:55 - 2021-11-11 09:55 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-11 09:54 - 2021-11-11 09:54 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-11 08:47 - 2021-11-11 08:47 - 000000000 ___HD C:\$WinREAgent
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-12-08 13:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-08 12:52 - 2017-12-10 11:21 - 000000000 ____D C:\FRST
2021-12-08 12:51 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-08 12:34 - 2013-03-30 16:01 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-08 12:25 - 2013-05-29 11:02 - 000000000 ____D C:\ProgramData\NVIDIA
2021-12-08 11:44 - 2013-10-11 11:03 - 000024210 _____ C:\Users\****\AppData\Roaming\Notepad2.ini
2021-12-08 11:38 - 2020-11-18 23:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-08 10:20 - 2017-10-02 21:45 - 000000000 ____D C:\Users\****\AppData\Local\ESET
2021-12-08 10:19 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-08 10:19 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-08 10:14 - 2021-01-09 17:34 - 000000000 ____D C:\Users\****\AppData\Local\D3DSCache
2021-12-08 10:13 - 2020-02-22 13:12 - 000000000 ____D C:\Users\****\AppData\LocalLow\IGDump
2021-12-08 10:04 - 2020-12-26 16:36 - 000000000 ____D C:\Users\****\AppData\Local\SpliceSettings
2021-12-08 09:57 - 2021-01-13 12:29 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-08 09:57 - 2013-03-30 16:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-08 09:51 - 2017-04-28 09:19 - 000000000 ____D C:\Users\****\AppData\LocalLow\Mozilla
2021-12-08 08:56 - 2021-01-21 13:11 - 000000000 ____D C:\Users\****\AppData\Roaming\Roland Cloud
2021-12-08 08:56 - 2013-07-08 11:39 - 000000000 ____D C:\Users\****\AppData\Local\CrashDumps
2021-12-07 22:47 - 2013-04-02 17:15 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-07 22:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-07 21:46 - 2020-11-19 00:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-07 21:45 - 2021-01-08 17:23 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-07 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-12-07 21:44 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-12-07 20:30 - 2021-01-09 16:47 - 000000000 ____D C:\Users\****
2021-12-07 20:30 - 2021-01-09 16:47 - 000000000 ____D C:\Users\****
2021-12-06 20:58 - 2019-12-20 11:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-12-06 11:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-12-05 17:51 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-12-05 17:46 - 2017-07-02 14:53 - 000000000 ____D C:\Users\****\AppData\Roaming\Hewlett-Packard
2021-12-05 17:46 - 2017-06-30 22:26 - 000000000 ____D C:\Users\****\AppData\Roaming\Hewlett-Packard
2021-12-05 17:46 - 2016-12-22 16:51 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-12-05 17:46 - 2016-12-20 18:12 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-12-05 17:34 - 2017-12-08 22:09 - 000000000 ____D C:\AdwCleaner
2021-12-05 16:20 - 2021-01-17 20:05 - 000000000 ____D C:\Users\****\AppData\Roaming\obs-studio
2021-12-05 15:16 - 2020-11-19 00:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-12-05 15:00 - 2013-03-30 14:33 - 000002259 _____ C:\WINDOWS\epplauncher.mif
2021-12-04 21:07 - 2021-03-28 16:56 - 000000000 ____D C:\Users\****\AppData\Roaming\Sky Go
2021-12-04 12:47 - 2020-11-09 17:02 - 000000000 ____D C:\Users\****\Documents\Bank11_20
2021-12-02 21:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-01 22:42 - 2014-08-20 12:02 - 000000000 ____D C:\Users\****\Documents\Native Instruments
2021-12-01 22:42 - 2014-08-20 12:02 - 000000000 ____D C:\Users\****\AppData\Local\Native Instruments
2021-12-01 21:33 - 2014-08-20 11:55 - 000000000 ____D C:\Program Files\Native Instruments
2021-12-01 21:33 - 2014-08-20 11:55 - 000000000 ____D C:\Program Files\Common Files\Native Instruments
2021-12-01 21:33 - 2013-02-11 15:35 - 000000000 ____D C:\Program Files\Common Files\VST3
2021-12-01 21:31 - 2014-08-20 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2021-12-01 21:31 - 2011-09-13 20:08 - 000000000 ____D C:\Program Files\VSTPlugins
2021-12-01 21:05 - 2014-08-20 11:55 - 000000000 ____D C:\ProgramData\Native Instruments
2021-12-01 20:53 - 2013-09-18 15:36 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-01 19:31 - 2014-02-26 23:22 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-12-01 19:04 - 2013-03-31 09:52 - 000000000 ____D C:\Users\****\Documents\Outlook-Dateien
2021-12-01 14:14 - 2021-10-20 14:20 - 000000000 ____D C:\Users\****\AppData\Local\iZotope
2021-12-01 10:57 - 2018-01-13 22:04 - 000000000 ___RD C:\Users\****\Creative Cloud Files
2021-11-30 21:23 - 2021-10-20 14:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope
2021-11-30 21:22 - 2021-10-20 14:16 - 000000000 ____D C:\Program Files\iZotope
2021-11-30 16:41 - 2018-09-17 14:25 - 000000000 ____D C:\Program Files\Moog Music
2021-11-30 16:41 - 2013-02-11 15:35 - 000000000 ____D C:\Program Files (x86)\VSTPlugIns
2021-11-30 16:24 - 2021-02-09 14:16 - 000001086 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2021-11-30 16:24 - 2021-02-09 14:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2021-11-29 21:15 - 2013-03-30 16:42 - 000000000 ____D C:\Users\****\AppData\Roaming\Adobe
2021-11-28 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-28 11:21 - 2013-03-31 22:56 - 000000000 ____D C:\Program Files\Adobe
2021-11-28 11:20 - 2021-01-02 14:38 - 000001350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-11-28 11:20 - 2021-01-02 14:38 - 000001320 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2021-11-28 11:20 - 2013-03-31 13:44 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-11-28 11:19 - 2010-11-24 21:58 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-11-27 17:50 - 2017-12-27 16:07 - 000000000 ____D C:\Users\****\AppData\Local\ElevatedDiagnostics
2021-11-25 19:46 - 2020-11-19 00:54 - 000000000 ____D C:\ProgramData\Packages
2021-11-18 21:56 - 2020-11-22 12:14 - 000000000 ____D C:\Users\****\AppData\Roaming\Xfer
2021-11-18 20:07 - 2021-02-08 12:22 - 000002468 _____ C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-16 19:26 - 2021-08-27 21:33 - 000000000 ____D C:\Users\****\AppData\Local\splice
2021-11-16 19:26 - 2020-12-26 16:36 - 000002304 _____ C:\Users\****\Desktop\Splice.lnk
2021-11-16 19:26 - 2020-12-26 16:36 - 000000000 ____D C:\Users\****\AppData\Roaming\Splice
2021-11-16 19:26 - 2020-12-26 16:36 - 000000000 ____D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Splice
2021-11-16 10:25 - 2021-01-09 16:46 - 001930124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-16 10:25 - 2019-12-07 15:51 - 000821510 _____ C:\WINDOWS\system32\perfh007.dat
2021-11-16 10:25 - 2019-12-07 15:51 - 000183344 _____ C:\WINDOWS\system32\perfc007.dat
2021-11-15 10:34 - 2021-01-09 17:42 - 000000000 ____D C:\Users\****\AppData\Local\PlaceholderTileLogoFolder
2021-11-15 09:44 - 2020-01-02 14:28 - 000000000 ____D C:\Program Files\Microsoft Office
2021-11-12 16:55 - 2013-11-23 20:51 - 000000000 ____D C:\Users\****\AppData\Local\Packages
2021-11-12 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-11-11 22:55 - 2021-03-20 16:25 - 010603680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-11 22:47 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-11-11 22:47 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-11 22:47 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-11 22:47 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-11 22:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-11 22:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-11 22:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-11 22:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-11 22:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-11 22:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-11 22:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-11 22:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-11 22:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-11 22:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-11 09:30 - 2021-02-20 21:02 - 000000000 ____D C:\WINDOWS\Minidump
2021-11-10 15:05 - 2013-08-14 22:51 - 000000000 ____D C:\WINDOWS\system32\MRT
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2010-11-23 23:27 - 2010-11-25 15:14 - 000018724 _____ () C:\Program Files (x86)\mbsuite20.log
2010-11-25 10:41 - 2010-11-25 15:15 - 000006704 _____ () C:\Program Files (x86)\mbsuite21.log
2003-09-08 09:09 - 2002-01-05 03:40 - 000487424 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp70.dll
2004-04-23 17:06 - 2003-11-03 17:07 - 000499712 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp71.dll
2003-09-08 09:09 - 2003-05-30 09:22 - 000344064 ____R (Microsoft Corporation) C:\Program Files (x86)\msvcr70.dll
2004-04-23 17:06 - 2003-11-03 17:07 - 000348160 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr71.dll
2010-11-23 23:43 - 2010-11-23 23:43 - 000036868 _____ () C:\Program Files (x86)\uninst-Lux.exe
2013-07-18 17:49 - 2014-05-22 12:07 - 000000132 _____ () C:\Users\****\AppData\Roaming\Adobe GIF Format CC Prefs
2013-04-06 16:17 - 2013-06-18 14:07 - 000000132 _____ () C:\Users\****\AppData\Roaming\Adobe GIF Format CS6 Prefs
2013-12-03 15:52 - 2013-12-03 15:52 - 000000132 _____ () C:\Users\****\AppData\Roaming\Adobe IllExport Filter CC Prefs
2013-06-07 16:34 - 2013-06-07 16:34 - 000000132 _____ () C:\Users\****\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2013-11-28 21:04 - 2014-02-28 20:33 - 000000132 _____ () C:\Users\****\AppData\Roaming\Adobe OpenEXR Format CC Prefs
2013-06-20 10:13 - 2017-04-28 10:22 - 000000132 _____ () C:\Users\****\AppData\Roaming\Adobe PNG Format CC Prefs
2013-04-10 13:06 - 2014-07-15 11:48 - 000000132 _____ () C:\Users\****\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-06-30 19:58 - 2017-08-08 18:51 - 000000034 _____ () C:\Users\****\AppData\Roaming\AdobeWLCMCache.dat
2013-09-27 12:38 - 2013-09-27 12:38 - 000000268 ___RH () C:\Users\****\AppData\Roaming\Documentation
2013-09-27 12:38 - 2013-09-27 12:38 - 000000268 ___RH () C:\Users\****\AppData\Roaming\Documents
2013-09-27 12:38 - 2013-09-27 12:38 - 000000268 ___RH () C:\Users\****\AppData\Roaming\Drum Kits
2015-03-15 11:48 - 2015-10-31 20:23 - 000000083 _____ () C:\Users\****\AppData\Roaming\mbam.context.scan
2013-10-11 11:03 - 2021-12-08 11:44 - 000024210 _____ () C:\Users\****\AppData\Roaming\Notepad2.ini
2021-01-21 13:11 - 2021-10-13 13:16 - 000044804 _____ () C:\Users\****\AppData\Roaming\rcm_install.log
2015-10-31 21:06 - 2015-10-31 21:06 - 000000105 _____ () C:\Users\****\AppData\Roaming\settings.xml
2018-08-25 20:19 - 2018-08-25 20:54 - 000004650 _____ () C:\Users\****\AppData\Roaming\VoiceMeeterDefault.xml
2013-06-14 16:48 - 2013-06-20 09:41 - 000000005 _____ () C:\Users\****\AppData\Roaming\WBPU-TTL.DAT
2015-10-09 14:51 - 2016-01-11 22:29 - 000001456 _____ () C:\Users\****\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-04-01 19:24 - 2018-05-20 20:14 - 000007667 _____ () C:\Users\****\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu Win 10: Adware.Mindspark installiert sich immer wieder neu |
| antivirus, beste grüße, browser, computer, converter, defender, entfernen, firefox, format, google, homepage, internet, internet explorer, mozilla, mp3, netzwerk, nvcontainer, nvcontainer.exe, problem, prozesse, realtek, registry, rundll, scan, security, software, usb, windows |
Baum-Darstellung