| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner oobe-maintenance ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
23.12.2023, 22:01
| #1 |
| |  Trojaner oobe-maintenance ? Ich hatte einen Trainer für ein spiel gesucht.Diesen auch Runtergeladen.Dann entpackt und dann mit AVG Premium geprüft.Nichts wurde erkannt.Dann habe ich das Programm geöffnet.Es ist nichts passiert bis auf eine höhere auslastung.Programm hatt sich auch nicht geöffnet.Kurz danach meldete sich AVG mit der meldung oobe-maintenance.exe blockiert da es auf die in Chrome gespeicherten Passwörter zugreifen wollte. Bei Virustotal erkennen nur eine Handvoll Programme etwas. Hier einmal der Link zur Analyse. https://www.virustotal.com/gui/file/e859660e01722f81b903fc4ffd566592415ba152797785ec15b8899044846bce/detection Nun bin ich mir nicht sicher ob ich mir etwas eingefangen habe da sonst nichts passiert ist bisher.Bin mir nun nicht sicher ob im Hintergrund etwas ist was vielleicht nicht erkannt wurde von AVG. Hier zuerst FRST Log, dann Addition Log von FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-12-2023
durchgeführt von Marvin (Administrator) auf DESKTOP-J95DT60 (23-12-2023 21:35:07)
Gestartet von C:\Users\Marvin\Desktop\FRST64.exe
Geladene Profile: Marvin & Tim & Rendern
Plattform: Microsoft Windows 10 Home Version 22H2 19045.3803 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(A-Volute -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
(C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
(C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe ->) (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe ->) () [Datei ist nicht signiert] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (614A9D21-6F29-4C9D-9F7D-FF59321D9E5F -> ) C:\Program Files\WindowsApps\6760NGPDFLab.PDFX_1.3.59.0_x64__sbe4t8mqwq93a\FileWatcher\FileWatcher.exe
(explorer.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <50>
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Savitech Corp. -> SAVITECH) C:\Program Files (x86)\SAVITECH\SVLoadSense\SVLoadSense.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Node.js Foundation -> Joyent, Inc) C:\ProgramData\DNTException\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\RealPlayer\downloader2.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUSTeK Computer Inc\AURA\AsLedService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\VpnSvc.exe
(services.exe ->) (Brio) [Datei ist nicht signiert] C:\Program Files\FolderSize\FolderSizeSvc.exe
(services.exe ->) (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox) C:\Program Files\Agent\Agent.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(services.exe ->) (Garena Online Pte Ltd -> Garena Online) X:\Garena Ring of Elysium\Garena\Garena\2.0.1812.2810\gxxsvc.exe
(services.exe ->) (Hi-Rez Studios) [Datei ist nicht signiert] E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(services.exe ->) (Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Intel(R) Software -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(services.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RTUWPSrvcMain.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files\TP-Link\WifiAutoInstall\WifiAutoInstallSrv.exe
(services.exe ->) (Tencent Technology(Shenzhen) Company Limited -> Tencent) X:\txgameassistant\appmarket\QMEmulatorService.exe
(services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [SS2UILauncher] => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [560144 2017-04-13] (A-Volute -> ASUSTeK COMPUTER INC.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229280 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [454072 2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [3912504 2022-01-19] () [Datei ist nicht signiert]
HKLM\...\Run: [SVLoadSense] => C:\Program Files (x86)\SAVITECH\SVLoadSense\SVLoadSense.exe [1762000 2015-09-21] (Savitech Corp. -> SAVITECH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2019-07-17] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel(R) Driver & Support Assistant -> Intel)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [347560 2022-08-25] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [RealPlayer] => C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe [5939656 2022-08-25] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\Real\RealPlayer\downloader2.exe [1182120 2022-08-25] (RealNetworks, Inc. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [WallpaperEngine] => E:\steam\SteamApps\common\wallpaper_engine\wallpaper64.exe [3772512 2022-12-06] (Skutta, Kristjan -> )
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [Steam] => E:\steam\steam.exe [4375912 2023-09-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [TBPanel] => C:\Program Files\EXPERTool\TBPanel.exe [3200824 2019-10-01] (GAINWARD TECHNOLOGY INT'L LIMITED -> Gainward Co. Ltd.)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [Agent Tray] => C:\Program Files\Agent\AgentTray.exe [1716664 2021-02-01] (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [Amazon Music Helper] => C:\Users\Marvin\AppData\Local\Amazon Music\Amazon Music Helper.exe [2364128 2022-11-16] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [Amazon Music] => C:\Users\Marvin\AppData\Local\Amazon Music\Amazon Music.exe [24274144 2022-11-16] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [GogGalaxy] => D:\GOG Galaxy\GalaxyClient.exe [13993440 2023-11-10] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [MicrosoftEdgeAutoLaunch_F685726A62F3A6F634D755C9957574A5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [Intel Management Engine Components 1506245864] => wscript.exe /t:30 /nologo /e:jscript "C:\ProgramData\Intel\Intel(R) Management Engine Components\Intel MEC 3330589457" "C:\ProgramData\Intel\Intel(R) Management Engine Components" 684161620 (Keine Datei)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {1e9672be-23da-11ee-a016-ba4873b892e3} - "I:\HonorSuiteOnlineInstaller.exe"
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {2ebbad78-d4e1-11ea-9d4b-3497f63612b9} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {38fcf5cc-bb47-11ed-a001-97e2eca85ec1} - "I:\HonorSuiteOnlineInstaller.exe"
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {3d20f68d-f89f-11ec-9fe0-ea633d51bb00} - "J:\HonorSuiteOnlineInstaller.exe"
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {77b79e9d-1f13-11ec-9fb6-8808a3f08b52} - "J:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {792898c2-9e10-11eb-9ee1-ec562a522ac8} - "I:\AutoRun.exe"
HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {d531db6f-5c8f-11e7-9bc5-b81a02e388c4} - "J:\pushinst.exe"
HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\Run: [Opera GX Browser Assistant] => C:\Users\Tim\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\MountPoints2: {d531db6f-5c8f-11e7-9bc5-b81a02e388c4} - "I:\pushinst.exe"
HKU\S-1-5-21-2418357992-2173213262-1883250885-1003\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Windows x64\Print Processors\Canon MP270 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9X.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP270 series: c:\windows\system32\CNMLM9X.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\120.0.6099.129\Installer\chrmstp.exe [2023-12-22] (Google LLC -> Google LLC)
Startup: C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AORUS ENGINE.lnk [2021-07-17]
ShortcutTarget: AORUS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [Datei ist nicht signiert]
Startup: C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-05-17]
ShortcutTarget: Twitch.lnk -> C:\Users\Marvin\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FiiO Control Panel Autostart.lnk [2018-05-15]
ShortcutTarget: FiiO Control Panel Autostart.lnk -> C:\Program Files\FiiO\FiiO_Driver\W10_x64\FiiOCplApp.exe (Thesycon Software Solutions GmbH & Co. KG) [Datei ist nicht signiert]
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00f07bb2-457c-40e5-8741-09b64abb2d77} - kein Dateipfad. <==== ACHTUNG
Task: {0319baef-e4bf-4d71-b4b6-8dca2744c615} - kein Dateipfad. <==== ACHTUNG
Task: {042c75eb-4a0e-4057-bb89-9886c74e1152} - kein Dateipfad. <==== ACHTUNG
Task: {07241685-de7a-4c40-93e4-d152313b2972} - kein Dateipfad. <==== ACHTUNG
Task: {07841969-831e-4791-b8a5-17d733d1c29e} - kein Dateipfad. <==== ACHTUNG
Task: {0a01be28-3f74-4c38-8992-1f5402abb9a6} - kein Dateipfad. <==== ACHTUNG
Task: {0ac03db4-08a7-4447-9fa3-158ed99a7840} - kein Dateipfad. <==== ACHTUNG
Task: {0b0ec497-cee8-4f9b-b2ef-b5bb0ec44642} - kein Dateipfad. <==== ACHTUNG
Task: {0bdc092c-d2c6-4b4d-8206-bfab8d10a02d} - kein Dateipfad. <==== ACHTUNG
Task: {0d92017f-c5a8-41f4-a75e-c512d0dd2851} - kein Dateipfad. <==== ACHTUNG
Task: {100002ff-d498-49cb-ad89-edc5552909a4} - kein Dateipfad. <==== ACHTUNG
Task: {10807429-dd67-4e69-b197-89e22acb104d} - kein Dateipfad. <==== ACHTUNG
Task: {1110341b-2f38-4d42-bdab-e0b579087b0e} - kein Dateipfad. <==== ACHTUNG
Task: {12f296f8-d58f-415a-a466-7bdc1cb93990} - kein Dateipfad. <==== ACHTUNG
Task: {158e5808-5c61-43da-bc6a-ba3fce690fea} - kein Dateipfad. <==== ACHTUNG
Task: {1941edeb-2f3e-43e5-95eb-9e3d09b12b59} - kein Dateipfad. <==== ACHTUNG
Task: {1b50ef89-c9fc-4c7f-8223-0b708324bad0} - kein Dateipfad. <==== ACHTUNG
Task: {1ca3831b-e35d-46a6-8936-94fee5c76406} - kein Dateipfad. <==== ACHTUNG
Task: {1e3fe6ac-9245-462a-a8ef-ee929319b370} - kein Dateipfad. <==== ACHTUNG
Task: {207b1281-5a32-41a3-9fcb-e623ccdf8a2a} - kein Dateipfad. <==== ACHTUNG
Task: {214707f8-2f7f-4383-900a-d6b997fa3dc8} - kein Dateipfad. <==== ACHTUNG
Task: {228207a3-84d4-49f8-83fd-4765fdc7822c} - kein Dateipfad. <==== ACHTUNG
Task: {22a1239e-24e6-45a6-8d4b-19b709b4b9b4} - kein Dateipfad. <==== ACHTUNG
Task: {22be5f78-172e-4d18-bde9-e8284ad2a464} - kein Dateipfad. <==== ACHTUNG
Task: {23439c45-2bb0-4a2f-b22b-abed3cf96fbf} - kein Dateipfad. <==== ACHTUNG
Task: {235237f4-abce-4ecc-bdca-d199f7a990b4} - kein Dateipfad. <==== ACHTUNG
Task: {279155d2-b67e-44c3-9749-01c874945634} - kein Dateipfad. <==== ACHTUNG
Task: {297806de-b978-4e50-ba49-6cba6e9c8ac6} - kein Dateipfad. <==== ACHTUNG
Task: {2aaf06b0-d224-4316-8adc-5cece7849403} - kein Dateipfad. <==== ACHTUNG
Task: {2bf37f55-67cb-42b2-a044-3a3d4394296a} - kein Dateipfad. <==== ACHTUNG
Task: {2e0fcfaf-e07b-4033-afb6-11dbb6b9e67c} - kein Dateipfad. <==== ACHTUNG
Task: {3014ffc8-c5c6-4aaa-b632-9076869382d0} - kein Dateipfad. <==== ACHTUNG
Task: {307354f7-f537-41b5-9dd0-0c50547b4843} - kein Dateipfad. <==== ACHTUNG
Task: {33edb24a-ba30-49a6-a105-1c213fe0e0ed} - kein Dateipfad. <==== ACHTUNG
Task: {352891b2-02fe-4be4-9f37-0e282a709e5e} - kein Dateipfad. <==== ACHTUNG
Task: {3997b9d0-16a3-4e67-915c-50ae4a3242ce} - kein Dateipfad. <==== ACHTUNG
Task: {3c54cdf4-bc53-4007-82cf-9bcc0a3bebcd} - kein Dateipfad. <==== ACHTUNG
Task: {4181a82c-d9b1-458f-92cd-d5840fbc7c0b} - kein Dateipfad. <==== ACHTUNG
Task: {43cc9c90-bb3e-4432-9d6a-aa24c579db12} - kein Dateipfad. <==== ACHTUNG
Task: {43ee5746-6346-457e-af12-d49470792b6c} - kein Dateipfad. <==== ACHTUNG
Task: {44bce527-6714-4fe1-a658-0548ec169092} - kein Dateipfad. <==== ACHTUNG
Task: {45019cf6-fbdd-4a6d-bf89-14127cc35850} - kein Dateipfad. <==== ACHTUNG
Task: {48304661-5126-479b-a93f-a0fac3d66ab8} - kein Dateipfad. <==== ACHTUNG
Task: {492914ce-13f3-4e4c-b652-68b0e780a39f} - kein Dateipfad. <==== ACHTUNG
Task: {4c27da43-ae9e-4b4f-99b8-f360ae79228e} - kein Dateipfad. <==== ACHTUNG
Task: {4e9a1dda-8e7a-445c-b6b1-2584d0ceb83f} - kein Dateipfad. <==== ACHTUNG
Task: {4efc2bc3-e0d8-4c56-8b88-842f47cbc659} - kein Dateipfad. <==== ACHTUNG
Task: {5036F7F5-53F4-454C-BBD1-5E0FE4909892} - System32\Tasks\SS2UILauncherRun
Task: {51c0c18f-5112-4ff9-8169-528bf67b47c6} - kein Dateipfad. <==== ACHTUNG
Task: {5204cf0c-c0b1-4872-a0df-ea7358561d2a} - kein Dateipfad. <==== ACHTUNG
Task: {55E29943-393D-4F8D-BBA8-37D98560948B} - System32\Tasks\User_Feed_Synchronization-{3B53E115-3F87-4AA3-B87F-5E36793C6DE1}
Task: {561b73b6-5b0e-40c1-853e-c8bc083edeed} - kein Dateipfad. <==== ACHTUNG
Task: {575c385c-9d4e-47b5-a181-38ad34f887bc} - kein Dateipfad. <==== ACHTUNG
Task: {5EC444B4-B6A9-4CD1-A7B5-FEA3609C7743} - System32\Tasks\Opera GX scheduled Autoupdate 1585424583
Task: {5eecacc4-3f94-440a-bfba-75aa5803b10f} - kein Dateipfad. <==== ACHTUNG
Task: {636f7a6b-05af-4483-860a-b7bba6af79eb} - kein Dateipfad. <==== ACHTUNG
Task: {654b2dc3-8e56-4baa-8b13-8e9b8d23ffc0} - kein Dateipfad. <==== ACHTUNG
Task: {664857fa-6b20-4ffb-aaa8-d9669395fd1a} - kein Dateipfad. <==== ACHTUNG
Task: {6d9ecedc-a500-4872-b1e0-d7b9aa54d96f} - kein Dateipfad. <==== ACHTUNG
Task: {70d399fb-bdff-4221-a4be-8ab73cf5ff9f} - kein Dateipfad. <==== ACHTUNG
Task: {71d6d8be-5903-45ec-a28b-658ed338214b} - kein Dateipfad. <==== ACHTUNG
Task: {732bdf17-9b53-49cc-9378-4129d6853aae} - kein Dateipfad. <==== ACHTUNG
Task: {749355b1-3b71-491a-92c4-0b74f14c91b9} - kein Dateipfad. <==== ACHTUNG
Task: {7567a239-6281-48f4-84d8-4e67e58ab35b} - kein Dateipfad. <==== ACHTUNG
Task: {7a0a7cad-3cbc-4344-a1d2-cc36227b22e4} - kein Dateipfad. <==== ACHTUNG
Task: {7ace46c0-3a39-4e04-80bc-ea7609707466} - kein Dateipfad. <==== ACHTUNG
Task: {805462BE-A322-484C-BC43-72C5125909FD} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2418357992-2173213262-1883250885-1001
Task: {82254a9c-30a1-40f5-91ea-755f27610678} - kein Dateipfad. <==== ACHTUNG
Task: {834457e0-67cf-4af2-ae6d-27a59a0dd105} - kein Dateipfad. <==== ACHTUNG
Task: {8710e29c-6aab-415b-9714-cd2539f3c5fa} - kein Dateipfad. <==== ACHTUNG
Task: {887d8616-0f54-4944-a358-1fa805c1284c} - kein Dateipfad. <==== ACHTUNG
Task: {88ddabd5-1641-4dc9-9b1f-5284d4a0034e} - kein Dateipfad. <==== ACHTUNG
Task: {8a0e20f4-d68f-4572-a1d6-a55732c4bf73} - kein Dateipfad. <==== ACHTUNG
Task: {8A1F7FF7-1043-4901-8886-5EF4F5A108D5} - System32\Tasks\RealDownloader Update Check
Task: {8d217de8-c25d-4b21-aa01-82072dfdae94} - kein Dateipfad. <==== ACHTUNG
Task: {8d82e73a-e6e6-4efc-93fb-787962a58da1} - kein Dateipfad. <==== ACHTUNG
Task: {8E23F49B-8816-4208-A48C-4B5B3FAA1FB3} - System32\Tasks\SS2svc32Run
Task: {91f7ab51-30d4-4e6e-b230-47d897654872} - kein Dateipfad. <==== ACHTUNG
Task: {966e565a-5335-4606-9877-1d444ce1aec4} - kein Dateipfad. <==== ACHTUNG
Task: {96f69300-191e-4275-809f-cbedf2c3930a} - kein Dateipfad. <==== ACHTUNG
Task: {97095884-dcb3-4828-a215-ab663423a0f1} - kein Dateipfad. <==== ACHTUNG
Task: {97272ebe-bb86-4ec6-a189-b342f0674e7c} - kein Dateipfad. <==== ACHTUNG
Task: {9898a0c4-9743-42dd-9eeb-8bbbc7e7dda3} - kein Dateipfad. <==== ACHTUNG
Task: {9b535b07-8673-44bc-9e80-09f7d510261c} - kein Dateipfad. <==== ACHTUNG
Task: {9c269520-2ef9-445e-9780-c1f531318536} - kein Dateipfad. <==== ACHTUNG
Task: {9e64924d-554c-4be1-b646-32761ae7fb12} - kein Dateipfad. <==== ACHTUNG
Task: {a2b8bef3-b7d3-46c2-8e25-2f82b0ce7128} - kein Dateipfad. <==== ACHTUNG
Task: {a2dee4c4-d117-44bd-b609-4b4f7e3563cb} - kein Dateipfad. <==== ACHTUNG
Task: {a39ed01b-e77e-4e63-8b2b-5bb15107d252} - kein Dateipfad. <==== ACHTUNG
Task: {a414e34a-bd49-4c55-a430-276ce6857b3a} - kein Dateipfad. <==== ACHTUNG
Task: {a5035283-8fd9-4890-870f-5bad66c734e0} - kein Dateipfad. <==== ACHTUNG
Task: {aec3a828-98e4-43cf-a047-02f6727d3583} - kein Dateipfad. <==== ACHTUNG
Task: {b15354a1-306e-41e9-a1b4-a82c61d9caa5} - kein Dateipfad. <==== ACHTUNG
Task: {b6032447-c9d2-436c-a2cd-812e7ea46465} - kein Dateipfad. <==== ACHTUNG
Task: {b7f1c81b-076e-4623-9dd6-7ee2c34b8899} - kein Dateipfad. <==== ACHTUNG
Task: {b82be94d-e829-4433-88dc-0b01617cfe69} - kein Dateipfad. <==== ACHTUNG
Task: {BB028CC1-5198-4A60-B3E4-0CE392B8EBA0} - System32\Tasks\SS2svc64Run
Task: {bbd375b8-6a95-4ce2-be0f-fa156d7164f2} - kein Dateipfad. <==== ACHTUNG
Task: {bd2264a0-10be-4ccb-a5bd-46de3d0989e0} - kein Dateipfad. <==== ACHTUNG
Task: {bdbdb72d-48b4-451f-b7fb-35007ccb31c5} - kein Dateipfad. <==== ACHTUNG
Task: {bf8a77e5-8935-4bd1-a2c6-4029235b64bd} - kein Dateipfad. <==== ACHTUNG
Task: {c29067eb-e5aa-4fef-a33e-e1dd6f7e542d} - kein Dateipfad. <==== ACHTUNG
Task: {c545716f-870e-4401-9651-021a21a05914} - kein Dateipfad. <==== ACHTUNG
Task: {c7b68c0e-b2ef-4721-b0dc-8b0266e07d1a} - kein Dateipfad. <==== ACHTUNG
Task: {cad4fe3b-70a4-43f4-a31c-0295a374df94} - kein Dateipfad. <==== ACHTUNG
Task: {cd26d286-05ce-4ede-88ac-32165c28f60e} - kein Dateipfad. <==== ACHTUNG
Task: {cd9cc8e4-3fe7-4c91-9811-b544ba41fb28} - kein Dateipfad. <==== ACHTUNG
Task: {cda07290-9bf6-4ee9-a02a-414af6017c69} - kein Dateipfad. <==== ACHTUNG
Task: {d084f7a6-d80a-4666-9651-00dd22c98b73} - kein Dateipfad. <==== ACHTUNG
Task: {d204c531-9a19-4659-a845-6e7116c62de7} - kein Dateipfad. <==== ACHTUNG
Task: {d25be5ea-cc62-4341-a3bf-722104900af1} - kein Dateipfad. <==== ACHTUNG
Task: {D6803D50-2A13-4273-976A-6FA77AD5C1EB} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1625436684
Task: {d68e3570-cd38-4a2e-91da-fe4aaa8e2556} - kein Dateipfad. <==== ACHTUNG
Task: {d6ea4f8e-86d0-4a09-b21b-9bc30d02a3e3} - kein Dateipfad. <==== ACHTUNG
Task: {d6efd2a4-13cd-42ff-9f02-847e62e1b115} - kein Dateipfad. <==== ACHTUNG
Task: {d8b8f4ed-b960-43a0-b4d7-c38210e4274b} - kein Dateipfad. <==== ACHTUNG
Task: {db225801-fb29-4ec3-8d85-e2cac88143c3} - kein Dateipfad. <==== ACHTUNG
Task: {dc352cda-eee8-4e7b-8a7f-e160813d5cb4} - kein Dateipfad. <==== ACHTUNG
Task: {dc62c5ca-b30e-4c66-a528-a4d730583a39} - kein Dateipfad. <==== ACHTUNG
Task: {ddbf1751-d24e-42df-95dc-2765e7973f1e} - kein Dateipfad. <==== ACHTUNG
Task: {e1e9d896-b193-4233-9bf8-208af2e91424} - kein Dateipfad. <==== ACHTUNG
Task: {e2018ac5-5de8-4809-a3f6-a5637e807e6d} - kein Dateipfad. <==== ACHTUNG
Task: {e3d06395-940b-4c10-8361-8757a1f70129} - kein Dateipfad. <==== ACHTUNG
Task: {e3e218be-ca5f-4a07-9d18-4169ae0f6126} - kein Dateipfad. <==== ACHTUNG
Task: {E484CABF-BDD8-4777-811D-BFB4FACBFAB3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2418357992-2173213262-1883250885-1001
Task: {ee6f00b9-08f7-4c59-98ed-cfdf4db14780} - kein Dateipfad. <==== ACHTUNG
Task: {f33d4706-ded7-44f6-83eb-98cc5d9e621f} - kein Dateipfad. <==== ACHTUNG
Task: {f57ebc75-47de-4b2d-9699-170e844b18ce} - kein Dateipfad. <==== ACHTUNG
Task: {f72bffa4-6f24-425f-a602-1b1c2104e5d9} - kein Dateipfad. <==== ACHTUNG
Task: {f7371c13-90a8-4a26-89d2-31a8969894bb} - kein Dateipfad. <==== ACHTUNG
Task: {F8285B74-E97F-4882-BE43-F19FBFC378F9} - System32\Tasks\Opera scheduled Autoupdate 1664313497
Task: {fa46fda0-c26a-4e04-b73e-2d34c84ad9fa} - kein Dateipfad. <==== ACHTUNG
Task: {fb50bc3d-9f89-4dcf-918a-c25bd3e9adc6} - kein Dateipfad. <==== ACHTUNG
Task: {fd806eca-4320-4eec-bd12-21bdbf78c14f} - kein Dateipfad. <==== ACHTUNG
Task: {ffa5da8a-a184-49fe-96d5-e1b38055399f} - kein Dateipfad. <==== ACHTUNG
Task: {F414150B-AAF9-4A8C-87E4-CAC9B71038AB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {AA8EBBF4-DC47-4608-A430-B3CE50E85536} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5131712 2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {FF0A273A-50D9-4E3D-904C-B298E3C8B4EA} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2096088 2018-01-04] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {A45CE2C7-6B48-4349-872A-6EFFE4AF1B8E} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1448408 2017-11-24] (ASUSTeK Computer Inc. -> )
Task: {8287D436-3798-4014-9206-D6A72CA4B8B3} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4417496 2017-11-24] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {E052EBF5-7458-440C-A479-8F17EFE82996} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [3646264 2014-05-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {F3ECBFC4-5C91-4388-8A10-0324E4AE23BB} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {1FCF8C12-D083-4D16-8BEC-4A9C7C0DAAB5} - System32\Tasks\AVG Secure VPN Update => C:\Program Files\AVG\Secure VPN\VpnUpdate.exe [1435584 2023-11-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {D040DB88-3554-42D1-933E-210B43A9712C} - System32\Tasks\AVG\AVG Antivirus Patcher => C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe [7523256 2023-12-05] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {5B591A5D-2D06-4DEB-8931-21CF58EF8421} - System32\Tasks\AVG\AVG Secure VPN Bug Report => C:\Program Files\AVG\Secure VPN\AvBugReport.exe [4845496 2023-11-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 12 --programpath "C:\Program Files\AVG\Secure VPN" --configpath "C:\ProgramData\AVG\Secure VPN" --path "C:\ProgramData\AVG\Secure VPN\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\Secure VPN\log" --guid 6a64cff7-7d7f-4442-8b06-9d (Der Dateneintrag hat 10 mehr Zeichen).
Task: {1021AA1E-5D96-4F77-A90E-10D65ED37FF3} - System32\Tasks\AVG\AVG Secure VPN Update => C:\Program Files\Common Files\AVG\Icarus\avg-vpn\icarus.exe [7116728 2023-11-06] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {E65A42D2-03AE-4019-BDBA-3FC4A4E446B7} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [4760376 2022-01-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --guid 0ecda659-4293-40dd-a13c-5843a3e3e0ea
Task: {CCD77423-548F-4F9B-86D5-A9FBFA4AC020} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [6500152 2022-01-18] () [Datei ist nicht signiert]
Task: {2ED9C832-2DEC-4391-9AAE-D737A55A93A2} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2181560 2023-08-11] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {F9FFF4CD-70C6-45FE-816D-9F2799888FAF} - System32\Tasks\BlueStacksHelper => X:\bluestaks\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {48A328DA-F293-4376-B5D7-1ED61161761B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {0A6B212E-9321-4B95-BEEC-E28839557F97} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "6fff7926-25e0-4a8b-8bf5-c1ee5dafeca9" --version "6.19.10858" --silent
Task: {CAAA30F4-C186-44B0-8440-B4FA367E1B0A} - System32\Tasks\CCleanerSkipUAC - Marvin => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {652AAA65-E396-45FC-9DE3-0CF026B7F816} - System32\Tasks\CCleanerSkipUAC - Tim => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {ADABE50A-69AC-458E-A166-10136728D9AA} - System32\Tasks\EXPERTool => C:\Program Files\EXPERTool\TBPanel.exe [3200824 2019-10-01] (GAINWARD TECHNOLOGY INT'L LIMITED -> Gainward Co. Ltd.)
Task: {799F7868-A517-46DF-9C16-760B94194DBE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-29] (Google Inc -> Google Inc.)
Task: {64270C35-BFC2-48A1-94E6-DF309DA3FC71} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-29] (Google Inc -> Google Inc.)
Task: {70F114BE-DAB8-45F7-8DC5-D5227CBC0D45} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {3586B9B9-B408-4EE8-B2C6-E29BF28899C7} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {67A8FC8F-2BF6-4247-8D9F-C02F1E35DF91} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [33947520 2021-06-15] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
Task: {1E3A79DB-606F-48D2-85D1-4271449E51EA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {F47D6ADD-EAB2-4B7E-AAA5-B8DD774D21B8} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [782320 2019-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {8A2809F6-9D14-43F4-AC23-62C564A1264E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {AF9E02EA-AE0B-4945-95FB-1723F4956F2A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {463DDF5A-67A8-4AA5-9480-17AA0375A3C9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BAFAD45-810E-45E7-9F7A-B63D4B31CB9E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {31DE3C54-A912-4FF5-B42C-BCEAE5A2A0E7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {12B026D9-3C69-40BF-A1B3-1DFF1799BA36} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {64018113-FC47-463C-AFDA-ED595B6E1062} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA762E68-DB2E-4028-BC5A-7CA10C4AC1FA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6C80720-5BBD-4E9C-9717-23D1049C2917} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4EEFED73-BBE8-4546-9949-1D91D4548D91} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2418357992-2173213262-1883250885-1001 => C:\Program Files (x86)\Real\RealPlayer\realupgrade.exe [129960 2022-08-25] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {12CB6759-63F2-4675-96EB-F783E27DB1BE} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2418357992-2173213262-1883250885-1001 => C:\Program Files (x86)\Real\RealPlayer\realupgrade.exe [129960 2022-08-25] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {9EC204AF-D19F-4B7B-A5FC-E57B786A6E16} - System32\Tasks\RTXVoice_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\NVIDIA RTX Voice.exe [5133296 2020-04-08] (NVIDIA Corporation -> Nvidia Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\gxx speed launcher.job => X:\Garena Ring of Elysium\Garena\Garena\Garena.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{345d741a-96f1-4bcf-a1a3-23bd110b1607}: [NameServer] 100.124.58.1
Tcpip\..\Interfaces\{421e292d-d30a-4c4d-a2a1-662d0e1196ce}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{421e292d-d30a-4c4d-a2a1-662d0e1196ce}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{421e292d-d30a-4c4d-a2a1-662d0e1196ce}\7416C616879702144303F55374548545: [DhcpNameServer] 192.168.66.103
Tcpip\..\Interfaces\{421e292d-d30a-4c4d-a2a1-662d0e1196ce}\D46444: [DhcpNameServer] 192.168.123.79
Tcpip\..\Interfaces\{4bf0b090-4606-44ba-9c2e-7d9a559a20b3}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}\0777E65646: [DhcpNameServer] 192.168.4.1
Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}\4556E646160254874756E6465627: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}\4556E646160254874756E6465627: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}\4556E64616F5548545: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}\64162797C496E6B6F5543403036443: [DhcpNameServer] 192.168.4.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Marvin\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-23]
Edge Session Restore: Default -> ist aktiviert.
Edge Extension: (Google Docs Offline) - C:\Users\Marvin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-29]
Edge Extension: (Edge relevant text changes) - C:\Users\Marvin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-25]
Edge Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Marvin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2023-12-13]
FireFox:
========
FF DefaultProfile: 5ivp05vd.default
FF ProfilePath: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default [2023-12-23]
FF NetworkProxy: Mozilla\Firefox\Profiles\5ivp05vd.default -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\5ivp05vd.default -> ist aktiviert.
FF Extension: (Ant Video downloader) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\anttoolbar@ant.com.xpi [2022-01-19]
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-07-05] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (Popupblocker) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\{05ce2135-ced2-4272-97b0-c00c00a93355}.xpi [2022-09-11]
FF Extension: (Slither.io Mods, Zoom, Unlock Skins, Bots) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\{6c7508bb-bf74-4b04-b41d-8d11872b0538}.xpi [2018-10-07]
FF Extension: (NoScript) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2023-12-20]
FF Extension: (Video DownloadHelper) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-08-26]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-26]
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2019-05-05] []
FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2019-05-05]
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @real.com/nppl3260;version=20.1.0.313 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2022-08-25] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=20.1.0.313 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2022-08-25] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2418357992-2173213262-1883250885-1001: @ipcocx.com/npipcam;version=1.0 -> C:\Program Files (x86)\Common Files\IPCOCX2.0\IPCCameraOCX\npipcam.dll [2019-09-17] () [Datei ist nicht signiert]
FF Plugin HKU\S-1-5-21-2418357992-2173213262-1883250885-1001: @ipcpbocx.com/npipcpb;version=1.0 -> C:\Program Files (x86)\Common Files\IPCOCX2.0\IPCCameraOCX\npipcpb.dll [2019-09-17] () [Datei ist nicht signiert]
FF Plugin HKU\S-1-5-21-2418357992-2173213262-1883250885-1001: webnp/nsstPlugin -> C:\Users\Marvin\AppData\Roaming\WebPlugin\npnsstPlugin.dll [2016-03-15] (webnp) [Datei ist nicht signiert]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default [2023-12-23]
CHR Notifications: Default -> hxxps://motheremutand.info; hxxps://rp-online.de; hxxps://www.auto-motor-und-sport.de; hxxps://www.autoscout24.de; hxxps://www.derwesten.de; hxxps://www.motor-talk.de
CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={A700F133-A495-4473-B9C3-56562EB2A93D}&mid=caf5dca0807947d28ff96d4c05ef2980-9b0c7dac13d189ad8797740668000eb7c4477c1b&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-18 14:17:46&v=18.0.0.248&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (ProxFlow) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2021-05-11]
CHR Extension: (Google Übersetzer) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22]
CHR Extension: (Pop-up-Blocker für Chrome™ - Poper Blocker) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2023-12-18]
CHR Extension: (Honey: Automatische Coupons & Prämien) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-12-15]
CHR Extension: (Steam Inventory Helper) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2023-12-22]
CHR Extension: (Video Downloader Professional) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2023-04-19]
CHR Extension: (MyJDownloader Browser Erweiterung) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-06-28]
CHR Extension: (Mino (früher Minty) - Automatische Coupons) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fefnkplkicihcoenmljhbihhaaagjhpp [2023-12-12]
CHR Extension: (Google Docs Offline) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-12-13]
CHR Extension: (LetyShops — Cashback Service) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lphicbbhfmllgmomkkhjfkpbdlncafbn [2023-08-24]
CHR Extension: (Coupert - Coupon Assistent & Cashback) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2023-12-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Spam Them Back) - C:\Users\Marvin\Music\youve-got-spam [2022-07-15]
CHR Profile: C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-05-30]
CHR Profile: C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-03]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2019-05-05]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2019-05-05]
Opera:
=======
OPR Profile: C:\Users\Marvin\AppData\Roaming\Opera Software\Opera Stable [2023-11-05]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Marvin\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-10-27]
OPR Extension: (Opera Wallet) - C:\Users\Marvin\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-09-16]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Marvin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-09-27]
StartMenuInternet: (HKU\S-1-5-21-2418357992-2173213262-1883250885-1002) Opera GXStable - "C:\Users\Tim\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 Agent; C:\Program Files\Agent\Agent.exe [9797560 2021-02-01] (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-06-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2017-06-29] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert]
R2 ASUS LED Control Service; C:\Program Files (x86)\ASUSTeK Computer Inc\AURA\AsLedService.exe [296240 2016-06-01] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Datei ist nicht signiert]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [1340376 2017-12-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [789952 2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [2408384 2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [1194424 2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [9090496 2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-05-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-09-01] (BattlEye Innovations e.K. -> )
S2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [13745976 2022-01-19] () [Datei ist nicht signiert]
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel(R) Driver & Support Assistant -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136040 2023-06-10] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-01-13] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [Datei ist nicht signiert]
R2 FoxitReaderUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitReaderUpdateService.exe [2357864 2020-08-31] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-09-12] (FUTUREMARK INC -> Futuremark)
S3 GalaxyClientService; D:\GOG Galaxy\GalaxyClientService.exe [2350048 2023-11-10] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-08-24] (GOG sp. z o.o -> GOG.com)
R2 GarenaPlatform; X:\Garena Ring of Elysium\Garena\Garena\2.0.1812.2810\gxxsvc.exe [320520 2018-12-28] (Garena Online Pte Ltd -> Garena Online)
U2 HiPatchService; E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-03-01] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 HnGSteamService; D:\steam\steamapps\common\Heroes & Generals\hngservice.exe [788776 2021-04-03] (Reto-Moto ApS -> Reto-Moto ApS) [Datei ist nicht signiert]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 luminati_net_updater_win_earnapp_com; C:\Program Files (x86)\EarnApp\net_updater32.exe [9123416 2022-09-05] (Bright Data Ltd -> BrightData Ltd. (certified))
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9405400 2023-12-23] (Malwarebytes Inc. -> Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe [1274992 2023-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2018-04-21] (Even Balance, Inc. -> )
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [98624 2020-07-22] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-07-22] (ProtonVPN AG -> )
R2 QMEmulatorService; X:\TxGameAssistant\AppMarket\QMEmulatorService.exe [198736 2020-08-15] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [447080 2019-07-24] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943240 2019-07-24] (Razer USA Ltd. -> Razer Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [38856 2022-07-05] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [991176 2022-08-25] (RealNetworks, Inc. -> RealNetworks, Inc.)
S3 Rockstar Service; G:\Launcher\RockstarService.exe [1244144 2023-06-30] (Rockstar Games, Inc. -> Rockstar Games)
R2 RTUsbSwSrvc; C:\WINDOWS\RTUWPSrvcMain.exe [956816 2023-01-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 SecureVPN; C:\Program Files\AVG\Secure VPN\VpnSvc.exe [11227072 2023-11-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WifiAutoInstallSrv; C:\Program Files\TP-Link\WifiAutoInstall\WifiAutoInstallSrv.exe [141368 2021-02-08] (Realtek Semiconductor Corp. -> Realtek)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [22192 2015-10-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-06-29] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-25] (ASUSTeK Computer Inc. -> )
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [243176 2023-12-22] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [394048 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [298024 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [96616 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [26096 2023-11-17] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [39792 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [276888 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [561928 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [105392 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [80568 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [952896 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [711696 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R3 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [213336 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
S3 avgTap; C:\WINDOWS\System32\drivers\avgTap.sys [54888 2018-09-05] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [319712 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
S3 avgVpnRdr; C:\WINDOWS\System32\drivers\avgVpnRdr.sys [76552 2023-07-30] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R3 avgWintun; C:\WINDOWS\System32\drivers\avgWintun.sys [51712 2022-12-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgWireGuard; C:\WINDOWS\System32\drivers\avgWireguard.sys [499048 2022-08-17] (AVG Technologies USA, LLC -> WireGuard LLC)
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-10-25] (Bluestack Systems, Inc. -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [74872 2023-02-28] (Microsoft Windows Hardware Compatibility Publisher -> wch.cn)
S3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45968 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21904 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 CYUSB3; C:\WINDOWS\System32\Drivers\CYUSB3.sys [62648 2014-09-18] (Cypress Semiconductor Technology India Pvt Ltd. -> Cypress Semiconductor)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 gdrv3; C:\WINDOWS\gdrv3.sys [36352 2023-10-24] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2017-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-05-07] (Logitech Inc -> Logitech Inc.)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [315232 2023-09-26] (MyTestCertificate -> Oracle Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-06-27] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2017-06-27] (Logitech -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222784 2023-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-12-23] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2023-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2023-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2023-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188008 2023-12-23] (Malwarebytes Inc. -> Malwarebytes)
R2 mi2c; C:\WINDOWS\system32\drivers\mi2c.sys [20784 2017-08-27] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2021-07-17] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 rtwlanu6; C:\WINDOWS\System32\drivers\rtwlanu6.sys [7487408 2023-01-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer USA Ltd. -> Razer Inc)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R1 SvThLSNS; C:\Program Files (x86)\SAVITECH\SVLoadSense\x64\SvThLSNS.sys [15184 2015-09-21] (Savitech Corp. -> Windows (R) Win 7 DDK provider)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S3 TESMON; C:\WINDOWS\system32\drivers\TesMon.sys [2133640 2018-07-24] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [812208 2020-05-09] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2020-01-16] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 UniSafe; C:\WINDOWS\system32\drivers\UniSafe.sys [581912 2020-07-03] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49664 2022-07-13] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-02] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-02] (Microsoft Windows -> Microsoft Corporation)
S3 X6va064; C:\WINDOWS\SysWOW64\Drivers\X6va064 [29000 2017-10-07] (Wiselogic Co., Ltd. -> )
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation)
S3 ALSysIO; \??\C:\Users\Tim\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
U3 avgArDisk; kein ImagePath
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-12-23 21:27 - 2023-12-23 21:29 - 000117167 ____C C:\Users\Marvin\Desktop\Addition.txt
2023-12-23 21:25 - 2023-12-23 21:35 - 000069987 ____C C:\Users\Marvin\Desktop\FRST.txt
2023-12-23 21:25 - 2023-12-23 21:35 - 000000000 ____D C:\FRST
2023-12-23 21:24 - 2023-12-23 21:24 - 002387456 ____C (Farbar) C:\Users\Marvin\Desktop\FRST64.exe
2023-12-23 21:11 - 2023-12-23 21:11 - 000188008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-12-23 21:10 - 2023-12-23 21:10 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-12-23 21:07 - 2023-12-23 21:11 - 000000000 ___DC C:\Users\Marvin\AppData\Local\Malwarebytes
2023-12-23 19:00 - 2023-12-23 19:00 - 009798776 ____C (ESET) C:\Users\Marvin\Desktop\eset_smart_security_premium_live_installer.exe
2023-12-23 18:39 - 2023-12-23 18:39 - 000000000 ___HD C:\ProgramData\DNTException
2023-12-23 18:37 - 2023-12-23 18:37 - 000000000 ___DC C:\Users\Marvin\AppData\Roaming\notepadServer
2023-12-23 18:36 - 2023-12-23 18:36 - 000000000 ____D C:\ProgramData\Macrium
2023-12-22 14:22 - 2023-12-21 14:40 - 000314304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2023-12-18 17:51 - 2023-12-18 17:51 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2023-12-18 17:46 - 2023-12-08 02:23 - 001487368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-12-18 17:46 - 2023-12-08 02:23 - 001424064 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-12-18 17:46 - 2023-12-08 02:23 - 001424064 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-12-18 17:46 - 2023-12-08 02:23 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-12-18 17:46 - 2023-12-08 02:23 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-12-18 17:46 - 2023-12-08 02:23 - 001227288 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-12-18 17:46 - 2023-12-08 02:23 - 000850616 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-12-18 17:46 - 2023-12-08 02:23 - 000850616 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-12-18 17:46 - 2023-12-08 02:23 - 000731320 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-12-18 17:46 - 2023-12-08 02:23 - 000731320 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-12-18 17:45 - 2023-12-08 02:19 - 000957960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-12-18 17:45 - 2023-12-08 02:19 - 000670232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2023-12-18 17:45 - 2023-12-08 02:19 - 000505480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2023-12-18 17:45 - 2023-12-08 02:18 - 012375688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-12-18 17:45 - 2023-12-08 02:18 - 002170992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-12-18 17:45 - 2023-12-08 02:18 - 001624712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-12-18 17:45 - 2023-12-08 02:18 - 001541256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-12-18 17:45 - 2023-12-08 02:18 - 001198728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-12-18 17:45 - 2023-12-08 02:18 - 000997512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-12-18 17:45 - 2023-12-08 02:18 - 000810096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-12-18 17:45 - 2023-12-08 02:18 - 000773744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-12-18 17:45 - 2023-12-08 02:18 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-12-18 17:45 - 2023-12-08 02:17 - 015095408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-12-18 17:45 - 2023-12-08 02:17 - 006462600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-12-18 17:45 - 2023-12-08 02:17 - 005862512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-12-18 17:45 - 2023-12-08 02:17 - 005861000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-12-18 17:45 - 2023-12-08 02:17 - 003620488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-12-18 17:45 - 2023-12-08 02:17 - 000853640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-12-18 17:45 - 2023-12-08 02:16 - 006745768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-12-18 17:45 - 2023-12-07 00:05 - 000113947 _____ C:\WINDOWS\system32\nvinfo.pb
2023-12-17 18:02 - 2023-12-17 18:02 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-16 00:14 - 2023-12-16 00:14 - 000000718 ____C C:\Users\Marvin\Desktop\Ready or Not.lnk
2023-12-16 00:14 - 2023-12-16 00:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ready or Not
2023-12-13 16:40 - 2023-12-13 16:40 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-13 16:31 - 2023-12-13 16:31 - 000000000 ___HD C:\$WinREAgent
2023-12-09 18:49 - 2023-12-09 18:49 - 000000947 ____C C:\Users\Marvin\Desktop\Starfield.exe.lnk
2023-12-09 15:40 - 2023-12-23 16:05 - 000000000 ___DC C:\Users\Marvin\.BigNox
2023-12-09 15:40 - 2023-12-09 15:40 - 000000670 ____C C:\Users\Marvin\Desktop\Multi-Drive.lnk
2023-12-09 15:40 - 2023-12-09 15:40 - 000000619 ____C C:\Users\Marvin\Desktop\Nox.lnk
2023-12-09 15:40 - 2023-12-09 15:40 - 000000000 ____D C:\Program Files (x86)\Bignox
2023-12-03 01:55 - 2023-12-03 01:55 - 000000000 ___DC C:\Users\Tim\AppData\Local\D3DSCache
2023-12-03 01:53 - 2023-12-03 01:53 - 000000000 ___DC C:\Users\Tim\AppData\Roaming\Real
2023-12-03 01:53 - 2023-12-03 01:53 - 000000000 ___DC C:\Users\Tim\AppData\Local\Real
2023-12-03 01:52 - 2023-12-03 01:53 - 000000000 ___DC C:\Users\Tim\AppData\Roaming\Greenshot
2023-12-03 01:52 - 2023-12-03 01:52 - 000000000 ___DC C:\Users\Tim\AppData\LocalLow\NVIDIA
2023-12-03 01:52 - 2023-12-03 01:52 - 000000000 ___DC C:\Users\Tim\AppData\Local\NVIDIA
2023-12-03 01:52 - 2023-12-03 01:52 - 000000000 ___DC C:\Users\Tim\AppData\Local\Greenshot
2023-12-01 20:04 - 2023-12-23 18:25 - 000002194 ____C C:\Users\Marvin\Desktop\WeMod.lnk
2023-12-01 20:04 - 2023-12-23 18:25 - 000000000 ___DC C:\Users\Marvin\AppData\Local\WeMod
2023-12-01 20:04 - 2023-12-01 20:04 - 000144416 ____C (WeMod LLC) C:\Users\Marvin\Downloads\Ready Or Not Trainer Setup.exe
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-12-23 21:35 - 2017-06-29 07:16 - 000000000 ___DC C:\Users\Marvin\AppData\Roaming\NetSpeedMonitor
2023-12-23 21:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-23 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-23 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-23 21:17 - 2020-09-20 14:52 - 000000000 ____D C:\Program Files\Process Hacker 2
2023-12-23 21:17 - 2020-08-28 17:16 - 000000000 ___DC C:\Users\Tim\Downloads\chams
2023-12-23 21:17 - 2020-08-28 16:09 - 000000000 ___DC C:\Users\Tim\Downloads\1tapgang
2023-12-23 21:17 - 2017-12-30 14:53 - 000000000 __RDC C:\Users\Marvin\Desktop\Desktop datein
2023-12-23 21:15 - 2020-07-05 15:31 - 001722788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-23 21:15 - 2020-02-19 23:09 - 000000000 ___DC C:\Users\Marvin\AppData\LocalLow\IGDump
2023-12-23 21:15 - 2019-12-07 15:50 - 000743708 _____ C:\WINDOWS\system32\perfh007.dat
2023-12-23 21:15 - 2019-12-07 15:50 - 000150130 _____ C:\WINDOWS\system32\perfc007.dat
2023-12-23 21:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-12-23 21:10 - 2021-12-17 02:29 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-12-23 21:10 - 2020-09-19 22:24 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-12-23 21:10 - 2017-06-29 07:09 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-23 21:09 - 2022-08-25 12:51 - 000003592 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2418357992-2173213262-1883250885-1001
2023-12-23 21:09 - 2022-08-25 12:51 - 000003532 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2418357992-2173213262-1883250885-1001
2023-12-23 21:09 - 2021-07-19 16:26 - 000000000 ____D C:\ProgramData\NVIDIA
2023-12-23 21:09 - 2020-07-05 15:32 - 000003144 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2023-12-23 21:09 - 2018-11-23 00:19 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-12-23 21:09 - 2018-11-23 00:19 - 000000000 ____D C:\Program Files\Malwarebytes
2023-12-23 21:08 - 2022-01-02 00:13 - 000003974 _____ C:\WINDOWS\system32\Tasks\AVG Secure VPN Update
2023-12-23 21:08 - 2020-07-05 15:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-23 21:08 - 2017-06-29 07:06 - 000000000 ____D C:\ProgramData\Avg
2023-12-23 21:07 - 2023-09-02 22:01 - 000000000 ____D C:\WINDOWS\RTUWPSrvcMain
2023-12-23 21:07 - 2021-02-06 16:58 - 000239576 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2023-12-23 21:07 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-12-23 21:06 - 2019-08-24 22:00 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2023-12-23 21:04 - 2020-07-05 15:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-23 20:37 - 2020-07-05 15:32 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2023-12-23 20:37 - 2020-07-05 15:32 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-12-23 19:33 - 2022-11-07 21:20 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-12-23 19:33 - 2017-06-29 07:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-12-23 19:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-12-23 18:49 - 2020-05-16 20:47 - 000000000 ___DC C:\Users\Marvin\AppData\Roaming\WeMod
2023-12-23 18:42 - 2018-05-18 20:57 - 000000000 ___DC C:\Users\Marvin\AppData\Local\Avg
2023-12-23 18:40 - 2017-06-30 15:09 - 000000000 ___HD C:\ProgramData\Intel
2023-12-23 18:33 - 2023-06-10 19:00 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-23 18:33 - 2023-06-10 19:00 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-23 18:33 - 2023-06-10 19:00 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-23 18:33 - 2023-06-10 19:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-23 18:33 - 2023-06-10 19:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-23 18:33 - 2023-06-10 19:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-23 18:33 - 2023-06-10 19:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-23 18:33 - 2023-06-10 19:00 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-23 18:33 - 2023-06-10 19:00 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-12-23 18:33 - 2022-11-07 21:20 - 000002954 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-12-23 18:33 - 2021-09-17 17:57 - 000002256 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Marvin
2023-12-23 18:33 - 2020-08-27 02:36 - 000003682 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-12-23 18:33 - 2020-08-27 02:36 - 000003458 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-12-23 18:33 - 2020-07-05 15:32 - 000003568 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-12-23 18:33 - 2020-07-05 15:32 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-12-23 18:33 - 2020-07-05 15:32 - 000003344 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-12-23 18:33 - 2020-07-05 15:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2023-12-23 18:28 - 2023-06-10 19:28 - 000000000 ___DC C:\Users\Marvin\AppData\Local\D3DSCache
2023-12-23 18:25 - 2020-05-16 18:32 - 000000000 ___DC C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2023-12-23 17:57 - 2022-08-08 16:42 - 000000298 ____C C:\Users\Marvin\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2023-12-23 17:57 - 2020-07-05 15:24 - 000000000 ___DC C:\Users\Marvin
2023-12-23 17:57 - 2018-03-21 09:05 - 000000000 ___DC C:\Users\Marvin\vmlogs
2023-12-23 17:57 - 2018-03-21 09:04 - 000000000 ___DC C:\Users\Marvin\AppData\Local\Nox
2023-12-23 17:54 - 2021-03-13 02:24 - 000000000 ___DC C:\Users\Marvin\AppData\Roaming\vlc
2023-12-23 16:57 - 2020-12-25 21:36 - 000000000 ___DC C:\Users\Marvin\AppData\Roaming\XuanZhi
2023-12-23 16:50 - 2022-02-15 22:24 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-12-23 16:49 - 2017-06-29 07:11 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-12-23 16:48 - 2020-12-25 21:41 - 000000000 ___DC C:\Users\Marvin\.Ld2VirtualBox
2023-12-23 16:06 - 2018-02-26 11:25 - 000000000 ___DC C:\Users\Marvin\.android
2023-12-23 16:05 - 2020-01-22 23:19 - 000000000 ___DC C:\Users\Marvin\AppData\Local\NoxSrv
2023-12-23 14:19 - 2020-08-27 02:36 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-22 14:32 - 2017-06-29 07:10 - 000002329 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-22 14:22 - 2020-05-02 14:17 - 000243176 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2023-12-22 14:22 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-12-21 14:40 - 2020-10-19 17:09 - 000276888 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2023-12-21 14:40 - 2020-05-02 14:17 - 000952896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2023-12-21 14:40 - 2020-05-02 14:17 - 000711696 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2023-12-21 14:40 - 2020-05-02 14:17 - 000561928 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2023-12-21 14:40 - 2020-05-02 14:17 - 000394048 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2023-12-21 14:40 - 2020-05-02 14:17 - 000319712 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2023-12-21 14:40 - 2020-05-02 14:17 - 000298024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2023-12-21 14:40 - 2020-05-02 14:17 - 000105392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2023-12-21 14:40 - 2020-05-02 14:17 - 000096616 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2023-12-21 14:40 - 2020-05-02 14:17 - 000080568 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2023-12-21 14:40 - 2020-05-02 14:17 - 000039792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2023-12-21 14:25 - 2023-07-16 17:13 - 000000000 ___DC C:\Users\Marvin\AppData\Local\Greenshot
2023-12-18 17:51 - 2021-07-20 08:32 - 000000000 ___DC C:\Users\Marvin\AppData\Local\NVIDIA
2023-12-18 17:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-17 18:13 - 2017-06-29 07:30 - 000000000 ___DC C:\Users\Marvin\AppData\Local\CrashDumps
2023-12-17 18:04 - 2017-10-20 14:17 - 000000000 ___DC C:\Users\Marvin\AppData\Local\Packages
2023-12-17 18:03 - 2020-07-05 15:22 - 000340240 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-17 18:03 - 2018-02-26 21:30 - 000000000 ____D C:\Program Files\CCleaner
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-17 18:02 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-12-15 23:51 - 2021-04-24 00:24 - 000000000 ___DC C:\Users\Marvin\AppData\Local\JDownloader 2.0
2023-12-13 16:42 - 2019-12-07 15:54 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-12-13 16:42 - 2019-12-07 15:54 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2023-12-13 16:40 - 2020-07-05 15:24 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-12-09 15:52 - 2023-09-22 19:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]
2023-12-09 15:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2023-12-08 02:16 - 2023-07-15 21:05 - 007869576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-12-03 02:00 - 2020-07-05 15:24 - 000000000 ___DC C:\Users\Tim
2023-12-03 01:54 - 2021-08-03 21:12 - 000000000 ___DC C:\Users\Tim\AppData\Local\NVIDIA Corporation
2023-12-03 01:54 - 2019-09-14 14:25 - 000000000 ___DC C:\Users\Tim\AppData\Local\PlaceholderTileLogoFolder
2023-12-03 01:54 - 2019-09-13 17:32 - 000000000 ___DC C:\Users\Tim\AppData\Local\Publishers
2023-12-03 01:54 - 2019-09-13 17:32 - 000000000 ___DC C:\Users\Tim\AppData\Local\Packages
2023-12-03 01:52 - 2019-09-13 17:32 - 000002328 ____C C:\Users\Tim\Desktop\Google Chrome.lnk
2023-12-01 20:04 - 2017-06-30 18:05 - 000000000 ___DC C:\Users\Marvin\AppData\Local\SquirrelTemp
2023-11-28 14:45 - 2018-07-11 15:39 - 000000000 ____D C:\ProgramData\Packages
2023-11-28 14:45 - 2018-05-28 08:26 - 000000000 ___DC C:\Users\Marvin\AppData\Local\PlaceholderTileLogoFolder
2023-11-28 14:45 - 2017-06-29 06:49 - 000000000 ___DC C:\Users\Marvin\AppData\Local\Publishers
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-12-25 21:41 - 2020-12-25 21:41 - 000000068 ____C () C:\Users\Marvin\AppData\Roaming\changzhi_leidian.data
2021-11-08 20:21 - 2021-11-08 20:21 - 000000128 ____C () C:\Users\Marvin\AppData\Roaming\changzhi_leidianmac.data
2021-01-14 19:58 - 2021-01-14 19:58 - 000000068 ____C () C:\Users\Marvin\AppData\Roaming\changzhi_mplayer.data
2017-08-29 00:18 - 2017-08-29 00:22 - 000000600 ____C () C:\Users\Marvin\AppData\Roaming\winscp.rnd
2023-01-04 23:17 - 2023-01-04 23:20 - 000000053 ____C () C:\Users\Marvin\AppData\Roaming\~SiMPLEX.ini
2021-07-22 03:34 - 2021-07-22 03:37 - 001065984 ____C () C:\Users\Marvin\AppData\Local\file__0.localstorage
2017-07-06 16:24 - 2017-09-24 02:41 - 000000600 ____C () C:\Users\Marvin\AppData\Local\PUTTY.RND
2020-02-10 10:35 - 2020-02-10 10:35 - 000002172 ____C () C:\Users\Marvin\AppData\Local\recently-used.xbel
2018-04-10 12:02 - 2020-12-29 17:39 - 000007603 ____C () C:\Users\Marvin\AppData\Local\resmon.resmoncfg
2020-02-23 18:53 - 2021-05-28 15:43 - 000000070 ____C () C:\Users\Marvin\AppData\Local\update_progress.txt
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Geändert von Marvin255 (23.12.2023 um 22:09 Uhr) |
| Themen zu Trojaner oobe-maintenance ? |
| 192.168.0.2, antivirus, blockiert, cid, downloader, firefox, google, home, homepage, installation, internet, mozilla, programm, prozesse, realtek, rundll, scan, security, software, spam, svchost.exe, trojaner, usb, virus, windows |
Baum-Darstellung