Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner

Estellarita · 03.02.2024, 20:21

Hallo liebes Trojaner-Board-Team,

ich habe aktuell folgende Probleme mit meinem Desktop-PC und würde gern wissen, ob diese von einem Virenbefall herrühren und erbitte herzlich eure Unterstützung bei einer Lösung:

Es gab einen Bluescreen einer Systemdatei von Bitdefender, im abgesicherten Modus ließ sich Bitdefender nicht deinstallieren. Die Installation von Avast funktionierte auch nicht und startete erst gar nicht.

Chrome ist sehr langsam geworden, der Adobe Acrobat Reader hängt sich auf.

Hier kommt mein erstes Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.02.2024 01
Ran by ***** (administrator) on GAMERSDREAM (ASUS All Series) (03-02-2024 19:22:21)
Running from D:\*****\Downloads\FRST64.exe
Loaded Profiles: *****
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.863.1\DropboxCrashHandler.exe
(C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe ->) (Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ->) () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Corsair\Corsair iCUE5 Software\crashpad_handler.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\Tablet\Wacom\WacomHost.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(C:\Users\*****\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\*****\AppData\Local\WebEx\WebEx64\Meetings\atmgr.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\*****\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (Elgato Systems -> Elgato Systems) C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(explorer.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\NordVPN.exe
(explorer.exe ->) (ownCloud GmbH -> Hochschulcloud NRW) C:\Program Files\sciebo\sciebo.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <14>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Users\*****\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) () [File not signed] C:\Windows\SysWOW64\ASGT.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\SSDGames\Origin\OriginWebHelperService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe <2>
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(svchost.exe ->) () [File not signed] C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2311.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634288 2014-06-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15818872 2016-04-28] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [Corsair iCUE5 Software] => C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE Launcher.exe [184872 2024-01-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11551456 2024-01-23] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134480 2016-06-16] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2044576 2023-12-13] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.2.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.2.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [f.lux] => C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe [1528952 2024-01-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [Remote Control Editor] => C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe [1709128 2010-12-01] (Elgato Systems -> Elgato Systems)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\*****\AppData\Local\WebEx\WebexHost.exe [8083040 2023-12-29] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [sciebo] => C:\Program Files\sciebo\sciebo.exe [2761968 2023-03-09] (ownCloud GmbH -> Hochschulcloud NRW)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [MicrosoftEdgeAutoLaunch_17A34A7C34F79183F7BAA79A2292B9BF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.2.0\GoogleDriveFS.exe --startup_mode (No File)
HKLM\...\Windows x64\Print Processors\hpcpp103: C:\Windows\System32\spool\prtprocs\x64\hpcpp103.dll [323584 2010-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5200 series: CNMLMAE.DLL (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.140\Installer\chrmstp.exe [2024-02-03] (Google LLC -> Google LLC)
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {222D2B30-5017-47B9-83D1-F0C8C2595703} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3AD919EF-AFD7-4C4E-8FFA-9DD2EA85B425} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4103BC26-BD25-4B43-B289-B1EA0A7389DA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {60C92016-7909-4E9C-8D8F-BC4D142AE7EF} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {6BD4B6D4-9649-4EB3-9B55-C72E44FE3EFE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {6F46EC32-B8B5-484F-9013-77076D91121A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {766F49B6-4211-4DC6-8554-29598DB5F065} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {7BEF5DA8-60A0-44E6-89AE-92072D51998E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7F454799-7FDE-45B1-9B10-9EF677B86F39} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {8329FC0B-1F1D-4170-8455-A4607E5ED161} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {842CE08D-D006-4774-90DB-37C14814EF56} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {89EF0E20-E0A3-4BB6-95A9-D0F554453FCA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A8BD2F32-A862-4FB9-923D-3AFD961D35DD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B87C2B36-408E-4110-B5EE-1E45D05D4CFF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {BDB6EED7-B636-4508-B668-A6DD7C65118A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D19FC15F-2682-4294-8E0E-CC3DD500ACC8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {83C35DDA-CFAD-43B7-8AF3-20A003FA81F5} - System32\Tasks\{F8359AD5-9055-4E94-9C87-4389B0362F66} => C:\Windows\system32\pcalua.exe [53760 2023-11-16] (Microsoft Windows -> Microsoft Corporation) -> -a L:\Drivers\TERRATEC_H6\TERRATEC_H6_5.09.1202.00_All.exe -d L:\Drivers\TERRATEC_H6
Task: {313099FE-BED2-4EF8-AC45-19C239161262} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {1DD0B790-7251-4B3F-BB78-4741DAD3C1B0} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1134752 2014-03-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {C89DEBDC-356D-4086-9E71-34FE4956EE7D} - System32\Tasks\avfree.migration => C:\Program Files\Bitdefender Antivirus Free\migration_tool\avfree.migration.exe  /run (No File)
Task: {63E392E8-C5BF-4119-85E0-DBFCDE5AF6DB} - System32\Tasks\Avira_Security_Installation => C:\Users\*****\AppData\Local\Temp\.CR.12953\Avira.Spotlight.Bootstrapper.Runner.exe  -> "C:\Users\*****\AppData\Local\Temp\.CR.12953\avira_de_sptl1_6710f75b3920d603__pavwws-spotlight-release(1).exe" RunMode=Resume <==== ATTENTION
Task: {D11E84AA-4914-4DC9-89CE-1CD776182827} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.266\WatchDog.exe  repair (No File)
Task: {CFEDA587-6692-4B6B-BE99-6E8BC0D01C06} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {B632DA8F-C083-4E1A-B992-407CE1C5384A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7C48D885-CDD7-47A3-BA07-F38E8E8AF61C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "c0bfa995-7ddc-495e-8130-f4fe434587bc" --version "6.20.10897" --silent
Task: {8269B225-A78C-44C9-8C85-F78FA5476C7A} - System32\Tasks\CCleanerSkipUAC - ***** => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {245C00E6-BC03-486C-B50F-E2691719D71B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0E6266FB-C8BE-4C98-99C9-0DCDD953869E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D4DFED7C-6607-457E-BC26-7DF065AEC6DC} - System32\Tasks\G2MUpdateTask-S-1-5-21-392073570-3050404753-1078137296-1001 => C:\Users\*****\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {470C4DE9-088C-4763-8707-FEA4C5E5B8AE} - System32\Tasks\G2MUploadTask-S-1-5-21-392073570-3050404753-1078137296-1001 => C:\Users\*****\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {24BC465C-E8BD-428A-8915-F3919F6C7781} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem123.0.6268.0{49946B6C-67D2-4605-954A-267D4B95A0DC} => C:\Program Files (x86)\Google\GoogleUpdater\123.0.6268.0\updater.exe [4638496 2024-01-27] (Google LLC -> Google LLC) <==== ATTENTION
Task: {D36FFCDD-26FD-4BB3-BD89-8F2D28C76252} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {571F2D2E-F7A0-4A55-ACAA-5FC7703250CB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {D3434C23-75B5-43A8-B566-1D447CFB3F3B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {04D89E14-1B4E-4869-9924-DB417990102C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {93BFED16-3EAD-41B4-B713-64ECD6753D1B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {1C5DF052-AFCC-4C61-BE79-3A3491AB1CF5} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => %ProgramFiles%\rempl\remsh.exe  /RunUsoScanOnly (No File)
Task: {1C32FF9D-5BFC-40AA-9CEB-03D99B68B07F} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {310A6A84-388A-4596-81E6-F3AA01B0ACC8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55AFA7DA-A3FA-49A5-961A-16CE1CF5421F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {288D5A7B-5DA2-49E1-AB7F-33A5CDD36E4A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9FC2B33F-AEE5-4CCA-8569-AD74BE8A6314} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe  join (No File)
Task: {86222EED-431D-481E-8510-327E264DB06F} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34720 2024-01-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {B98363ED-49AA-422E-A124-42FFF86906AD} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [565760 2014-12-06] () [File not signed]
Task: {5AE1E238-98F3-40D0-83D4-4867FC683214} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {06B47ABE-5CF5-47AE-8F5C-26E8D43A348C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B39873B4-6909-42A9-ADB5-5078DD2B8A27} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8B392967-34CD-41FE-B02F-50B16C0C7802} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87A98A1F-91E3-4582-9F7C-39683B5EBBA0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C31E672F-54C2-453F-83D9-DC72FF9C6DB2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CAC92F13-2EF2-44A0-AADB-92B9F6966952} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9CBA9B83-9603-4BEE-8423-B2ECD8A0E4A0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6DCCFC3E-B27A-451C-B3EE-5EB0DA7AF94E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-392073570-3050404753-1078137296-1001.job => C:\Users\*****\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-392073570-3050404753-1078137296-1001.job => C:\Users\*****\AppData\Local\GoToMeeting\19950\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [{DC8AD2A9-03C9-41B8-8605-112665C72711}] => hxxp://www.ub.fernuni-hagen.de/proxy.pac <==== ATTENTION
AutoConfigURL: [S-1-5-21-392073570-3050404753-1078137296-1001] => hxxp://www.ub.fernuni-hagen.de/proxy.pac <==== ATTENTION
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c8d7a077-453d-4bf7-81f8-a8bb43e82d3c}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c8d7a077-453d-4bf7-81f8-a8bb43e82d3c}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c8d7a077-453d-4bf7-81f8-a8bb43e82d3c}: [DhcpDomain] local
ManualProxies: 0hxxp://www.ub.fernuni-hagen.de/proxy.pac <==== ATTENTION

Edge: 
=======
Edge Profile: C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-03]
Edge Extension: (Google Docs Offline) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-19]
Edge Extension: (Edge relevant text changes) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: jfy09e47.default-1423303358260
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260 [2024-02-03]
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\user.js [2016-07-08]
FF DownloadDir: C:\Downloads
FF Homepage: Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260 -> hxxps://www.finanzen.net/
FF NetworkProxy: Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260 -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260 -> hxxps://www.youtube.com; hxxps://outlook.office.com
FF Extension: (Open Livestreamer) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\jid1-Y6BhyMM8GoZ3eA@jetpack.xpi [2016-01-12] [Legacy]
FF Extension: (Language: Deutsch (German)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\langpack-de@firefox.mozilla.org.xpi [2024-01-26]
FF Extension: (Tab Session Manager) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\Tab-Session-Manager@sienori.xpi [2023-09-14]
FF Extension: (uBlock Origin) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\uBlock0@raymondhill.net.xpi [2024-01-08]
FF Extension: (Black Gray White / desktop, mobile) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{053711cb-beef-49ad-851f-d551298096ab}.xpi [2019-05-13]
FF Extension: (Session Manager) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2017-01-31] [Legacy]
FF Extension: (Homer Sleeping) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{50069e20-08e2-4e5b-88a1-f70559be77e5}.xpi [2019-05-13]
FF Extension: (Black Abstract Fox) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{7328e8aa-d9b1-4257-a7e1-5b48ab280a88}.xpi [2019-05-13]
FF Extension: (Video Speed Controller) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{7be2ba16-0f1e-4d93-9ebc-5164397477a9}.xpi [2021-04-12]
FF Extension: (DNS Flusher) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{7d575baa-b543-11dc-8314-0800200c9a66}.xpi [2016-03-22] [Legacy]
FF Extension: (Blue Cookie Monster) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{97303cb3-42c8-44af-b940-d3d1bd92b628}.xpi [2019-05-13]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-01-27]
FF Extension: (Dark Fox) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2019-05-13]
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\searchplugins\zonealarm.xml [2016-07-08]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2024-02-02]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-01-25]
CHR Extension: (Avira Browserschutz) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-10-26]
CHR Extension: (Google Docs Offline) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-15]
CHR Extension: (SuperNova SWF Enabler) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhmphnocemakkjdampibehejoaleebpo [2022-09-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-392073570-3050404753-1078137296-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-392073570-3050404753-1078137296-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mhmphnocemakkjdampibehejoaleebpo]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] (ASUSTeK Computer Inc. -> )
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairCpuIdService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe [240168 2024-01-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 CorsairDeviceListerService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe [152616 2024-01-07] (Corsair Memory, Inc. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-01-23] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2019-05-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-11-01] (Bayerisches Landesamt fuer Steuern -> )
S2 GoogleUpdaterInternalService123.0.6268.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6268.0\updater.exe [4638496 2024-01-27] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService123.0.6268.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6268.0\updater.exe [4638496 2024-01-27] (Google LLC -> Google LLC) <==== ATTENTION
R3 iCUEUpdateService; C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe [366120 2024-01-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-28] (Logitech Inc -> Logitech Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [320088 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
S3 Origin Client Service; C:\SSDGames\Origin\OriginClientService.exe [2556048 2021-08-28] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\SSDGames\Origin\OriginWebHelperService.exe [3474584 2021-08-28] (Electronic Arts, Inc. -> Electronic Arts)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-11-28] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1314448 2020-03-20] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14610864 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [11776 2023-11-28] () [File not signed]
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3746584 2016-06-16] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [18944 2023-11-28] () [File not signed]
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114424 2016-05-24] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [310216 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] (ASUSTeK Computer Inc. -> )
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-07-26] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [280064 2022-10-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2022-04-15] (Microsoft Corporation) [File not signed]
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [47032 2024-01-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22968 2024-01-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44576 2024-02-03] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
R3 mshield; C:\WINDOWS\System32\DRIVERS\mshield.sys [43112 2024-01-10] (nordvpn s.a. -> Nordvpn S.A.)
R2 NDivert; C:\Program Files\NordVPN\7.18.5.0\Drivers\NDivert.sys [131472 2023-08-04] (nordvpn s.a. -> Nordvpn S.A.)
R4 NordDivert10; C:\Program Files\NordVPN\NordSec ThreatProtection\1.4.18.7\NordDivert1064.sys [101240 2024-01-10] (nordvpn s.a. -> NordVPN/Basil)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 silabenm; C:\WINDOWS\system32\DRIVERS\silabenm.sys [23552 2019-12-12] (Silicon Laboratories) [File not signed]
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [49744 2021-06-13] (nordvpn s.a. -> The OpenVPN Project)
S3 USB28xxBGA; C:\WINDOWS\system32\DRIVERS\emBDA64.sys [655680 2010-01-18] (TerraTec Electronic GmbH -> eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\system32\DRIVERS\emOEM64.sys [623424 2010-01-18] (TerraTec Electronic GmbH -> eMPIA Technology, Inc.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74064 2023-12-13] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [461240 2017-03-16] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2024-01-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2024-01-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-30] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2022-10-27] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-02-24] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 cpuz157; \??\C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [X] <==== ATTENTION
S3 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus.sys [X]
S3 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-03 19:19 - 2024-02-03 19:22 - 000000000 ____D C:\FRST
2024-02-02 10:22 - 2024-02-02 10:22 - 000000000 ____D C:\ProgramData\Piriform
2024-02-01 20:16 - 2024-02-02 10:13 - 000003554 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Installation
2024-01-31 17:07 - 2024-01-31 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2024-01-31 17:07 - 2024-01-31 17:07 - 000000000 ____D C:\Program Files\7-Zip
2024-01-31 16:48 - 2024-02-01 20:11 - 000000000 ____D C:\Users\*****\AppData\Local\Avast Software
2024-01-31 16:35 - 2024-02-01 20:11 - 000000000 ____D C:\ProgramData\Avast Software
2024-01-30 11:21 - 2024-01-30 11:21 - 000152716 _____ C:\ProgramData\agent.uninstall.1706610079.bdinstall.v2.bin
2024-01-30 11:13 - 2024-01-30 11:13 - 000044084 _____ C:\ProgramData\agent.1706609616.7036.v2.bin
2024-01-30 11:13 - 2024-01-30 11:13 - 000023544 _____ C:\ProgramData\agent.1706609634.bdinstall.v2.bin
2024-01-30 11:13 - 2024-01-30 11:13 - 000012820 _____ C:\ProgramData\agent.1706609616.17500.v2.bin
2024-01-30 11:04 - 2024-01-30 11:04 - 000456724 _____ C:\ProgramData\cl.uninstall.1706609023.bdinstall.v2.bin
2024-01-30 01:06 - 2024-02-02 10:19 - 000000000 ____D C:\WINDOWS\Minidump
2024-01-29 10:49 - 2024-01-10 10:37 - 000043112 _____ (Nordvpn S.A.) C:\WINDOWS\system32\Drivers\mshield.sys
2024-01-25 10:37 - 2024-01-25 10:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-01-23 03:51 - 2024-01-23 03:51 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-01-18 22:14 - 2024-01-18 22:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-01-15 19:06 - 2024-01-15 19:06 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2024-01-14 13:32 - 2024-01-14 13:32 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-11 15:33 - 2024-01-11 15:33 - 000000000 ___HD C:\$WinREAgent
2024-01-08 10:29 - 2024-01-08 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2024-01-08 10:29 - 2024-01-08 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-03 19:17 - 2022-10-27 20:14 - 000000000 ____D C:\Users\*****\AppData\Local\NordVPN
2024-02-03 19:17 - 2021-12-16 02:51 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-03 19:17 - 2021-10-01 20:54 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-03 19:17 - 2018-06-24 14:29 - 000000000 ____D C:\Program Files\CCleaner
2024-02-03 19:17 - 2015-07-05 12:47 - 000000000 ____D C:\Users\*****\AppData\Roaming\Dropbox
2024-02-03 19:17 - 2015-07-05 12:47 - 000000000 ____D C:\Users\*****\AppData\Local\Dropbox
2024-02-03 19:16 - 2022-02-15 21:13 - 000000000 ____D C:\Program Files\TeamViewer
2024-02-03 19:16 - 2022-02-08 19:11 - 000000000 ___SD C:\Users\*****\sciebo
2024-02-03 19:16 - 2022-02-08 19:05 - 000000000 ____D C:\Users\*****\AppData\Roaming\sciebo
2024-02-03 19:16 - 2021-10-01 20:04 - 000000000 ____D C:\Users\*****\AppData\Local\WebEx
2024-02-03 19:16 - 2021-03-23 13:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-03 19:16 - 2021-03-23 12:52 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-03 19:16 - 2020-04-02 10:42 - 000000000 ____D C:\Users\*****\AppData\Roaming\WTablet
2024-02-03 19:16 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-03 19:16 - 2017-05-13 20:44 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-02 22:40 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-02-02 22:39 - 2021-03-23 13:00 - 000003136 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2024-02-02 22:10 - 2021-03-23 12:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-02 13:24 - 2021-09-30 00:21 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Word
2024-02-02 13:18 - 2021-09-29 22:13 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Excel
2024-02-02 10:39 - 2021-03-23 13:39 - 000971502 _____ C:\WINDOWS\system32\perfh007.dat
2024-02-02 10:39 - 2021-03-23 13:39 - 000220938 _____ C:\WINDOWS\system32\perfc007.dat
2024-02-02 10:39 - 2021-03-23 12:59 - 000006020 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-02 10:34 - 2015-07-05 12:48 - 000000000 ___RD C:\Users\*****\Dropbox
2024-02-02 10:30 - 2021-10-11 19:01 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-02-02 10:27 - 2016-07-08 15:20 - 000000000 ___RD C:\Users\*****\OneDrive
2024-02-02 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-02 10:19 - 2021-03-14 23:55 - 000000000 ___DC C:\WINDOWS\Panther
2024-02-02 10:19 - 2016-07-08 15:36 - 000000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2024-02-01 20:11 - 2023-05-05 08:08 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-02-01 20:11 - 2022-04-27 09:03 - 000000664 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-392073570-3050404753-1078137296-1001.job
2024-02-01 20:11 - 2022-04-27 09:03 - 000000568 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-392073570-3050404753-1078137296-1001.job
2024-02-01 20:11 - 2015-07-05 12:47 - 000001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2024-02-01 20:11 - 2015-07-05 12:47 - 000001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2024-02-01 20:10 - 2021-03-23 13:00 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-01 20:10 - 2021-03-23 13:00 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-01 19:52 - 2023-05-05 08:08 - 000002952 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-02-01 19:52 - 2023-05-05 08:08 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - *****
2024-02-01 19:52 - 2022-04-27 09:03 - 000003258 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-392073570-3050404753-1078137296-1001
2024-02-01 19:52 - 2022-04-27 09:03 - 000003162 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-392073570-3050404753-1078137296-1001
2024-02-01 19:52 - 2022-03-31 22:36 - 000002662 _____ C:\WINDOWS\system32\Tasks\avfree.migration
2024-02-01 19:52 - 2021-03-23 13:00 - 000003752 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2024-02-01 19:52 - 2021-03-23 13:00 - 000003528 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2024-02-01 19:52 - 2021-03-23 13:00 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-01 19:52 - 2021-03-23 13:00 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-02-01 19:52 - 2021-03-23 13:00 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002964 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2024-02-01 19:52 - 2021-03-23 13:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002750 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-392073570-3050404753-1078137296-1001
2024-02-01 19:52 - 2021-03-23 13:00 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002708 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2024-02-01 19:52 - 2021-03-23 13:00 - 000002094 _____ C:\WINDOWS\system32\Tasks\{F8359AD5-9055-4E94-9C87-4389B0362F66}
2024-02-01 19:45 - 2015-02-06 11:14 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2024-02-01 19:45 - 2015-02-06 11:13 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2024-02-01 19:03 - 2022-10-27 20:14 - 000000000 ____D C:\Program Files\NordVPN
2024-02-01 14:32 - 2015-07-05 13:37 - 000000000 ____D C:\Users\*****\AppData\Roaming\texstudio
2024-01-31 16:40 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-31 14:36 - 2021-12-16 18:53 - 000000000 ____D C:\Users\*****\AppData\LocalLow\WebEx
2024-01-31 14:35 - 2021-12-16 18:52 - 000000000 ____D C:\Users\*****\AppData\Local\CiscoSpark
2024-01-31 14:35 - 2016-10-26 17:07 - 000000000 ____D C:\Users\*****\AppData\Roaming\webex
2024-01-31 13:50 - 2015-06-01 17:13 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-01-30 15:54 - 2021-12-16 18:52 - 000000000 ____D C:\Users\*****\AppData\Local\CiscoSparkLauncher
2024-01-30 11:36 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-30 11:33 - 2018-05-10 11:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-01-30 11:16 - 2023-03-30 13:45 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-01-30 11:09 - 2019-03-21 21:50 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-30 11:04 - 2021-03-23 12:53 - 000000000 ____D C:\Users\*****
2024-01-30 11:04 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-01-30 11:04 - 2019-04-22 19:49 - 000000000 ____D C:\ProgramData\Bitdefender
2024-01-30 11:04 - 2017-04-24 22:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-01-30 10:46 - 2019-12-07 10:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2024-01-30 01:10 - 2022-10-27 20:14 - 000000000 ____D C:\ProgramData\NordVPN
2024-01-27 17:50 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-27 11:11 - 2020-06-23 09:12 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-27 10:50 - 2018-03-09 10:09 - 000002161 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2024-01-27 10:49 - 2015-02-05 12:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-26 23:34 - 2015-02-05 12:40 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-25 10:38 - 2015-07-05 12:47 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-01-23 21:17 - 2015-02-10 19:50 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-17 14:27 - 2022-10-12 23:10 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-15 19:47 - 2018-01-28 11:14 - 000000000 ____D C:\Users\*****\AppData\Local\Packages
2024-01-15 19:06 - 2020-05-04 14:02 - 000000000 ____D C:\Users\*****\AppData\Roaming\Zoom
2024-01-14 14:32 - 2018-05-10 11:36 - 000000000 ____D C:\Users\*****\AppData\Local\D3DSCache
2024-01-14 13:31 - 2021-09-29 13:54 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-11 20:06 - 2015-08-20 18:48 - 000000000 ____D C:\Users\*****\AppData\Roaming\vlc
2024-01-10 22:18 - 2021-03-23 12:52 - 000652384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-10 22:17 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-10 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-10 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-10 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-10 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-10 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-10 11:20 - 2015-02-06 20:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-10 11:18 - 2015-02-06 20:43 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-08 10:38 - 2015-02-25 11:07 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Adobe
2024-01-07 18:59 - 2015-02-05 12:23 - 000000000 ___SD C:\Users\*****\AppData\Roaming\Microsoft\Credentials

==================== Files in the root of some directories ========

2017-11-21 22:29 - 2020-12-09 19:05 - 000011264 _____ () C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-02-04 18:39 - 2021-04-26 15:36 - 000000337 _____ () C:\Users\*****\AppData\Local\Perfmon.PerfmonCfg
2020-09-10 17:42 - 2020-09-10 17:42 - 000007605 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2017-11-20 19:57 - 2022-03-27 00:45 - 003591168 _____ () C:\Users\*****\AppData\Local\WebpageIcons.db
2022-01-23 15:18 - 2022-01-23 15:18 - 000000000 _____ () C:\Users\*****\AppData\Local\{071B7347-B8F0-4474-954C-D9476A51B22F}
2022-01-23 15:16 - 2022-01-23 15:16 - 000000000 _____ () C:\Users\*****\AppData\Local\{1D132510-2214-4348-A17A-51CB3F239EA4}
2022-01-23 15:20 - 2022-01-23 15:20 - 000000000 _____ () C:\Users\*****\AppData\Local\{59B32BA5-B930-4088-AFF5-2E1BDED427B8}
2020-11-18 07:40 - 2020-11-18 07:41 - 000000000 _____ () C:\Users\*****\AppData\Local\{C3279B87-B808-4A89-9936-2D63F7D08C22}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner

Log-Analyse und Auswertung: Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner

Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner

Ähnliche Themen: Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner