|
Mülltonne: Windows 10: Freunde erhalten "verseuchte" Emails, vermute TrojanerWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
13.12.2020, 22:18 | #1 |
| Windows 10: Freunde erhalten "verseuchte" Emails, vermute Trojaner Hallo mein Freund, Du hast mir geholfen einen Trojaner loszuwerden. Herzlichen Dank. Der Rechner wird freiberuflich genutzt. Beispiel einer dieser E-Mails: Von: Heiko Roemhild [mailto:h_roemhild@karibcable.com] Gesendet: Sonntag, 13. Dezember 2020 17:52 An: Eva Betreff: FW: Eva https://bit.ly/346FJ3L Heiko From: Heiko Roemhild [mailto:h_roemhildc@yahoo.com] Sent: Sunday, December 13, 2020 05:52:09 PM To: evalea.glatt@bluewin.ch Subject: hxxp://www.bing.com/search?q=&form=CFSWVCFEHXFRSAE&cvid=YYXAQXZXUKNDSGN Ende der Beispiel E-Mail Ich würde nur gerne sicher gehen das es kein erneuter Befall ist. Ich nutze noch einen weiteren Rechner in meinem Netzwerk. Vielleicht komme es von dort? Herzliche Grüße Heiko Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2020 durchgeführt von heiko (Administrator) auf HP-Z-BOOK (HP HP ZBook Studio G5) (13-12-2020 21:48:15) Gestartet von C:\Users\heiko\OneDrive\Desktop Geladene Profile: heiko & postgres Platform: Windows 10 Pro Version 20H2 19042.685 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4> (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2> (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Conexant Systems LLC.) [Datei ist nicht signiert] C:\Windows\CxSvc\CxUtilSvc.exe (Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe (Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskServiceTray.exe (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2> (GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe <4> (GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\SoftphoneIntegrations.exe (Google LLC -> Google LLC) C:\Users\heiko\AppData\Local\Google\Chrome\Application\chrome.exe <12> (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f37ada3b81da51b7\x64\TouchpointAnalyticsClientService.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f37ada3b81da51b7\x64\TouchpointGpuInfo.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\AppHelperCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\BridgeCommunication.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\NetworkCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\SysInfoCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HotKeyServiceUWP.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HPHotkeyNotification.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\LanWlanWwanSwitchingServiceUWP.exe (HP Inc. -> HP Inc.) C:\Windows\SysWOW64\HP_SureRun.exe (HP Inc. -> HP Inc.) C:\Windows\SysWOW64\HP_SureRun_Notification.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Collaboration Keyboard\CollaborationKeysController.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_968d2e53c8174e28\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_968d2e53c8174e28\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_968d2e53c8174e28\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_968d2e53c8174e28\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_724e05bd98458fe4\RstMwService.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Users\heiko\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\FileCoAuth.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\heiko\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2010.0.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20112.10111.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2> (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshImgMonitor.exe <3> (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshImgProc.exe <7> (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshMonWCFHost.exe (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsMon.exe (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\SshRegister.exe (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\SshTaskTray.exe (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SshCloudMonitor.exe (PFU LIMITED) [Datei ist nicht signiert] C:\ProgramData\PFU\ScanSnap\Home\SSDriver\fi5110\SsWiaChecker.exe (PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe (PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.5\bin\postgres.exe <7> (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64U.exe (Synaptics Incorporated -> ) C:\Program Files\CONEXANT\Flow\FlowTray.exe (Synaptics Incorporated -> Conexant Systems LLC.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe (Synaptics Incorporated -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe (Synaptics Incorporated) [Datei ist nicht signiert] C:\Windows\System32\SynaMonApp.exe (Synology Inc. -> ) C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe (Synology Inc. -> ) C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe (TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe (TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\SnagitEditor.exe (TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\SnagPriv.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobePSE17AutoAnalyzer] => C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe [3058696 2018-08-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe [8940000 2020-07-29] (TechSmith Corporation -> TechSmith Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-13] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-10-21] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [558144 2020-11-25] (geek software GmbH -> geek software GmbH) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-10-07] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-10-12] (Adobe Inc. -> ) HKLM-x32\...\Run: [ScanSnap Home Pfussmon] => C:\Program Files (x86)\PFU\ScanSnap\Home\pfuSSMon.exe [3587568 2020-10-27] (PFU Limited -> PFU Limited) HKLM-x32\...\Run: [ScanSnap WIA Service Checker] => C:\ProgramData\PFU\ScanSnap\Home\SSDriver\fi5110\SsWiaChecker.exe [121856 2020-05-26] (PFU LIMITED) [Datei ist nicht signiert] HKLM-x32\...\Run: [SshCloudMonitor] => C:\Program Files (x86)\PFU\ScanSnap\Home\SshCloudMonitor.exe [77824 2020-09-23] (PFU Limited) [Datei ist nicht signiert] HKLM-x32\...\Run: [SshRegister] => C:\Program Files (x86)\PFU\ScanSnap\Home\SshRegister.exe [130544 2020-10-27] (PFU Limited -> PFU Limited) HKLM-x32\...\Run: [pfuSshMain] => C:\Program Files (x86)\PFU\ScanSnap\Home\pfuSshMain.exe [2323952 2020-10-27] (PFU Limited -> PFU Limited) HKLM-x32\...\Run: [ScanSnap OnlineUpdate Watcher] => C:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe [134656 2020-06-05] (PFU Limited -> PFU Limited) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [798816 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [460896 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe [106801096 2020-11-13] (GN AUDIO A/S -> GN Audio A/S) HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-11-10] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [] => [X] HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [Google Update] => C:\Users\heiko\AppData\Local\Google\Update\1.3.36.52\GoogleUpdateCore.exe [219592 2020-12-04] (Google LLC -> Google LLC) HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5491248 2020-10-22] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\MountPoints2: {65006cc2-10be-11eb-8d62-548d5a775924} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1298520027-1106975814-2819668856-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-10-22] (Adobe Inc. -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\windows\system32\DPCrProv2.dll HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\windows\system32\DPCrProv2.dll HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\windows\system32\DPCrProv2.dll HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\windows\system32\DPCrProv2.dll HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\windows\system32\DPCrProv2.dll Startup: C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2020-11-27] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {1438D197-E554-4DD8-97C2-5C6E5373CB63} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1C993506-819D-46FE-A4E2-7F2961311057} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-heikoroemhild@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {2133CB02-C670-4860-AB0F-2583BEAF8B35} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1298520027-1106975814-2819668856-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-12-02] (Microsoft Windows -> ) Task: {218541E1-2C64-4935-A070-E3BA3ED38E93} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Task: {21A08B60-6CE6-4F71-B10A-B6265383510C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1137496 2020-11-02] (HP Inc. -> HP Inc.) Task: {2BC0AE96-6317-488F-9C22-522F714425A9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [553304 2020-11-02] (HP Inc. -> HP Inc.) Task: {2DB14EF8-9F90-437A-9BCD-AB9794CD0282} - System32\Tasks\HP\HP Collaboration Keyboard\HP Collaboration Keyboard Controller => C:\Program Files (x86)\HP\HP Collaboration Keyboard\CollaborationKeysController.exe [722984 2019-09-17] (HP Inc. -> HP) Task: {2E736FE3-5997-47EF-B6CF-85CC8CDF2F82} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2177464 2019-11-15] (Microsoft Corporation -> Microsoft) Task: {33C766CE-8B2A-4184-8D75-A8CDBC8D5109} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {3FDBA556-7257-4A11-8FFE-5BA1BC23EC3E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {499AB6A1-97F7-471A-AA5F-11552BD8CEB5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {4D30CDF8-942F-40F0-A868-393767437D26} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [891432 2018-08-31] (HP Inc. -> HP) Task: {5E409A61-992C-4DC6-A52D-F746926C0245} - System32\Tasks\Opera scheduled assistant Autoupdate 1601837781 => C:\Users\heiko\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\heiko\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {656E7EA3-8609-4D68-87EF-4DD7F7A317F9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation) Task: {65AB2AE4-6253-4E75-817F-B340CFE6E8AF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2646152 2019-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {7171E66F-9F35-4533-94F7-84301DED497A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2043016 2019-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {79AB9F88-BD84-4321-8BA7-59A2156A805F} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1537960 2020-11-12] (NVIDIA Corporation -> NVIDIA Corporation) Task: {885843C8-E781-4A72-B0B6-774D483A5D6B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2020-09-30] (HP Inc. -> HP Inc.) Task: {98C587A6-7078-411D-AAA8-77CB58E64CCA} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [170496 2019-10-04] (Synaptics Incorporated) [Datei ist nicht signiert] Task: {98E6ECCD-EC2B-4170-A032-75D70535E039} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\UnityMedia\fsscan.exe Task: {997D3C98-55DA-4FC7-B0EF-E44CC99C6863} - System32\Tasks\Opera scheduled Autoupdate 1601837778 => C:\Users\heiko\AppData\Local\Programs\Opera\launcher.exe Task: {9C38A095-11F1-4C97-AE0C-3D3DFAC1C70A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {AA6C25CC-D8CB-42D8-9DB1-F49AB9510BE2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1137496 2020-11-02] (HP Inc. -> HP Inc.) Task: {B6E1960E-1F6B-42AE-A7AE-89B15BD9D26A} - System32\Tasks\HP\HP Collaboration Keyboard\Start Collaboration Keyboard Process => C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe [609320 2020-02-14] (HP Inc. -> HP Inc.) Task: {B7617DC3-4824-43CA-9DC2-C004F8CCEC36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BFD98C6E-BC7A-4CAB-82E1-022D8C72221C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService Task: {C0717D82-0596-4A06-AB0A-757037530131} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.) Task: {C54AA8A3-B12B-4154-91F2-FA6D2D551229} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Task: {CA8E4854-60A6-4818-A5B0-4667B3DAB164} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2043016 2019-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {CD6A00EC-75E4-4A39-9425-8315734AFF8D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {D500C4BD-E583-4609-B49F-EE0FD18E00F2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2646152 2019-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {D6F6363F-EC1B-4773-80CE-1B7F2106E996} - System32\Tasks\Intel\Intel® Management and Security Status => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [232536 2020-09-02] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60 Task: {D9D1B0D2-F917-4380-8F25-2C295B9556E0} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32696 2019-11-15] (Microsoft Corporation -> Microsoft) Task: {DCA073A0-01DF-491D-B856-687B88B0DB7F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E1E7CB22-531C-4D9A-8562-D1B98998329E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1298520027-1106975814-2819668856-1001UA => C:\Users\heiko\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-17] (Google LLC -> Google LLC) Task: {E3017FF9-835A-4BF6-97C3-9C39C11E2CC2} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [225984 2018-09-06] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {E57F260F-0F0F-4F38-8212-FEAFF9218FC2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {F5C4FEE2-131E-4A24-8C13-49C46A1C4224} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [225984 2018-09-06] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {F5FF630B-A270-45B8-BC18-F07A89F0E28E} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice Task: {F70D3208-5CBB-49C6-ABAD-F9FEDC5F0099} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2308800 2018-09-06] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {FA3FA4F3-D4BF-4DB3-A11C-F986013DCF23} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1298520027-1106975814-2819668856-1001Core => C:\Users\heiko\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-17] (Google LLC -> Google LLC) Task: {FA77F1E5-D325-4547-97D8-63B5692CCDE7} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [225984 2018-09-06] (Intel(R) Client Connectivity Division SW -> Intel Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\Scheduled scanning task.job => C:\Program Files (x86)\UnityMedia\fsscan.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{5605a91e-6a95-4b04-9bd7-84fae3cc3261}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{ae6a8e03-4ad3-4441-b1cf-674c8dca651a}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{efb8ce32-5435-49e5-b0a7-8473a9eeb84d}: [DhcpNameServer] 192.168.178.1 Edge: ====== Edge Notifications: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001 -> hxxps://www.gruenderszene.de Edge DefaultProfile: Default Edge Profile: C:\Users\heiko\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-13] Edge Notifications: Default -> hxxps://www.gruenderszene.de Edge Extension: (Grammarly for Microsoft Edge) - C:\Users\heiko\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2020-11-29] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\heiko\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-11-29] Edge Extension: (Grammarly for Chrome) - C:\Users\heiko\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-11-15] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: lxo2uxlb.default FF ProfilePath: C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lxo2uxlb.default [2020-11-18] FF ProfilePath: C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lttpr00m.default-release [2020-12-13] FF Notifications: Mozilla\Firefox\Profiles\lttpr00m.default-release -> hxxps://calendar.google.com FF Extension: (HTTPS Everywhere) - C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lttpr00m.default-release\Extensions\https-everywhere@eff.org.xpi [2020-11-18] FF Extension: (uBlock Origin) - C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lttpr00m.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-11-19] FF Extension: (Video DownloadHelper) - C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lttpr00m.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-11-18] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-10-07] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-10-07] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default [2020-12-13] CHR HomePage: Default -> hxxp://www.google.de/ CHR StartupUrls: Default -> "hxxp://google.de/" CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/apps-notify/drive_96_1x.png CHR Extension: (Google Drive) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghbiahbpaijignceidepookljebhfak [2020-06-18] CHR Extension: (Google Drive) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21] CHR Extension: (YouTube) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-18] CHR Extension: (Google Play Music) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2020-04-18] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-11-27] CHR Extension: (Dropbox) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2020-04-18] CHR Extension: (Browsing Protection by F-Secure) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2020-11-17] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-18] CHR Extension: (Google Mail) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Extension: (Chrome Media Router) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-09] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-10-07] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384544 2020-10-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation) R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [43616 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [95704 2020-08-04] (Synaptics Incorporated -> Conexant Systems LLC.) R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [166400 2019-10-04] (Conexant Systems LLC.) [Datei ist nicht signiert] S2 epinjectsvc; C:\Program Files (x86)\Citrix\ICA Client\inject.exe [501456 2020-06-19] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S3 FLCDLOCK; C:\windows\SysWOW64\flcdlock.exe [589208 2018-02-21] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company) R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HotKeyServiceUWP.exe [1527208 2020-10-20] (HP Inc. -> HP Inc.) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [886136 2020-06-24] (HP Inc. -> HP Inc.) R2 HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [969256 2018-08-31] (HP Inc. -> HP) R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\AppHelperCap.exe [689912 2020-11-05] (HP Inc. -> HP Inc.) R2 HPMAMSrv; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [542248 2019-04-22] (HP Inc. -> HP) R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\NetworkCap.exe [688888 2020-11-05] (HP Inc. -> HP Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [285192 2020-10-28] (HP Inc. -> HP Inc.) R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149448 2020-06-09] (HP Inc. -> HP) R2 HPSureRun; C:\WINDOWS\SysWOW64\HP_SureRun.exe [1566760 2020-12-13] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\SysInfoCap.exe [689400 2020-11-05] (HP Inc. -> HP Inc.) R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f37ada3b81da51b7\x64\TouchpointAnalyticsClientService.exe [476424 2020-11-04] (HP Inc. -> HP Inc.) S4 LanWlanSwitchingService; C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe [618536 2018-08-31] (HP Inc. -> HP) R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\LanWlanWwanSwitchingServiceUWP.exe [788904 2020-10-20] (HP Inc. -> HP Inc.) R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [499336 2020-10-26] (Logitech Inc -> Logitech) R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4490376 2020-09-18] (Logitech Inc -> Logitech) R2 NVWMI; C:\WINDOWS\system32\nvwmi64.exe [4788120 2020-11-12] (NVIDIA Corporation -> NVIDIA Corporation) R2 PDF24; C:\Program Files\PDF24\pdf24.exe [558144 2020-11-25] (geek software GmbH -> geek software GmbH) R2 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [Datei ist nicht signiert] S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13666872 2020-11-17] (Adlice -> ) R2 SECOMNUService; C:\WINDOWS\System32\SECOMN64U.exe [161296 2020-11-17] (Sound Research Corporation -> Sound Research, Corp.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 spacedeskService; C:\WINDOWS\system32\spacedeskService.exe [1116592 2020-11-08] (Datronicsoft, Inc. -> ) R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [371672 2020-04-13] (Synology Inc. -> ) R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation) R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [253912 2019-10-30] (Synology Inc. -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) U2 DpHost; kein ImagePath ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider) S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [74768 2018-02-21] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company) R2 entryprotectdrv; C:\Program Files (x86)\Citrix\ICA Client\entryprotect.sys [57032 2020-06-19] (Citrix Systems, Inc. -> Citrix Systems, Inc.) R1 epinject6; C:\Program Files (x86)\Citrix\ICA Client\epinject.sys [150520 2020-06-19] (Citrix Systems, Inc. -> ) R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-05-03] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) S3 JabraDFU; C:\WINDOWS\System32\Drivers\JabraBcDfuX64.sys [54408 2018-03-20] (GN Netcom A/S -> QTI Ltd) R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation) R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2020-08-27] (Datronicsoft, Inc. -> ) S3 Switchers; C:\WINDOWS\System32\drivers\Switchers.sys [27368 2020-09-24] (WDKTestCert build,131613220053715806 -> Blackmagic Design) R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2020-04-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation) S3 WebPresenter; C:\WINDOWS\System32\drivers\WebPresenter.sys [25216 2017-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Blackmagic Design) R3 WiMan; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_4b0336d95f188e47\WiMan\WiMan.sys [162136 2020-09-02] (Intel Wireless Driver -> ) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP) S3 WacHidRouterPro; \SystemRoot\System32\drivers\wachidrouter.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2020-12-13 21:47 - 2020-12-13 21:48 - 000000000 ____D C:\FRST 2020-12-13 21:01 - 2020-12-13 21:01 - 000000000 ____D C:\Benutzerdefinierte Produktionseinstellungen 9.0 2020-12-12 12:07 - 2020-12-12 12:07 - 002231049 _____ C:\Users\heiko\Downloads\de-itil4-guide.pdf 2020-12-12 11:52 - 2020-12-12 11:52 - 017319408 _____ (FreeFileSync.org ) C:\Users\heiko\Downloads\FreeFileSync_11.4_Windows_Setup.exe 2020-12-12 11:27 - 2020-12-12 11:27 - 000000000 ____H C:\Users\heiko\OneDrive\Documents\Default.rdp 2020-12-11 22:08 - 2020-12-11 22:08 - 010246734 _____ C:\Users\heiko\OneDrive\Documents\LifeBalance_Self_Coaching_made_easy_FORGRESS_en_V2.pptx 2020-12-11 13:28 - 2020-12-11 13:28 - 000000256 _____ C:\Users\heiko\AppData\Local\PUTTY.RND 2020-12-11 13:27 - 2020-12-11 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit) 2020-12-11 13:27 - 2020-12-11 13:27 - 000000000 ____D C:\Program Files\PuTTY 2020-12-11 10:53 - 2020-12-11 10:44 - 001199242 _____ C:\Users\heiko\OneDrive\Documents\LC Executive FiRE Index 2020-10 EN V0.7.pdf 2020-12-11 10:53 - 2020-12-11 10:44 - 001105314 _____ C:\Users\heiko\OneDrive\Documents\ExecutiveFiREIndex_peter-sample.pdf 2020-12-11 10:53 - 2020-12-11 10:44 - 001044921 _____ C:\Users\heiko\OneDrive\Documents\LC Can crisis resistance be improved 2020-11.pdf 2020-12-11 10:53 - 2020-12-11 10:44 - 000564568 _____ C:\Users\heiko\OneDrive\Documents\LC Lässt sich Krisenfestigkeit verbessern.pdf 2020-12-10 18:06 - 2020-12-10 18:06 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2020-12-10 18:06 - 2020-12-10 18:06 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2020-12-10 18:06 - 2020-12-10 18:06 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2020-12-08 20:13 - 2020-12-08 20:13 - 000001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Rush 1.5.lnk 2020-12-07 23:41 - 2020-12-07 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2020-12-06 21:02 - 2020-12-06 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirServer Universal (x64) 2020-12-06 21:02 - 2020-12-06 21:02 - 000000000 ____D C:\Program Files\App Dynamic 2020-12-02 20:06 - 2020-12-02 20:06 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\TeamEnwicklung 2020-12-02 20:05 - 2020-12-02 20:06 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Curicullum 2020-12-02 20:05 - 2020-12-02 20:06 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Arbeitsblätter 2020-12-02 18:07 - 2020-12-02 18:07 - 000001460 _____ C:\Users\Public\Desktop\Logitech Kameraeinstellungen.lnk 2020-12-02 18:07 - 2020-12-02 18:07 - 000001460 _____ C:\ProgramData\Desktop\Logitech Kameraeinstellungen.lnk 2020-12-02 15:55 - 2020-12-10 00:52 - 000000000 ____D C:\Users\heiko\AppData\Roaming\FastGlacier 2020-12-02 15:55 - 2020-12-02 15:55 - 000000889 _____ C:\Users\Public\Desktop\FastGlacier.lnk 2020-12-02 15:55 - 2020-12-02 15:55 - 000000889 _____ C:\ProgramData\Desktop\FastGlacier.lnk 2020-12-02 15:55 - 2020-12-02 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastGlacier 2020-12-02 15:55 - 2020-12-02 15:55 - 000000000 ____D C:\Program Files\FastGlacier 2020-12-02 15:42 - 2020-12-02 15:42 - 000000000 ____D C:\Users\heiko\AppData\Roaming\JAM Software 2020-12-02 15:41 - 2020-12-02 15:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free 2020-12-02 15:41 - 2020-12-02 15:41 - 000000000 ____D C:\Program Files (x86)\JAM Software 2020-12-02 10:20 - 2020-12-02 10:20 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Backup 2020-12-02 10:17 - 2020-12-02 10:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2020-12-02 10:17 - 2020-12-02 10:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2020-12-02 10:17 - 2020-12-02 10:17 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-12-02 10:17 - 2020-12-02 10:17 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-12-02 10:17 - 2020-12-02 10:17 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 001328392 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 001263104 _____ C:\WINDOWS\system32\FaceProcessor.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000512856 _____ C:\WINDOWS\system32\FaceProcessorCore.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2020-12-02 10:17 - 2020-12-02 10:17 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2020-12-02 10:17 - 2020-12-02 10:17 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2020-12-02 10:17 - 2020-12-02 10:17 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe 2020-12-02 10:17 - 2020-12-02 10:17 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2020-12-02 09:41 - 2020-12-12 11:55 - 000000000 ____D C:\Users\heiko\AppData\Roaming\FreeFileSync 2020-12-02 09:41 - 2020-12-12 11:52 - 000001020 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk 2020-12-02 09:41 - 2020-12-12 11:52 - 000001010 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk 2020-12-02 09:41 - 2020-12-12 11:52 - 000001008 _____ C:\Users\Public\Desktop\FreeFileSync.lnk 2020-12-02 09:41 - 2020-12-12 11:52 - 000001008 _____ C:\ProgramData\Desktop\FreeFileSync.lnk 2020-12-02 09:41 - 2020-12-12 11:52 - 000000998 _____ C:\Users\Public\Desktop\RealTimeSync.lnk 2020-12-02 09:41 - 2020-12-12 11:52 - 000000998 _____ C:\ProgramData\Desktop\RealTimeSync.lnk 2020-12-02 09:41 - 2020-12-12 11:52 - 000000000 ____D C:\Program Files\FreeFileSync 2020-11-30 18:29 - 2020-11-30 18:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24.lnk 2020-11-30 18:29 - 2020-11-30 18:29 - 000000000 ____D C:\Program Files\PDF24 2020-11-30 11:03 - 2020-11-30 11:03 - 000000000 ____D C:\Users\heiko\AppData\Local\Jabra 2020-11-29 15:21 - 2020-12-13 21:19 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Jabra Direct 2020-11-29 15:21 - 2020-11-29 15:21 - 000000000 ____D C:\Users\heiko\AppData\Roaming\JabraSDK 2020-11-29 15:21 - 2020-11-29 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jabra 2020-11-29 15:20 - 2020-11-29 15:21 - 000000000 ____D C:\Program Files (x86)\Jabra 2020-11-29 14:16 - 2020-11-29 14:16 - 000000015 _____ C:\Users\heiko\AppData\Roaming\obs-virtualcam.txt 2020-11-29 14:12 - 2020-11-29 14:12 - 000001057 _____ C:\Users\Public\Desktop\OBS Studio.lnk 2020-11-29 14:12 - 2020-11-29 14:12 - 000001057 _____ C:\ProgramData\Desktop\OBS Studio.lnk 2020-11-29 14:12 - 2020-11-29 14:12 - 000000000 ____D C:\ProgramData\obs-studio-hook 2020-11-29 14:12 - 2020-11-29 14:12 - 000000000 ____D C:\Program Files\obs-studio 2020-11-29 13:10 - 2020-11-29 13:10 - 000001973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\spacedesk SERVER.lnk 2020-11-29 13:10 - 2020-11-29 13:10 - 000000000 ____D C:\Program Files\datronicsoft 2020-11-28 13:27 - 2020-11-28 13:27 - 000002629 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Workspace.lnk 2020-11-27 22:17 - 2020-11-27 22:17 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\OneNote-Notizbücher 2020-11-27 21:08 - 2020-11-27 21:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2020-11-27 21:03 - 2020-09-18 05:20 - 007326528 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64.dll 2020-11-27 21:03 - 2020-09-18 05:20 - 005129536 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPScanTEDrv.dll 2020-11-27 21:03 - 2020-09-18 05:20 - 001328960 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64_DiscoveryLibDyn.dll 2020-11-27 21:03 - 2020-09-18 05:20 - 000963392 _____ (HP Inc.) C:\WINDOWS\SysWOW64\DiscoveryLibDyn.dll 2020-11-27 21:03 - 2020-09-18 05:20 - 000665408 _____ (HP Inc., LP) C:\WINDOWS\system32\HPWia2Drv.dll 2020-11-27 21:03 - 2020-09-18 03:08 - 000003487 _____ C:\WINDOWS\SysWOW64\HPScanDrvConfig.xml 2020-11-27 21:03 - 2020-09-18 03:08 - 000003487 _____ C:\WINDOWS\system32\HPScanDrvConfig.xml 2020-11-23 18:22 - 2020-11-23 18:22 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\ATEM Autosave 2020-11-20 20:42 - 2020-11-20 20:43 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2020-11-20 20:42 - 2020-11-20 20:43 - 000002181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-11-20 20:05 - 2020-12-09 23:37 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1298520027-1106975814-2819668856-1001 2020-11-20 20:05 - 2020-12-09 23:37 - 000002428 _____ C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-11-20 18:37 - 2020-11-20 18:37 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2020-11-20 18:03 - 2020-11-20 18:03 - 000000000 ___HD C:\Users\heiko\Downloads\.SynologyWorkingDirectory 2020-11-19 21:26 - 2020-12-13 15:18 - 000000000 ___RD C:\Users\heiko\Creative Cloud Files 2020-11-18 17:27 - 2020-11-18 17:27 - 000000000 ____D C:\WINDOWS\Panther 2020-11-18 17:14 - 2020-11-18 17:14 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chocolatey GUI.lnk 2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\Users\heiko\AppData\Roaming\NuGet 2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\Users\heiko\AppData\Local\NuGet 2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\Users\heiko\AppData\Local\Chocolatey GUI 2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\ProgramData\shimgen 2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\ProgramData\Chocolatey GUI 2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\Program Files (x86)\Chocolatey GUI 2020-11-18 17:13 - 2020-12-02 15:51 - 000000000 ____D C:\ProgramData\chocolatey 2020-11-18 15:30 - 2020-11-18 15:30 - 000001010 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-11-18 15:30 - 2020-11-18 15:30 - 000000998 _____ C:\Users\Public\Desktop\Firefox.lnk 2020-11-18 15:30 - 2020-11-18 15:30 - 000000998 _____ C:\ProgramData\Desktop\Firefox.lnk 2020-11-18 15:30 - 2020-11-18 15:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-11-18 15:30 - 2020-11-18 15:30 - 000000000 ____D C:\Users\heiko\AppData\Local\Mozilla 2020-11-18 15:30 - 2020-11-18 15:30 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-11-18 13:30 - 2020-11-18 14:48 - 000000000 ____D C:\ProgramData\RogueKiller 2020-11-18 13:30 - 2020-11-18 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2020-11-18 13:30 - 2020-11-18 13:30 - 000000000 ____D C:\Program Files\RogueKiller 2020-11-18 13:21 - 2020-11-18 13:21 - 000000000 ____D C:\Users\heiko\AppData\Local\mbam 2020-11-18 13:20 - 2020-11-18 13:20 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-11-18 13:06 - 2020-12-09 23:38 - 000000000 ___HD C:\adobeTemp 2020-11-17 17:44 - 2016-09-20 13:51 - 000004664 _____ C:\WINDOWS\system32\Drivers\CxSfPt.dat 2020-11-17 17:40 - 2020-11-17 17:40 - 001379384 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64U.dll 2020-11-17 17:40 - 2020-11-17 17:40 - 001379016 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64U.dll 2020-11-17 17:40 - 2020-11-17 17:40 - 001278936 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64U.dll 2020-11-17 17:40 - 2020-11-17 17:40 - 001176760 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64U.dll 2020-11-17 17:40 - 2020-11-17 17:40 - 001011648 _____ (Sound Research, Corp.) C:\WINDOWS\system32\HPIMMA64U.dll 2020-11-17 17:40 - 2020-11-17 17:40 - 000161296 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64U.exe 2020-11-17 17:40 - 2020-11-17 17:40 - 000040314 _____ C:\WINDOWS\system32\SEAPODATU.zip 2020-11-17 17:40 - 2020-11-17 17:40 - 000019979 _____ C:\WINDOWS\system32\SEAPODATU.USB.VID_0B0E&PID_A346&MI_00.zip 2020-11-17 17:40 - 2020-11-17 17:40 - 000019966 _____ C:\WINDOWS\system32\SEAPODATU.USB.VID_0B0E&PID_A345&MI_00.zip 2020-11-17 17:40 - 2020-11-17 17:40 - 000019948 _____ C:\WINDOWS\system32\SEAPODATU.USB.VID_0B0E&PID_034C&MI_00.zip 2020-11-17 17:40 - 2020-11-17 17:40 - 000019942 _____ C:\WINDOWS\system32\SEAPODATU.USB.VID_0B0E&PID_0422&MI_00.zip 2020-11-17 17:38 - 2020-12-08 20:30 - 000002539 _____ C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-11-17 17:38 - 2020-12-04 13:44 - 000003894 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1298520027-1106975814-2819668856-1001UA 2020-11-17 17:38 - 2020-12-04 13:44 - 000003626 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1298520027-1106975814-2819668856-1001Core 2020-11-16 21:16 - 2020-11-16 21:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira 2020-11-15 15:49 - 2020-11-15 15:49 - 000002217 _____ C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2021.lnk 2020-11-15 15:49 - 2020-11-15 15:49 - 000002217 _____ C:\ProgramData\Desktop\WISO Steuer-Sparbuch 2021.lnk 2020-11-15 15:49 - 2020-11-15 15:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2021 2020-11-14 17:10 - 2020-12-13 13:37 - 111149056 _____ C:\WINDOWS\system32\config\SOFTWARE 2020-11-14 17:08 - 2020-11-14 17:10 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2020-11-13 21:58 - 2020-11-13 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSnap ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2020-12-13 21:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-13 20:58 - 2020-09-23 11:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-12-13 19:53 - 2020-09-23 11:33 - 000004160 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{497F0BED-F87E-4894-9209-D068D1619D14} 2020-12-13 17:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-12-13 16:20 - 2020-04-18 15:37 - 000000000 ____D C:\Users\heiko\AppData\LocalLow\Mozilla 2020-12-13 15:48 - 2020-04-18 15:36 - 000000000 ____D C:\ProgramData\Mozilla 2020-12-13 15:37 - 2020-09-23 13:20 - 001724648 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-12-13 15:37 - 2019-12-07 15:51 - 000746440 _____ C:\WINDOWS\system32\perfh007.dat 2020-12-13 15:37 - 2019-12-07 15:51 - 000150810 _____ C:\WINDOWS\system32\perfc007.dat 2020-12-13 15:37 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2020-12-13 15:18 - 2020-04-18 15:23 - 000000000 ___RD C:\Users\heiko\OneDrive 2020-12-13 15:18 - 2020-04-18 15:21 - 000000000 __SHD C:\Users\heiko\IntelGraphicsProfiles 2020-12-13 15:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2020-12-13 13:59 - 2020-03-22 21:27 - 000000000 ____D C:\ProgramData\NVIDIA 2020-12-13 13:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2020-12-13 13:38 - 2020-04-18 15:23 - 000000000 ____D C:\Users\heiko\AppData\Local\CrashDumps 2020-12-13 13:37 - 2020-09-23 11:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-12-13 13:37 - 2020-09-23 11:29 - 000008192 ___SH C:\DumpStack.log.tmp 2020-12-13 13:37 - 2020-04-18 21:12 - 001593000 _____ C:\WINDOWS\system32\wpbbin.exe 2020-12-13 13:37 - 2020-04-18 21:12 - 001566760 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HP_SureRun.exe 2020-12-13 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2020-12-13 13:37 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-12-13 13:36 - 2020-09-23 10:49 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2020-12-13 13:36 - 2020-09-23 10:49 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2020-12-13 13:36 - 2019-12-07 10:10 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll 2020-12-12 14:26 - 2020-11-01 22:37 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Scanner 2020-12-12 10:40 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-12 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-12-11 22:10 - 2020-04-18 15:21 - 000000000 ____D C:\Users\heiko\AppData\Local\Packages 2020-12-10 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2020-12-10 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-12-10 18:00 - 2020-03-22 21:42 - 000000000 ____D C:\Program Files\Microsoft Office 2020-12-09 15:29 - 2020-04-20 09:50 - 000000000 ____D C:\Users\heiko\AppData\Roaming\WhatsApp 2020-12-09 15:29 - 2020-04-20 09:50 - 000000000 ____D C:\Users\heiko\AppData\Local\WhatsApp 2020-12-09 15:29 - 2020-04-18 15:30 - 000000000 ____D C:\Users\heiko\AppData\Local\SquirrelTemp 2020-12-08 20:32 - 2020-04-20 13:25 - 000000000 ____D C:\ProgramData\Adobe 2020-12-08 20:13 - 2020-04-20 13:24 - 000000000 ____D C:\Program Files\Common Files\Adobe 2020-12-08 20:13 - 2020-04-20 13:24 - 000000000 ____D C:\Program Files\Adobe 2020-12-07 23:41 - 2020-07-15 19:43 - 000002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2020-12-07 12:43 - 2020-05-27 20:16 - 000000000 ____D C:\Users\heiko\AppData\Roaming\obs-studio 2020-12-07 12:36 - 2020-04-18 15:21 - 000000000 ____D C:\Users\heiko\AppData\Roaming\hpqLog 2020-12-06 19:27 - 2020-09-23 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard 2020-12-06 19:27 - 2020-04-18 21:13 - 000000000 ____D C:\Users\heiko\AppData\Local\HP_Inc 2020-12-06 18:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2020-12-06 08:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-12-05 08:11 - 2020-07-15 08:54 - 000000000 ____D C:\Users\heiko\AppData\Local\Citrix 2020-12-04 08:24 - 2019-04-19 19:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-12-02 12:05 - 2020-09-23 11:29 - 000559520 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-12-02 12:04 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2020-12-01 12:12 - 2020-04-22 18:07 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Zoom 2020-11-30 19:47 - 2020-04-20 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith 2020-11-30 19:47 - 2020-03-22 21:31 - 000000000 ____D C:\ProgramData\Package Cache 2020-11-30 10:56 - 2020-09-23 10:53 - 000000000 ____D C:\Users\heiko 2020-11-30 10:55 - 2020-04-19 15:32 - 000000000 ____D C:\Users\heiko\AppData\Local\SynologyDrive 2020-11-29 14:12 - 2020-05-27 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2020-11-29 13:03 - 2020-04-18 15:22 - 000000000 ____D C:\Users\heiko\AppData\Local\PlaceholderTileLogoFolder 2020-11-27 22:31 - 2020-04-18 15:23 - 000000120 ____R C:\Users\heiko\OneDrive\Documents\Personal (Web).url 2020-11-27 22:18 - 2019-04-19 19:34 - 000000000 ____D C:\ProgramData\HP 2020-11-27 21:25 - 2020-09-23 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2020-11-23 18:27 - 2020-04-19 01:51 - 000000000 ____D C:\ProgramData\Blackmagic Design 2020-11-22 17:40 - 2020-04-18 15:23 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Office Lens 2020-11-20 20:46 - 2019-04-19 19:32 - 000000000 ____D C:\ProgramData\Packages 2020-11-20 20:40 - 2020-04-20 13:24 - 000000000 ____D C:\Program Files (x86)\Adobe 2020-11-20 20:24 - 2020-05-19 11:20 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\FrameFactory 2020-11-20 19:59 - 2020-07-04 10:04 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2020-11-20 19:57 - 2020-07-15 08:52 - 000000000 ____D C:\ProgramData\Citrix 2020-11-20 18:37 - 2020-04-22 18:06 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Zoom 2020-11-20 18:37 - 2020-04-20 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2020-11-20 18:37 - 2020-04-20 19:46 - 000000000 ____D C:\Program Files\Logitech 2020-11-18 20:04 - 2020-04-20 13:27 - 000000000 ____D C:\Users\heiko\AppData\Local\D3DSCache 2020-11-18 20:04 - 2020-04-18 15:21 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Adobe 2020-11-18 19:43 - 2020-07-04 15:16 - 000091793 _____ C:\ProgramData\StreamingMediaTechnologyLog.txt 2020-11-18 18:20 - 2020-04-20 13:21 - 000000000 ____D C:\Users\heiko\AppData\Local\Adobe 2020-11-18 17:46 - 2020-07-04 10:04 - 000000000 ___RD C:\Users\postgres\OneDrive 2020-11-18 17:24 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-11-18 17:16 - 2020-06-08 17:46 - 000000000 ____D C:\Users\heiko\AppData\LocalLow\Temp 2020-11-18 15:30 - 2020-04-18 15:37 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Mozilla 2020-11-18 15:30 - 2020-04-18 15:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-11-18 15:17 - 2020-10-30 16:08 - 000000000 ____D C:\Users\heiko\AppData\Local\Deployment 2020-11-18 13:06 - 2019-09-09 12:32 - 000000000 ____D C:\Program Files (x86)\HP 2020-11-17 17:45 - 2020-03-22 21:35 - 001705080 _____ (TODO: <Company name>) C:\WINDOWS\SysWOW64\RebootPrompt.exe 2020-11-17 17:45 - 2020-03-22 21:35 - 000000000 ____D C:\WINDOWS\CxSvc 2020-11-17 17:45 - 2019-09-09 12:32 - 000000000 ____D C:\Program Files\CONEXANT 2020-11-17 17:40 - 2020-11-12 21:02 - 000000000 ____D C:\hpswsetup 2020-11-17 17:38 - 2020-04-18 15:26 - 000000000 ____D C:\Users\heiko\AppData\Local\Google 2020-11-17 17:15 - 2020-04-18 15:27 - 000000000 ____D C:\Program Files (x86)\Google 2020-11-17 10:49 - 2020-09-23 11:33 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-11-17 10:49 - 2020-09-23 11:33 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-11-17 10:49 - 2020-03-22 21:47 - 000001152 __RSH C:\ProgramData\ntuser.pol 2020-11-17 10:46 - 2020-11-04 21:03 - 000000000 ____D C:\Program Files (x86)\UnityMedia 2020-11-17 10:44 - 2020-06-08 13:55 - 000000000 ____D C:\ProgramData\F-Secure 2020-11-17 10:44 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2020-11-17 04:06 - 2020-11-12 21:02 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard 2020-11-17 04:06 - 2020-04-18 15:33 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Hewlett-Packard 2020-11-17 04:06 - 2019-09-09 12:33 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2020-11-17 04:06 - 2019-06-28 02:49 - 000000000 _RSHD C:\hp 2020-11-16 21:27 - 2020-05-14 08:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-11-16 21:26 - 2020-04-20 19:35 - 000000000 ____D C:\Program Files (x86)\Mp3tag 2020-11-16 21:22 - 2020-05-17 09:37 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL GmbH 2020-11-16 21:22 - 2020-05-17 09:37 - 000000000 ____D C:\Users\heiko\AppData\Local\DeepL_GmbH 2020-11-16 21:22 - 2020-05-17 09:37 - 000000000 ____D C:\Users\heiko\AppData\Local\DeepL 2020-11-16 21:22 - 2020-04-20 19:40 - 000000000 ____D C:\Program Files (x86)\Audacity 2020-11-16 21:21 - 2020-06-06 19:35 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Amazon Cloud Drive 2020-11-16 21:18 - 2020-10-04 19:54 - 000000000 ____D C:\ProgramData\Avira 2020-11-16 21:18 - 2020-10-04 19:54 - 000000000 ____D C:\Program Files (x86)\Avira 2020-11-16 21:15 - 2020-04-20 19:42 - 000000000 ____D C:\Program Files\VideoLAN 2020-11-15 15:49 - 2020-11-05 06:57 - 000000000 ____D C:\Temp 2020-11-15 15:49 - 2020-04-20 19:29 - 000000000 ____D C:\Users\heiko\AppData\Local\Buhl 2020-11-15 15:49 - 2020-04-20 19:29 - 000000000 ____D C:\Program Files (x86)\WISO 2020-11-15 15:49 - 2019-09-09 12:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2020-11-15 15:47 - 2020-04-20 19:13 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH 2020-11-14 16:50 - 2020-11-06 09:02 - 000002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2020-11-29 14:16 - 2020-11-29 14:16 - 000000015 _____ () C:\Users\heiko\AppData\Roaming\obs-virtualcam.txt 2020-04-20 13:26 - 2020-04-20 13:26 - 000000410 _____ () C:\Users\heiko\AppData\Local\oobelibMkey.log 2020-12-11 13:28 - 2020-12-11 13:28 - 000000256 _____ () C:\Users\heiko\AppData\Local\PUTTY.RND ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
13.12.2020, 22:19 | #2 |
| Windows 10: Freunde erhalten "verseuchte" Emails, vermute TrojanerCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 13-12-2020 durchgeführt von heiko (13-12-2020 21:49:21) Gestartet von C:\Users\heiko\OneDrive\Desktop Windows 10 Pro Version 20H2 19042.685 (X64) (2020-09-23 10:35:55) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1298520027-1106975814-2819668856-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1298520027-1106975814-2819668856-503 - Limited - Disabled) Gast (S-1-5-21-1298520027-1106975814-2819668856-501 - Limited - Disabled) heiko (S-1-5-21-1298520027-1106975814-2819668856-1001 - Administrator - Enabled) => C:\Users\heiko postgres (S-1-5-21-1298520027-1106975814-2819668856-1002 - Limited - Enabled) => C:\Users\postgres WDAGUtilityAccount (S-1-5-21-1298520027-1106975814-2819668856-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) ABBYY FineReader for ScanSnap (TM) 5.5 (HKLM-x32\...\{FB600000-0011-0000-0000-074957833700}) (Version: 15.0.2261 - ABBYY) Adobe Acrobat Reader DC MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated) Adobe Bridge 2021 (HKLM-x32\...\KBRG_11_0) (Version: 11.0 - Adobe Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.1.470 - Adobe Inc.) Adobe Photoshop Elements 2019 (HKLM-x32\...\PSE_17_0) (Version: 17.0 - Adobe Inc.) Adobe Premiere Elements 2019 (HKLM-x32\...\PRE_17_0) (Version: 17.0 - Adobe Inc.) Adobe Premiere Rush (HKLM-x32\...\RUSH_1_5_40) (Version: 1.5.40 - Adobe Inc.) AirServer Universal (x64) (HKLM\...\{BB1CAF36-ADD5-431A-8CBC-6A92A48C7247}) (Version: 5.6.3 - App Dynamic) App Protection (HKLM-x32\...\{7B987E10-B037-4E58-BBC4-218818EF9ED6}) (Version: 19.12.1000.2 - Citrix Systems, Inc.) Hidden Aurora HDR (HKLM\...\Aurora HDR) (Version: 1.0.0.2550 - Skylum) Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.36.1.29260 - Avira Operations GmbH & Co. KG) Hidden Bang & Olufsen Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.278.120 - Conexant) Blackmagic ATEM Switchers (HKLM\...\{FF354572-E7D2-43D4-9996-75707793A49B}) (Version: 8.5.0.0 - Blackmagic Design) Blackmagic Converters (HKLM\...\{DBE56171-F638-4312-A620-89610DC71379}) (Version: 7.0.8.0 - Blackmagic Design) Blackmagic RAW Common Components (HKLM\...\{28612306-CE2C-429F-8288-D707C9A84838}) (Version: 1.8.1 - Blackmagic Design) Blackmagic Web Presenter (HKLM\...\{58C3ACD9-247F-429A-8B07-0E83DBC2338A}) (Version: 1.2.0.0 - Blackmagic Design) Camtasia 9 (HKLM\...\{7F3EC4D2-1B97-4847-AD63-E64A9D9DC47E}) (Version: 9.1.5.16 - TechSmith Corporation) Hidden Camtasia 9 (HKLM-x32\...\{62c50889-29a1-4ffc-91a9-e88717e743e2}) (Version: 9.1.5.16 - TechSmith Corporation) Chocolatey GUI (HKLM-x32\...\{2DDCD9C4-5A12-4EF2-9632-C401069DA54F}) (Version: 0.17.2.0 - Chocolatey) Citrix Workspace 1912 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 19.12.1001.3 - Citrix Systems, Inc.) DaVinci Resolve (HKLM\...\{8CD009CC-08AB-4873-BA5C-DC4AEA8BACEB}) (Version: 16.2.7010 - Blackmagic Design) DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design) DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design) DFUDriverSetupX64Setup (HKLM-x32\...\{2A9E04BE-BDF4-4F19-ABBE-5B8CAD7570F4}) (Version: 6.6.1939.0 - GN Netcom A/S) Hidden Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design) Fairlight Sound Library (HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\{926e4db7-4529-4a9e-805a-7102999623cb}) (Version: 1.0.0 - Blackmagic Design) Fairlight Studio Utility (HKLM\...\{6C7FC3A1-DA64-4ACE-8F05-301CBECD5BE9}) (Version: 1.2.0.0 - Blackmagic Design) FastGlacier version 3.9.1 (HKLM\...\FastGlacier_is1) (Version: 3.9.1.0 - NetSDK Software, LLC) FreeFileSync 11.4 (HKLM-x32\...\FreeFileSync_is1) (Version: 11.4 - FreeFileSync.org) Google Chrome (HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC) Grammarly (HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\GrammarlyForWindows) (Version: 1.5.64 - Grammarly) Grammarly for Microsoft® Office Suite (HKLM\...\{573113B9-103E-4202-BFEB-AA6B1E83921C}) (Version: 6.7.222 - Grammarly) Hidden Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\{19f233f5-1634-406b-a12c-c901d2d2d6a0}) (Version: 6.7.222 - Grammarly) HP BIOS Configuration Utility (HKLM-x32\...\{16513451-28BE-4AC2-8838-D6BFD08D692E}) (Version: 4.0.25.1 - HP Inc.) HP Collaboration Keyboard (HKLM-x32\...\{3FF0ED81-EE68-4075-BB62-945D6C785CE1}) (Version: 1.0.37.1 - HP) HP Collaboration Keyboard For Cisco UCC (HKLM-x32\...\{9E7DCA29-89CB-4F9D-8216-B5569C1EABC3}) (Version: 1.0.19.1 - HP) HP Collaboration Keyboard for Skype for Business (HKLM-x32\...\{3DCC2744-79C2-472E-8C53-4DF60EA672C7}) (Version: 2.0.3.1 - HP Inc.) HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.18.0 - HP Inc.) HP Device Access Manager (HKLM\...\{CB3778DF-7A35-4D97-93D1-F42619A34A80}) (Version: 8.4.14.0 - HP Inc.) HP Dock Audio (HKLM\...\HP_DOCKING) (Version: 1.31.36.36 - Synaptics) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP Hotkey Support (HKLM-x32\...\{5CA104DB-9884-4CDB-B31B-B977EACC7B3D}) (Version: 6.2.50.1 - HP Inc.) HP MAC Address Manager (HKLM-x32\...\{21FA165F-905C-4DDA-B00A-00C3A5D17BBA}) (Version: 1.1.19.1 - HP Inc.) HP MIK Client (HKLM-x32\...\{9EBB1A27-9FEC-43B9-A284-0E46904591CA}) (Version: 4.1.1.1 - HP Inc.) HP Notifications (HKLM-x32\...\{E039DA6B-1733-44F5-8354-53B96FF369D8}) (Version: 1.1.25.1 - HP) HP PC Hardware Diagnostics Windows (HKLM-x32\...\{D82BA084-4461-4342-B98C-9FE2FC27A332}) (Version: 1.5.4.0 - HP Inc) HP SoftPaq Download Manager (HKLM-x32\...\{51388444-3369-4569-bbf3-98582f5e67a1}) (Version: 4.4.0.0 - HP) HP Sure Run (HKLM\...\{E84148C6-6E8D-40C5-832D-68EB369ACDE1}) (Version: 1.0.47.1 - HP Inc.) HP System Software Manager (HKLM-x32\...\{0654A5BE-4E69-4F93-88B2-A81B13A7960C}) (Version: 4.0.5.1 - HP) Intel(R) Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.6.10400.9366 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2036.15.0.1835 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.2.1041 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1915.1 - Intel Corporation) Intel(R) Trusted Connect Services Client (HKLM-x32\...\{69bc85f1-55f9-44f2-b5df-3840fe07854c}) (Version: 1.61.251.0 - Intel Corporation) Hidden Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation) Intel® Integrated Sensor Solution (HKLM-x32\...\{1c4f7bdc-8eac-4c3a-8cdd-5fac9b1518c3}) (Version: 3.10.100.3923 - Intel Corporation) Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C1A5573E-1508-49E1-BA6A-34E2EB15E9BF}) (Version: 17.5.2.1024 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{cf961541-ca37-4826-a285-3a9cb22cd5a2}) (Version: 21.40.2 - Intel Corporation) ISS_Drivers_x64 (HKLM\...\{9BB867B4-2C76-4273-8919-76770DD4A53D}) (Version: 3.10.100.3923 - Intel Corporation) Hidden Jabra Direct (HKLM-x32\...\{49c04bb7-05d1-4c04-b370-1edbbd64388f}) (Version: 4.14.15119 - GN Audio A/S) Jabra Direct (HKLM-x32\...\{B1C6D0D9-A9E2-488B-90E3-8A199785B80A}) (Version: 4.14.15119 - GN Audio A/S) Hidden Logitech Capture (HKLM\...\Capture) (Version: 2.04.13 - Logitech) Logitech Kameraeinstellungen (HKLM-x32\...\LogiUCDPP) (Version: 2.12.8.0 - Logitech Europe S.A.) Logitech Options (HKLM\...\LogiOptions) (Version: 8.34.82 - Logitech) Luminar 4 (HKLM\...\Luminar 4) (Version: 4.3.0.6175 - Skylum) Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.13426.20332 - Microsoft Corporation) Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13426.20332 - Microsoft Corporation) Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.13426.20332 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.69 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - ) Microsoft OneDrive (HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 12.181.137.0 - Microsoft Corporation) Mozilla Firefox 83.0 (x64 de) (HKLM\...\Mozilla Firefox 83.0 (x64 de)) (Version: 83.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 83.0 - Mozilla) NVIDIA Grafiktreiber 452.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.25 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation) NVIDIA Quadro View 200.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 200.90 - NVIDIA Corporation) NVIDIA WMI 2.35.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.35.0 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.2 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20332 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20332 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.13426.20332 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13426.20332 - Microsoft Corporation) Hidden Online Plug-in (HKLM-x32\...\{93BF46A5-56BA-4A16-9494-62C09D3DD0BA}) (Version: 19.12.1001.3 - Citrix Systems, Inc.) Hidden PDF24 Creator (HKLM\...\{D52E4188-909D-46FC-9D2B-1358E7DCE527}) (Version: 10.0.3 - geek software GmbH) PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group) PuTTY release 0.74 (64-bit) (HKLM\...\{127B996B-5308-4012-865B-9446451EA326}) (Version: 0.74.0.0 - Simon Tatham) Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.216 - Realtek Semiconductor Corp.) ScanSnap Home (HKLM-x32\...\{1806D5A5-0B2C-4E54-8219-7BD4CB9CB690}) (Version: 1.9.1.15 - PFU) Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 5.2.1.1 - ASCOMP Software GmbH) Self-Service Plug-in (HKLM-x32\...\{3087B47F-1D1E-458D-9B09-D341B60B4CB9}) (Version: 19.12.1001.2 - Citrix Systems, Inc.) Hidden Skype for Business 2016 - de-de (HKLM\...\SkypeforBusinessRetail - de-de) (Version: 16.0.13426.20332 - Microsoft Corporation) Snagit 2019 (HKLM\...\{3E240959-3E39-41FA-B7A3-377746115422}) (Version: 19.1.7 - TechSmith Corporation) Hidden Snagit 2019 (HKLM-x32\...\{c690241b-033f-4c2c-8bba-e2304302d9d7}) (Version: 19.1.7.6461 - TechSmith Corporation) spacedesk Windows DRIVER (HKLM\...\{2EFFFB55-FE4E-4400-8BD0-5E062ACB1A2F}) (Version: 0.9.1052.0 - datronicsoft Inc.) Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-24922 - Synology) Synology Drive Client (remove only) (HKLM\...\Synology Drive) (Version: 6.0.2.11076 - Synology, Inc.) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.9267 - Microsoft Corporation) TechSmith Capture (HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\RelayRecorder) (Version: 1.1.11 - TechSmith Corporation) Thunderbolt™ Software (HKLM-x32\...\{FBAB4EAA-497D-4B48-8484-D96CAE92C71A}) (Version: 17.4.78.500 - Intel Corporation) TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software) WhatsApp (HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\WhatsApp) (Version: 2.2047.12 - WhatsApp) WISO steuer:Sparbuch 2019 (HKLM-x32\...\{78DF2DB6-1EC2-4253-ABA0-BB08BDDE1B1F}) (Version: 26.09.1982 - Buhl Data Service GmbH) WISO steuer:Sparbuch 2020 (HKLM-x32\...\{D8E2C4F8-8B92-4762-8858-10086D073B16}) (Version: 27.03.1674 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2021 (HKLM-x32\...\{B75A8BF2-D44B-4EA5-94E2-6310FD7E33A5}) (Version: 28.00.1410 - Buhl Data Service GmbH) Zoom (HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.) Zoom Outlook Plugin (HKLM-x32\...\{3B55DCA6-D99C-4EA8-8C00-3851E0EB47D4}) (Version: 5.4.59217 - Zoom) Packages: ========= Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-10] (Adobe Systems Incorporated) Adobe-Fresco -> C:\Program Files\WindowsApps\Adobe.Fresco_2.1.0.352_x64__pc75e8sa7ep4e [2020-12-08] (Adobe Inc.) EasyCast - Mirror Display -> C:\Program Files\WindowsApps\53887HaoCai.EasyCast-MirrorDisplay_1.3.2.0_x64__qrw73ppzkf79y [2020-11-29] (Hao Cai) HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.8.1525.0_x64__v10z8vjag6ke6 [2020-12-04] (HP Inc.) HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.7.0_x64__v10z8vjag6ke6 [2020-10-07] (HP Inc.) HP Power Manager -> C:\Program Files\WindowsApps\AD2F1837.HPPowerManager_2.1.11.0_x64__v10z8vjag6ke6 [2020-07-07] (HP Inc.) HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.39.0_x64__v10z8vjag6ke6 [2020-09-29] (HP Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1.193.0_x64__v10z8vjag6ke6 [2020-11-04] (HP Inc.) HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.6.870.0_x64__v10z8vjag6ke6 [2020-12-06] (HP Inc.) HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.18.0_x64__v10z8vjag6ke6 [2020-09-08] (HP Inc.) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-20] (Apple Inc.) [Startup Task] LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2020-04-19] (LinkedIn) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-28] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-19] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-19] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-22] (Microsoft Studios) [MS Ad] Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.32.33291.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation) [Startup Task] Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_20.11020.5493.0_x64__8wekyb3d8bbwe [2020-12-10] (Microsoft Corporation) MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-04-22] (Microsoft Corporation) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.) Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.32861.0_x64__8wekyb3d8bbwe [2020-10-28] (Microsoft Corporation) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-11-20] (Adobe Systems Incorporated) spacedesk -> C:\Program Files\WindowsApps\datronicsoft.spacedesk_0.0.12.0_x64__aa4z72nd5cmx4 [2020-12-10] (datronicsoft) XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.6.0_x86__xpfg3f7e9an52 [2020-10-29] (New Work SE) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BAD45F}\localserver32 -> C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0 CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-8BB9F1B31711} -> [Creative Cloud Files] => C:\Users\heiko\Creative Cloud Files [2020-11-19 21:26] CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\heiko\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\heiko\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.222\107E148854\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName) CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll () [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\heiko\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.222\107E148854\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly) CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\heiko\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\heiko\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\heiko\AppData\Local\Google\Chrome\Application\87.0.4280.88\notification_helper.exe (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\heiko\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\heiko\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) CustomCLSID: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\heiko\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll (Google LLC -> Google LLC) ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-12] (TODO: <Company name>) [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-12] (TODO: <Company name>) [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-12] (TODO: <Company name>) [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-12] (TODO: <Company name>) [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-12] (TODO: <Company name>) [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-08] (Intel(R) Rapid Storage Technology -> ) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> ) ContextMenuHandlers1: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2016-02-03] (ASCOMP Software GmbH -> ) ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2019\DLLx64\SnagitShellExt64.dll [2020-07-29] (TechSmith Corporation -> TechSmith Corporation) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-08] (Intel(R) Rapid Storage Technology -> ) ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2019\DLLx64\SnagitShellExt64.dll [2020-07-29] (TechSmith Corporation -> TechSmith Corporation) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_968d2e53c8174e28\igfxDTCM.dll [2020-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-09-04] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers5: [NvQuadroView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2020-11-12] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> ) ContextMenuHandlers6: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2016-02-03] (ASCOMP Software GmbH -> ) ContextMenuHandlers1_S-1-5-21-1298520027-1106975814-2819668856-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2020-05-12] () [Datei ist nicht signiert] ContextMenuHandlers6_S-1-5-21-1298520027-1106975814-2819668856-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2020-05-12] () [Datei ist nicht signiert] ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2020-08-07 11:28 - 2020-10-19 10:32 - 000476160 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsConfig.dll 2020-08-07 11:28 - 2020-04-22 18:42 - 000188416 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\PFU\ScanSnap\Home\SSHCPfuPDFLib.dll 2020-11-13 08:23 - 2020-11-13 08:23 - 001800704 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct4\resources\app.asar.unpacked\node_modules\@gnaudio\jabra-node-sdk\build\Release\sdkintegration.node 2020-11-13 08:23 - 2020-11-13 08:23 - 001965568 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct4\resources\app.asar.unpacked\node_modules\panacastapi\build\Release\panacastapi.node 2020-11-13 08:22 - 2020-11-13 08:22 - 002608128 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct4\ffmpeg.dll 2020-11-13 08:22 - 2020-11-13 08:22 - 000356352 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct4\libegl.dll 2020-11-13 08:22 - 2020-11-13 08:22 - 008347648 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct4\libglesv2.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 000888832 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IDIGCROP.dll 2020-08-07 11:28 - 2020-10-19 10:32 - 003213312 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsExtention.dll 2020-08-07 11:28 - 2020-06-11 12:34 - 000135168 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsImgIO.dll 2020-08-07 11:28 - 2018-05-02 10:44 - 000943104 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\x86\e_sqlite3.dll 2020-04-19 01:39 - 2016-08-09 06:13 - 000183296 _____ () [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.5\bin\LIBPQ.dll 2020-04-19 01:40 - 2016-07-27 09:08 - 002264576 _____ () [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.5\bin\libxml2.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 001874432 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\cairo.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 000790528 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\fontconfig.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 001041920 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\harfbuzz-vs14.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 000060928 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\iconv.dll 2018-12-11 13:09 - 2018-12-11 13:09 - 000790016 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\libhpdf.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 000257536 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\libpng16.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 001294336 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\libxml2.dll 2017-10-18 06:43 - 2017-10-18 06:43 - 010857984 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\opencv_core300.dll 2017-10-18 06:43 - 2017-10-18 06:43 - 025250304 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\opencv_imgproc300.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 000086528 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\zlib1.dll 2020-05-12 18:33 - 2020-05-12 18:33 - 001367552 _____ () [Datei ist nicht signiert] C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll 2020-05-12 18:33 - 2020-05-12 18:33 - 000198144 _____ () [Datei ist nicht signiert] C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\WinCFWrapper.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000010240 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.P81f1fedd#\e3bbaaca56f40a97fb9e0edbf8fc032e\Microsoft.Practices.Prism.SharedInterfaces.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000084480 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Pb5eff1e2#\3f39fdc7c456589c26d5d31018292a07\Microsoft.Practices.Prism.Mvvm.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000133632 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Prism\78f2edbb9b8626ab74284474c315b7b1\Prism.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000348160 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SSHCPfuPDFLib\36596d124ff436a055a765542611bb02\SSHCPfuPDFLib.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 002145280 _____ (.NET Foundation and Contributors.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Inted443010e#\1ccc0767ac214e4e736c2f69296b97ea\System.Interactive.Async.ni.dll 2020-11-17 17:45 - 2019-10-04 14:51 - 001370112 _____ (Conexant Systems LLC.) [Datei ist nicht signiert] C:\Program Files\Conexant\SA3\HP-NB-AIO\CxHDAudioAPI.dll 2020-11-17 17:45 - 2019-12-05 11:43 - 000112128 _____ (Conexant Systems, Inc) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\CONEXANT\Flow\ReadMd.DLL 2020-04-19 01:40 - 2015-08-26 09:40 - 001687930 _____ (Free Software Foundation) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.5\bin\libiconv-2.dll 2020-04-19 01:40 - 2015-08-26 09:40 - 000685350 _____ (Free Software Foundation) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.5\bin\libintl-8.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 000088576 _____ (Free Software Foundation) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\intl.dll 2020-08-07 11:28 - 2020-04-13 23:57 - 000397824 _____ (FUJITSU LABORATORIES LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\FJ\f5awzbin.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 000925696 _____ (Fujitsu Laboratories LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\dct.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 002705408 _____ (FUJITSU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\dic\I3ipf5alocre.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 000387072 _____ (FUJITSU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\dic\I3ipf5awzbin.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 000964608 _____ (FUJITSU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\dic\I3ipf5awztbl.dll 2020-08-07 11:28 - 2020-05-26 17:11 - 002176512 _____ (FUJITSU) [Datei ist nicht signiert] C:\ProgramData\PFU\ScanSnap\Home\SSDriver\fi5110\mercury.dll 2020-08-07 11:28 - 2020-04-13 23:00 - 002867200 _____ (FUJITSU@LABORATORIES LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\FJ\f5alocre.dll 2020-11-13 08:23 - 2020-11-13 08:23 - 002081792 _____ (GN Audio A/S) [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct4\resources\app.asar.unpacked\node_modules\@gnaudio\jabra-node-sdk\build\Release\libjabra.dll 2016-01-08 11:28 - 2016-01-08 11:28 - 000356352 _____ (hxxp://hunspell.sourceforge.net/) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\libhunspell.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 001168384 _____ (hxxps://system.data.sqlite.org/) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.SQLite\beaa1f2a4f713a6afaf4e4023b3b5350\System.Data.SQLite.ni.dll 2020-08-07 11:28 - 2018-08-29 14:31 - 000352256 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\ijl15.dll 2020-07-15 19:40 - 2020-07-15 19:40 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll 2020-07-15 19:40 - 2020-07-15 19:40 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 003058688 _____ (Newtonsoft) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\938152a823b6c5bbda34770d43081c79\Newtonsoft.Json.ni.dll 2020-08-07 11:28 - 2020-09-29 10:28 - 000075776 _____ (PFU Limited) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshMonFunc.dll 2020-08-07 11:28 - 2020-10-19 10:32 - 000168960 _____ (PFU Limited) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshProfile.dll 2020-08-07 11:28 - 2018-08-29 14:31 - 000093184 _____ (PFU Limited) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\PFU\ScanSnap\Home\SupportLogConvert.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 000401920 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\A4ToA3.dll 2020-08-07 11:28 - 2019-04-25 13:22 - 001884160 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bookbound.dll 2020-08-07 11:28 - 2019-08-07 08:38 - 000012800 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\CONVOCRRESULT.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 000060416 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\i3helper.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 000054272 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\I3ipCommon.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 000039424 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\I3ipDeskewCroppingSS.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 000239104 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\I3IPDETECTORIENTATIONSS.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 008161792 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\I3ipShare.dll 2020-08-07 11:28 - 2020-05-29 13:12 - 000069632 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\IMGPROC2.dll 2020-08-07 11:28 - 2020-05-29 13:12 - 000019456 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\MonoComp.DLL 2020-08-07 11:28 - 2020-09-01 16:31 - 001537536 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\OCRWrp.dll 2020-08-07 11:28 - 2020-05-29 13:12 - 000077312 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IATRES.DLL 2020-08-07 11:28 - 2020-05-29 13:12 - 000765952 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IBSKEW.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 000780288 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2ICRPPR.dll 2020-08-07 11:28 - 2020-05-29 13:12 - 000033280 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IERSDW.dll 2020-08-07 11:28 - 2020-05-29 13:12 - 000073216 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IJDGWP.DLL 2020-08-07 11:28 - 2020-10-05 15:00 - 000242688 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2ITITLE.dll 2020-08-07 11:28 - 2020-10-05 15:00 - 000732672 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\p2iunite.dll 2020-08-07 11:28 - 2019-04-25 13:31 - 000015872 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuBookCoordinateInfo.dll 2020-08-07 11:28 - 2019-05-11 23:57 - 000649728 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuIPLib.dll 2020-08-07 11:28 - 2019-08-07 08:38 - 000897536 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuPDFLib.dll 2020-08-07 11:28 - 2020-10-19 10:32 - 003251200 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsCommon.dll 2020-08-07 11:28 - 2020-10-05 15:00 - 002165760 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsImgCtl.dll 2020-08-07 11:28 - 2020-10-19 10:32 - 003231744 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsLaunchapp.dll 2020-08-07 11:28 - 2020-10-19 10:32 - 003082240 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsMon0407.dll 2020-08-07 11:28 - 2020-09-29 11:31 - 000117248 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsNetIF.dll 2020-08-07 11:28 - 2020-06-11 12:34 - 000053248 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsOrgFolder.dll 2020-08-07 11:28 - 2020-05-29 13:12 - 003212800 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsSvc.dll 2020-08-07 11:28 - 2019-08-07 08:38 - 000171008 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuXMPLib.dll 2020-08-07 11:28 - 2020-09-29 11:31 - 003291648 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SshCtl.dll 2020-08-07 11:28 - 2020-09-29 11:31 - 002065408 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SshCtlNet.dll 2020-08-07 11:28 - 2020-09-29 11:31 - 000146944 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SshCtlWrp.dll 2020-08-07 11:28 - 2020-01-28 08:35 - 002019840 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SshSvcOCRHandle.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 001069056 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SsIjl.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 000017920 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SSSLog.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 000024064 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SSSPLog.dll 2020-08-07 11:29 - 2020-05-27 13:59 - 000059392 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Update\SsUCommon.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 002433024 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna379543f2#\8324315ad61bca2af3c0df7c4044568e\Pfu.ScanSnap.Home.Data.API.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 001777664 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna4c5c42f8#\28a64102f59f18ec3a24aab3a3a61af1\Pfu.ScanSnap.Home.Data.Access.API.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000084992 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna4c5c5acc#\c44cc59aba90eb2564b86fadff6f7909\Pfu.ScanSnap.Home.Data.Access.Cif.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000031744 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna4c5c5f4b#\8853b470511817dfeff6a7f6f1990dee\Pfu.ScanSnap.Home.Data.Access.Dif.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 002300416 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna58e7faab#\86056068d27015bcfc81dd0aab7b8b03\Pfu.ScanSnap.Register.DataCtrl.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 001541632 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna6345fb45#\6b44a76ce9f213794f6a8bfa3c6ae2d9\Pfu.ScanSnap.Home.Data.Access.Database.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 001594368 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna63fb4378#\8352ceac3b839a8040a376f756c733c0\Pfu.ScanSnap.ConfigControl.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000630272 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna6a564338#\664b13c7a7302a642d87b0f2d2657aea\Pfu.ScanSnap.Home.SshScanTo.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000356864 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna6b551ecb#\ba986ab468d12ff9508a6731f23a6663\Pfu.ScanSnap.Register.CommunicationClient.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000011776 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna7e571121#\61f91282af1ac4409fac85e34aaab7f0\Pfu.ScanSnap.Home.Data.Access.Manage.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000017408 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna84e45bec#\a043a4014f8ad2b00eceb407021963c3\Pfu.ScanSnap.Home.SsHomeException.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000369664 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna8905475d#\c32232b870f9bbf688836dceb45dd521\Pfu.ScanSnap.AssistantFramework.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000025088 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna8fc4d5b2#\fde51b408d0b93868ce1f7c4dde636bb\Pfu.ScanSnap.Home.Logging.SupportLog.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000429568 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnaa1690287#\dda443eaa4475170e1802ee1e75a991d\Pfu.ScanSnap.Home.Data.Common.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 001993728 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnaa542b72b#\ec9611ce4dee9489a31b3053931aecd5\Pfu.ScanSnap.Home.UI.Common.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000095232 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnaae4eb517#\f34478f360e43bda9e435913e0114572\Pfu.ScanSnap.ConfigControl.App.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000024576 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnab1480024#\2b18df7d7e9d95dba484b4e272bcc8e7\Pfu.ScanSnap.Register.SshRegisterException.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000090112 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnab28d1a0d#\ab7748c8b9c23677c50e0897788b442f\Pfu.ScanSnap.SshRegisterResources.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000127488 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnac44cffff#\6cb74a4252a40a5d43b0c35d6bcf1a2a\Pfu.ScanSnap.Register.Common.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000515072 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnad7e73fe6#\0224af5a319e3c129b9c7502de709cb6\Pfu.ScanSnap.Home.Data.Access.File.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 013470208 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnae91a7162#\81f08be9f41c342d8682d010144464b7\Pfu.ScanSnap.Home.UI.Sub.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000048128 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnap.Utility\91acac93740c2ece400732fc427860b5\Pfu.ScanSnap.Utility.ni.dll 2020-08-07 11:28 - 2020-10-14 10:09 - 000099328 _____ (PFU Limited.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshWCFWrap.dll 2020-08-07 11:28 - 2020-05-19 08:52 - 000077824 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\ErrorDifusion.dll 2020-08-07 11:28 - 2020-06-12 10:44 - 000136704 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\OCRFileIOModule.dll 2020-08-07 11:28 - 2020-05-29 13:12 - 000131072 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IDEPTH.DLL 2020-08-07 11:28 - 2020-05-29 13:12 - 000118784 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IGR2MO.DLL 2020-08-07 11:28 - 2020-05-29 13:12 - 000057344 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IROTAT.dll 2020-08-07 11:28 - 2020-05-29 13:12 - 000065536 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2ISCALE.DLL 2020-08-07 11:28 - 2020-06-11 12:34 - 000516179 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\pgd_file.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 000291840 _____ (Red Hat Software) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\pango-1.0.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 000578560 _____ (Red Hat Software) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\pangocairo-1.0.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 000605184 _____ (Red Hat Software) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\pangoft2-1.0.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 000064512 _____ (Red Hat Software) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\pangowin32-1.0.dll 2020-08-07 11:29 - 2017-06-10 19:54 - 001154560 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\x86\SQLite.Interop.dll 2020-11-17 17:45 - 2019-12-05 11:45 - 001460224 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\CONEXANT\Flow\x64\SQLite.Interop.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000785408 _____ (rubicon IT GmbH) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Remotion.Linq\9c2875049f1d3df9afead917b841ad6f\Remotion.Linq.ni.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000793088 _____ (The Apache Software Foundation) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\f5b7d5e092ca71fcbb3d4259f2c1ad51\log4net.ni.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 001338368 _____ (The GLib developer community) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\glib-2.0.dll 2018-08-14 12:49 - 2018-08-14 12:49 - 000284160 _____ (The GLib developer community) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\gobject-2.0.dll 2020-04-19 01:40 - 2016-05-05 07:35 - 001655808 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.5\bin\LIBEAY32.dll 2020-04-19 01:40 - 2016-05-05 07:35 - 000349696 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.5\bin\SSLEAY32.dll 2020-05-12 18:33 - 2020-05-12 18:33 - 002822144 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Users\heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll 2020-12-03 11:42 - 2020-12-03 11:42 - 000120320 _____ (Zumero, LLC) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SQLitePCLRaw.core\dba2d4710380e6c3db3acac48cf37268\SQLitePCLRaw.core.ni.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HPSureRun => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HPSureRun => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-1298520027-1106975814-2819668856-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-1298520027-1106975814-2819668856-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-26] (Microsoft Corporation -> Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2020-04-18] (HP Inc. -> HP Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-26] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2020-04-18] (HP Inc. -> HP Inc.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\sharepoint.com -> hxxps://heikoroemhildde-files.sharepoint.com ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-1298520027-1106975814-2819668856-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [TCP Query User{586A852B-5BC7-47CE-8DAE-D918C781F450}C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{FB44EB9D-BA2E-4084-9498-543F0B209AE0}C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [TCP Query User{1E251CCA-8BDD-429B-AB0C-C20016AD8990}C:\program files (x86)\pfu\scansnap\home\pfussmon.exe] => (Allow) C:\program files (x86)\pfu\scansnap\home\pfussmon.exe (PFU Limited -> PFU Limited) FirewallRules: [UDP Query User{EF722389-C494-4020-AFD6-7AD8B150BF20}C:\program files (x86)\pfu\scansnap\home\pfussmon.exe] => (Allow) C:\program files (x86)\pfu\scansnap\home\pfussmon.exe (PFU Limited -> PFU Limited) FirewallRules: [TCP Query User{3A81CD16-C6A6-482E-BE05-95E5A37A7ABD}C:\users\heiko\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\heiko\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{A9A380FE-4F38-4BB5-9600-91C67084F854}C:\users\heiko\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\heiko\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{583B6831-EC96-40AE-86D1-AA7FACBB208E}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.) FirewallRules: [{8496E16C-E076-4E7D-8F02-77E604330509}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{39076A81-8B60-4710-8AF9-EC43A5C0BCB3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{0E7189A3-7838-4500-B68D-D6920F061039}C:\users\heiko\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\heiko\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{90F55D7E-5BB0-45B1-81BD-373954FCBCA3}C:\users\heiko\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\heiko\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{98289305-602A-431C-84D7-929C5FB4F53C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{42F859C6-B64E-4891-977D-2A6CA96C8816}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2CA56A6F-7FB9-4C62-A508-B23BA73069F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9015A194-EF42-4D44-A069-6B57CC800F83}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{13CB9634-6B33-411C-8C8B-D6104ECF3DFE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9B5FAB5E-D847-4B16-9B78-B7F9930EB56C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B1976671-24DD-43C4-BE47-013637F4ADF0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{29D821D1-0DC7-45EC-BC96-690E0A36C355}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{CB97F7DD-9268-4E40-9C48-FA05F31D863B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{47D2F3B5-D327-4A6B-ABE5-7397E17EC762}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{F6342690-CA91-46AA-BF92-AE4D00A8BDF5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E4024BBA-B08B-4F9D-9CFB-4EE290353B37}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{F40FFF75-ED61-48BD-95F7-439C0C6E662D}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{417ADF80-7280-468B-A564-A23010217719}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe () [Datei ist nicht signiert] FirewallRules: [{181A7DDE-409B-484E-87C8-251A60454F44}] => (Allow) C:\Users\heiko\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{2CBDB84B-463D-4C25-A749-EAC9C328A02E}] => (Allow) C:\Users\heiko\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{31867382-39B7-4247-8362-D6B3AFE7D4E1}] => (Allow) C:\Users\heiko\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [TCP Query User{90898C5B-0F69-4536-A1BC-80B3BF63A4A0}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{62B8021C-641F-4B98-8CFB-F3CA743CE338}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe () [Datei ist nicht signiert] FirewallRules: [{E2233C8F-C33F-4CB1-AFAB-CCA2F198F961}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BAE827A8-152D-472A-A689-B9929FF78CA4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E87BFDB3-4DF9-471E-AB1E-FC19291C0D60}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D86E59C4-01CD-475F-9F28-091880BC4F7F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{000D4ED0-4FAC-4E9E-9A77-0221B384AEE5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{83B4871D-BBB0-420A-BE29-92ACE3C9D8ED}] => (Allow) C:\WINDOWS\system32\spacedeskService.exe (Datronicsoft, Inc. -> ) FirewallRules: [{8105E90D-0247-460A-9552-A4F916F2B445}] => (Allow) LPort=8299 FirewallRules: [TCP Query User{C6261F8E-B7C4-4E7D-843F-111C7E57B08B}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) FirewallRules: [UDP Query User{8CE5D5CD-82AD-4142-B756-4B6D9150871A}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) FirewallRules: [TCP Query User{A73C6E75-84A1-4D30-8768-7225A972822E}C:\users\heiko\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\heiko\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{C7103F20-C1CF-4180-86A8-2ED62789DBB5}C:\users\heiko\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\heiko\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{96DE59E4-82CD-4308-A5D8-26FFE6ABFE5C}] => (Allow) C:\Program Files\App Dynamic\AirServer\AirServer.exe (App Dynamic ehf. -> App Dynamic ehf) FirewallRules: [{988293CA-FF2F-4827-B419-A04AA2EFC9C4}] => (Allow) C:\Program Files\App Dynamic\AirServer\AirServer.exe (App Dynamic ehf. -> App Dynamic ehf) FirewallRules: [TCP Query User{D2185A18-5995-4E0A-ADBB-184FDBC5FD7B}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [UDP Query User{1F226F1B-4BDE-40E6-94C1-D24949F05DDD}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [TCP Query User{4A368942-6B15-46A0-8E2A-F1B16AD62E50}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [UDP Query User{9F1CD5B6-ABA9-466F-AEA8-46A5FC793874}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [TCP Query User{DA8DE159-279C-4433-B35A-CDE971DA114B}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [UDP Query User{76C7658A-52F6-45C6-A9F9-80E39089ADD1}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [TCP Query User{F1965233-9E95-4D36-AF3A-2A6D5C303B4A}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [UDP Query User{C358EAB0-E64E-4866-9567-D050F9B44AEC}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [TCP Query User{B1B566CA-1425-46C8-9543-1ECF99C140FD}C:\users\heiko\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\heiko\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{874C91CC-F6AC-422C-AF31-513792693083}C:\users\heiko\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\heiko\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Wiederherstellungspunkte ========================= 07-12-2020 13:22:57 Geplanter Prüfpunkt 08-12-2020 20:28:54 Installed Zoom Outlook Plugin 10-12-2020 18:03:38 Windows Modules Installer 13-12-2020 13:36:49 Windows Modules Installer ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (12/13/2020 01:59:45 PM) (Source: HotKeyServiceUWP) (EventID: 0) (User: ) Description: Event-ID 0 Error: (12/13/2020 01:59:45 PM) (Source: HotKeyServiceUWP) (EventID: 0) (User: ) Description: Event-ID 0 Error: (12/13/2020 01:59:44 PM) (Source: HotKeyServiceUWP) (EventID: 0) (User: ) Description: Event-ID 0 Error: (12/13/2020 01:38:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: LogiOptionsMgr.exe, Version: 8.34.82.0, Zeitstempel: 0x5f8ffec7 Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.662, Zeitstempel: 0x27bfa5f0 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000016ca0 ID des fehlerhaften Prozesses: 0x4058 Startzeit der fehlerhaften Anwendung: 0x01d6d14cd205ee4e Pfad der fehlerhaften Anwendung: C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll Berichtskennung: a33ac943-2049-4044-af99-5a525d1c2c87 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (12/13/2020 01:38:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: LogiOptionsMgr.exe, Version: 8.34.82.0, Zeitstempel: 0x5f8ffec7 Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.662, Zeitstempel: 0x27bfa5f0 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000016ca0 ID des fehlerhaften Prozesses: 0x3e84 Startzeit der fehlerhaften Anwendung: 0x01d6d14cd18de2b7 Pfad der fehlerhaften Anwendung: C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll Berichtskennung: a8fa3d6d-f948-4084-9227-546333a7cfd7 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (12/13/2020 01:38:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: LogiOptions.exe, Version: 8.34.82.0, Zeitstempel: 0x5f8ffd97 Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.662, Zeitstempel: 0x27bfa5f0 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000016ca0 ID des fehlerhaften Prozesses: 0x34f4 Startzeit der fehlerhaften Anwendung: 0x01d6d14cd15358ad Pfad der fehlerhaften Anwendung: C:\Program Files\Logitech\LogiOptions\LogiOptions.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll Berichtskennung: fd50fb5f-4f3d-4f40-8d59-9c74ab609598 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (12/13/2020 01:37:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Avira.VpnService.exe, Version: 2.36.1.29260, Zeitstempel: 0x5f7dcd79 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.662, Zeitstempel: 0xec58f015 Ausnahmecode: 0xe0434352 Fehleroffset: 0x000000000002d759 ID des fehlerhaften Prozesses: 0x16b8 Startzeit der fehlerhaften Anwendung: 0x01d6d14cbc9d2a35 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll Berichtskennung: d47e1b78-af6d-411a-9360-05e370db8ee2 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (12/13/2020 01:37:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: Avira.VpnService.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.ArgumentNullException bei SharpRaven.Dsn..ctor(System.String) bei Avira.VPN.Core.SentrySerilogSink..ctor(System.IFormatProvider, System.String, System.String, System.String, System.String, System.String, Boolean, System.String, System.Func`1<Boolean>) bei Avira.VPN.Core.Win.Logger.SetDefaultInstance(System.String) bei Avira.VpnService.Program.Main(System.String[]) Systemfehler: ============= Error: (12/13/2020 01:59:43 PM) (Source: DCOM) (EventID: 10010) (User: HP-Z-BOOK) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (12/13/2020 01:59:43 PM) (Source: DCOM) (EventID: 10010) (User: HP-Z-BOOK) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (12/13/2020 01:59:43 PM) (Source: DCOM) (EventID: 10010) (User: HP-Z-BOOK) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (12/13/2020 01:59:43 PM) (Source: DCOM) (EventID: 10010) (User: HP-Z-BOOK) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (12/13/2020 01:59:43 PM) (Source: DCOM) (EventID: 10010) (User: HP-Z-BOOK) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (12/13/2020 01:59:43 PM) (Source: DCOM) (EventID: 10010) (User: HP-Z-BOOK) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (12/13/2020 01:59:43 PM) (Source: DCOM) (EventID: 10010) (User: HP-Z-BOOK) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (12/13/2020 01:59:43 PM) (Source: DCOM) (EventID: 10010) (User: HP-Z-BOOK) Description: Der Server "{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Windows Defender: =================================== Date: 2020-12-13 21:01:24.0980000Z Description: C:\Program Files\TechSmith\Camtasia 9\CamtasiaStudio.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\OneDrive\Documents zu ändern. Erkennungszeit: 2020-12-13T20:01:24.098Z Benutzer: HP-Z-BOOK\heiko Pfad: %userprofile%\OneDrive\Documents Prozessname: C:\Program Files\TechSmith\Camtasia 9\CamtasiaStudio.exe Sicherheitsversion: 1.329.322.0 Modulversion: 1.1.17700.4 Produktversion: 4.18.2011.6 Date: 2020-12-13 13:36:32.1320000Z Description: Der überwachte Ordnerzugriff hat C:\Windows\System32\VSSVC.exe daran gehindert, Änderungen am Speicher durchzuführen. Erkennungszeit: 2020-12-13T12:36:32.132Z Benutzer: NT-AUTORITÄT\SYSTEM Pfad: \Device\HarddiskVolume1 Name des Prozesses: C:\Windows\System32\VSSVC.exe Sicherheitsversion: 1.329.289.0 Modulversion: 1.1.17700.4 Produktversion: 4.18.2011.6 Date: 2020-12-12 10:40:35.8250000Z Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {FFA43FFA-2886-46E7-AB19-164D557C5D01} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2020-12-11 13:27:38.9640000Z Description: Der überwachte Ordnerzugriff hat C:\Windows\System32\svchost.exe daran gehindert, Änderungen am Speicher durchzuführen. Erkennungszeit: 2020-12-11T12:27:38.963Z Benutzer: NT-AUTORITÄT\SYSTEM Pfad: \Device\HarddiskVolume1 Name des Prozesses: C:\Windows\System32\svchost.exe Sicherheitsversion: 1.329.205.0 Modulversion: 1.1.17700.4 Produktversion: 4.18.2011.6 Date: 2020-12-10 18:10:09.9400000Z Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {311779DF-3774-4FC1-94DD-498AFE8ABA00} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM CodeIntegrity: =================================== Date: 2020-12-13 21:49:58.3250000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Users\heiko\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 21:48:17.6270000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Users\heiko\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 21:47:28.0900000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Users\heiko\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 21:47:17.4640000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Users\heiko\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 21:47:16.2100000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Users\heiko\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 21:47:07.9820000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Users\heiko\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 21:46:56.7040000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Users\heiko\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 21:44:13.2660000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Users\heiko\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== BIOS: HP Q71 Ver. 01.14.01 10/26/2020 Hauptplatine: HP 8427 Prozessor: Intel(R) Core(TM) i9-9880H CPU @ 2.30GHz Prozentuale Nutzung des RAM: 32% Installierter physikalischer RAM: 32539.7 MB Verfügbarer physikalischer RAM: 21844.43 MB Summe virtueller Speicher: 37403.7 MB Verfügbarer virtueller Speicher: 24778.43 MB ==================== Laufwerke ================================ Drive c: (Windows ) (Fixed) (Total:475.88 GB) (Free:261.41 GB) NTFS \\?\Volume{fd1f845f-2f2e-4e97-bfef-f8b6366e2de3}\ () (Fixed) (Total:0.79 GB) (Free:0.08 GB) NTFS \\?\Volume{7a4b4028-501c-4061-b6eb-987eeeb959c9}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.13 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: E733655A) Partition: GPT. ==================== Ende von Addition.txt ======================= |
13.12.2020, 22:49 | #3 |
| Windows 10: Freunde erhalten "verseuchte" Emails, vermute Trojaner das sind die Logs vom zweiten Rechner
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2020 durchgeführt von Heiko (Administrator) auf HEIKO-HP (HP HP Z240 Tower Workstation) (13-12-2020 22:45:51) Gestartet von E:\Heiko2\OneDrive\Desktop Geladene Profile: Heiko Platform: Windows 10 Pro Version 20H2 19042.685 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) () [Datei ist nicht signiert] C:\Program Files\Blackmagic Design\Desktop Video\DesktopVideoHelper.exe (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Inc.) E:\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2> (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems, Incorporated -> ) E:\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (ALLEN & HEATH LIMITED -> ) E:\Program Files\Allen & Heath\ZEDi\USB Driver\W10_x64\ZEDiCPAH.exe (Amazon.com Services LLC -> Amazon.com Inc.) C:\Users\Heiko\AppData\Local\Amazon Drive\AmazonPhotos.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Bdrive Inc. -> ) C:\Program Files\NetDrive2\nd2svc.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe (Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe (Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskServiceTray.exe (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2> (GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe <4> (GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\SoftphoneIntegrations.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Corporation -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_1c041d58caa348ec\LMS.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe <2> (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe (IVT Corporation) [Datei ist nicht signiert] E:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe (IVT Corporation) [Datei ist nicht signiert] E:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe (IVT Corporation) [Datei ist nicht signiert] E:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe (Logitech Inc -> ) C:\Program Files\Logitech\Collaboration\Services\Video\RightSightAPI\crashpad_handler.exe (Logitech Inc -> Logitech Europe S.A.) C:\Program Files\Logitech\Collaboration\Services\Video\RightSightAPI\RightSightService.exe (Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe <3> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2010.0.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20112.10111.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\nview\nviewMain.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2> (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshImgMonitor.exe <3> (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshImgProc.exe <7> (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshMonWCFHost.exe (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsMon.exe (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\SshRegister.exe (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\SshTaskTray.exe (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SshCloudMonitor.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe (Samsung Electronics Co., Ltd. -> Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe (Synology Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe (Synology Inc. -> ) E:\Program Files (x86)\Synology\Assistant\UsbClientService.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe (TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\SnagitEditor.exe (TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\SnagPriv.exe (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology Corporation -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology Corporation -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology Corporation -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Wacom Technology Corporation -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (X-Rite Incorporated -> X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677480 2020-10-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobePSE17AutoAnalyzer] => E:\Program Files (x86)\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe [3058696 2018-08-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [Blackmagic CheckVersion PCI] => C:\Program Files (x86)\Blackmagic Design\Desktop Video\CheckVersionPCI.exe [238982664 2019-09-18] (Blackmagic Design Pty Ltd -> Blackmagic Design) HKLM\...\Run: [Blackmagic Desktop Video Updater] => C:\Program Files\Blackmagic Design\Desktop Video\DesktopVideoUpdater.exe [720928 2019-09-18] (Blackmagic Design Pty Ltd -> ) HKLM\...\Run: [Blackmagic Streaming Server] => C:\Program Files (x86)\Blackmagic Design\Desktop Video\BMDStreamingServer.exe [999936 2019-09-18] () [Datei ist nicht signiert] HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe [8938976 2019-11-15] (TechSmith Corporation -> TechSmith Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321976 2019-08-07] (Intel Corporation -> Intel Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [558144 2020-11-25] (geek software GmbH -> geek software GmbH) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [Datei ist nicht signiert] HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-10-11] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [ScanSnap OnlineUpdate Watcher] => C:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe [134656 2020-06-05] (PFU Limited -> PFU Limited) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [BtTray] => E:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [482816 2018-03-07] (IVT Corporation) [Datei ist nicht signiert] HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-11-13] (Adobe Inc. -> ) HKLM-x32\...\Run: [ScanSnap Home Pfussmon] => C:\Program Files (x86)\PFU\ScanSnap\Home\pfuSSMon.exe [3587568 2020-10-27] (PFU Limited -> PFU Limited) HKLM-x32\...\Run: [ScanSnap WIA Service Checker] => C:\ProgramData\PFU\ScanSnap\Home\SSDriver\fi5110\SsWiaChecker.exe [121856 2020-05-26] (PFU LIMITED) [Datei ist nicht signiert] HKLM-x32\...\Run: [SshCloudMonitor] => C:\Program Files (x86)\PFU\ScanSnap\Home\SshCloudMonitor.exe [77824 2020-09-23] (PFU Limited) [Datei ist nicht signiert] HKLM-x32\...\Run: [SshRegister] => C:\Program Files (x86)\PFU\ScanSnap\Home\SshRegister.exe [130544 2020-10-27] (PFU Limited -> PFU Limited) HKLM-x32\...\Run: [pfuSshMain] => C:\Program Files (x86)\PFU\ScanSnap\Home\pfuSshMain.exe [2323952 2020-10-27] (PFU Limited -> PFU Limited) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [798816 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [460896 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [InstallHelper] => C:\ProgramData\Citrix\Citrix Workspace 1912\InstallHelper.exe [431200 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe [106801096 2020-11-13] (GN AUDIO A/S -> GN Audio A/S) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [285544 2020-12-07] (IDSA Production signing key -> Intel) HKLM\...\Winlogon: [Userinit] C:\WINDOWS\System32\Userinit.exe,C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe, <==== ACHTUNG HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1938296 2020-11-01] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1938296 2020-11-01] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\Heiko\AppData\Local\WhatsApp\Update.exe [2206648 2019-02-03] (WhatsApp, Inc. -> ) HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\Run: [GoogleChromeAutoLaunch_7FECADEFBB871C94D0B847B513B0817A] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-11-13] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1938296 2020-11-01] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\Run: [NetDrive2] => "E:\PROGRA~2\NETDRI~1\NETDRI~2.EXE" -tray HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\Run: [Amazon Photos] => C:\Users\Heiko\AppData\Local\Amazon Drive\AmazonPhotos.exe [10028720 2020-12-04] (Amazon.com Services LLC -> Amazon.com Inc.) HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5491248 2020-12-07] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] True HKLM\...\Windows x64\Print Processors\OPHGPP3: C:\Windows\System32\spool\prtprocs\x64\OPHGPP3.dll [65536 2018-01-18] (Oki Data Corporation -> Oki Data Corporation) HKLM\...\Windows x64\Print Processors\OPLAPP3: C:\Windows\System32\spool\prtprocs\x64\OPLAPP3.dll [43008 2009-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation) HKLM\...\Print\Monitors\BlueSoleil Print Port: BsMonSvr HKLM\...\Print\Monitors\Oki Common XP64 Language Monitor: C:\WINDOWS\system32\OKLMON64.DLL [27648 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation) HKLM\...\Print\Monitors\OKI HiperC Language Monitor4 x64: C:\WINDOWS\system32\OPDMN035.DLL [168448 2018-01-18] (Oki Data Corporation -> Oki Data Corporation) HKLM\...\Print\Monitors\OKI HiperC Language Monitor8 x64: C:\WINDOWS\system32\OPDMN085.DLL [158208 2009-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> HKLM\Software\...\Authentication\Credential Providers: [{EF1BCB6C-FEA5-4a04-905F-190375E5B996}] -> C:\WINDOWS\system32\IVTCredentialProvider.dll [2018-03-07] () [Datei ist nicht signiert] Lsa: [Notification Packages] DPPassFilter scecli IVTCredentialProvider Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\i1Profiler Tray.lnk [2020-05-19] ShortcutTarget: i1Profiler Tray.lnk -> E:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe (X-Rite Incorporated -> ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\XRGamma.lnk [2020-05-19] ShortcutTarget: XRGamma.lnk -> E:\Program Files (x86)\X-Rite\i1Profiler\XRGamma.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG) [Datei ist nicht signiert] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ZEDi Control Panel Autostart.lnk [2020-11-09] ShortcutTarget: ZEDi Control Panel Autostart.lnk -> E:\Program Files\Allen & Heath\ZEDi\USB Driver\W10_x64\ZEDiCPAH.exe (ALLEN & HEATH LIMITED -> ) HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {010AFD4E-81D1-4E9B-AD01-49EC0D223E4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\WINDOWS\TEMP\sp82010.exe <==== ACHTUNG Task: {03038CBD-22F8-4C9E-9EB1-9F6353DD1712} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-12-07] (Mozilla Corporation -> Mozilla Foundation) Task: {049929AB-F287-4F07-AE5A-D7AF2253E529} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0C078C93-9B77-4009-A279-0BB6A120791E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {0C6426F4-CEAB-4EE4-BB98-9BA288940C9D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {13339B61-27F9-4B2C-9254-7A01CA80AAD8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {13C228A5-5FA4-4390-A173-BA8AE934E0FD} - System32\Tasks\{96EE9592-6BD3-4E47-A246-AFF22E13EC96} => C:\Users\Heiko\AppData\Local\Temp\is-1TVQ6.tmp\XRD Manager.exe -> /exenoupdates /exelang 1031 /noprereqs /qr AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION="INSTALL" EXECUTEACTION="INSTALL" ROOTDRIVE="H:\" TRANSFORMS=":1031" AI_PREREQFILES="C:\Users\Heiko\AppData\Local\Temp\{96EE9592-6BD3-4E47-A246-AFF22E13EC96}\drivers64.msi" AI_PREREQDIRS="C:\Users\Heiko\AppData\Local\Temp" AI_SETUPEXEPATH="C:\Users\Heiko\AppData\Local\Temp\is-1TVQ6.tmp\XRD Manager.exe" SETUPEXEDIR="C:\Users\Heiko\AppData\Local\Temp\is-1TVQ6.tmp\" TARGETDIR="H:\" APPDIR="C:\Program Files (x86)\X-Rite\Devices\" COMPANYNAME="Hewlett-Packard Company" <==== ACHTUNG Task: {15D8FFFE-5C7B-4E57-AF80-B1930F7FB912} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-13] (Google Inc -> Google Inc.) Task: {16F5199C-C1AC-4CCC-AC65-845CCE187639} - System32\Tasks\G2MUpdateTask-S-1-5-21-2845510748-558110454-3949872108-1000 => C:\Users\Heiko\AppData\Local\GoToMeeting\18962\g2mupdate.exe [31320 2020-12-03] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {17AEB962-FE01-493B-B55D-05EFBA3301B1} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation) Task: {17E75E21-DD57-42BC-AA85-165059AD13B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.) Task: {1E452412-6696-464E-AD60-40B0ECBA6372} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2267CA72-9384-4DD1-8858-81D7C532B95E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-13] (Google Inc -> Google Inc.) Task: {280FAFAC-F588-4C5B-9EC1-8F1CAB182928} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [346776 2015-08-04] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {2ADC7299-7F45-4557-A9DC-761EE8FED790} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {2B2AB45E-7D19-4C95-A3D6-024F9DCA894C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {31312624-F836-4589-ADA1-81387215DDEB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Task: {3171511F-EA9A-4652-B560-3F87FBB6B539} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) Task: {3BA3D0F1-FF75-4C17-B7AA-BC17D674BCBE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {420434FC-23AD-49B4-BEFD-04EC006540D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {42AB0098-3C4E-42DE-AAEC-13CFC52384C3} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {4B043007-3330-4560-BB2C-779057CF2BE9} - System32\Tasks\AdobeAAMUpdater-1.0-Heiko-HP-Heiko => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {54D077A4-E658-4685-8A8B-75FD20C5AAC3} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {5529630D-FF6C-43C0-B3C2-35154F4E398D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [346776 2015-08-04] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {563850AE-8DC8-4A0E-90C2-F8685979234B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5C978506-795C-4213-82AD-F4AB85346015} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe [553304 2020-10-28] (HP Inc. -> HP Inc.) Task: {5F667931-3E61-4D81-A476-86B713DD8924} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6055B555-069F-4409-B7D3-F4CA38663036} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6346DF14-26C4-472B-9511-2152D0B52AA4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {64496C4B-043C-4244-A2F8-1899FB3D885B} - System32\Tasks\X-Rite Device Services Software Updater => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [31656 2020-01-30] (X-Rite Incorporated -> X-Rite Inc.) Task: {713643D5-0898-47E7-9A20-BBED477CA923} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {71B1DFFF-7030-4F2E-9887-6348D9F9845A} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {77DC9A70-DE7A-4201-830A-0C73CC28786B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7821D292-5D5D-41DD-8016-91CBCD0E78B1} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {7E602710-E3FC-434A-A375-2E37979CBCD2} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {7F8BD47A-207B-4881-8327-BB0BA71C7C0E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7F8E8401-78BE-47BE-B1AE-2E1905A3BE39} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1537960 2020-11-04] (NVIDIA Corporation -> NVIDIA Corporation) Task: {80129451-E73E-419D-B163-B3FE0B86F741} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {86395211-C768-434E-86B3-7653ED0040C8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1532304 2020-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {87A1B9DA-EAFD-4EF5-89DF-8273DBAA158E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Task: {889458C0-1946-4867-8DD7-0F940A475228} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9019BFAC-2BFC-4CBE-9836-3353CFE52E2F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [1770136 2015-08-04] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {916A58CC-D0C6-459F-B0E4-D4F2AFD05DAA} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation) Task: {919C934C-2BA3-443A-86D5-B7C944DF461E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {9389991E-20E6-4782-91E7-4343309550A6} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [30720 2020-10-13] (Microsoft Windows -> Microsoft Corporation) Task: {97088867-00F1-442C-AF11-EB467A723F91} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {98B10D35-FC0A-463B-BC36-E45B12E65F28} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {999D2E61-2B8B-4EA3-BE4D-7872D104C95B} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-heikoroemhild@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {A125EF49-ADB8-4912-9366-DCC6B0E86CB3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [348504 2020-11-06] (HP Inc. -> HP Inc.) Task: {A12D0007-6AA7-405E-BF73-EDC0F3E74595} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {A47B2532-0A2B-4012-A9DF-BF2D7FAB5F79} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-16] (HP Inc. -> HP Inc.) Task: {A882FF9D-F9D5-46BC-97CB-EFC193F39C38} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B1444BD9-C3C2-412E-B1AC-3F4C12EC150A} - System32\Tasks\Intel\Intel® Management and Security Status => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\\IMSS\PIconStartup.exe -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\\IMSS\PrivacyIconClient.exe" 60 Task: {BDA62D4B-4132-43C6-9F7D-1A1D531CF312} - System32\Tasks\G2MUploadTask-S-1-5-21-2845510748-558110454-3949872108-1000 => C:\Users\Heiko\AppData\Local\GoToMeeting\18962\g2mupload.exe [31320 2020-12-03] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {BF690238-9485-4AD9-8387-91229DDC5099} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {C02F9F5A-5A23-4A36-B845-6C6E8FD055F2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {C306A196-0246-4B66-857C-A83B518356C7} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {C4DF3AF0-EA11-48DD-95BC-8B97ECA43144} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) Task: {C81EC382-7507-48FE-999D-3788238DCCA7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {C8248FAC-D447-4567-BBD6-B66F8EE2A372} - System32\Tasks\4Team updater => C:\Program Files\4Team Corporation\4Team-Updater\4Team-Updater.exe Task: {CAFAB0BE-6558-4D1A-9536-83EE3199D367} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe [497752 2020-04-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics) Task: {CDFC2B0B-24B7-43C1-B746-54C8C4BF640E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D0A5EC78-59F6-4E36-996C-29FA5CFBEBE0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-22] (HP Inc. -> ) Task: {D51CF55F-5473-4775-AB54-5F0768945CA7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {D795E376-49A7-4817-85F3-E5EB45687C15} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {DA3C2A7F-8324-4EA6-9508-BE7D64E5E4FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-16] (HP Inc. -> HP Inc.) Task: {DABFBE5E-0CD7-4BF1-980E-8F2A9C0B0BE7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DAEC7661-B098-48F8-BAC6-D1FEAA2F5CEF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E09A5A8D-06CA-4608-9410-CC181E45E2E0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {E0D79664-F77A-4178-AC10-ED6588F6B51A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E1651038-28EB-4A7C-941B-676B019155EF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E593F820-8220-486C-A369-BE41B5DC19BA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E7972A71-658A-4C49-9FAF-3C7B733ADEEB} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2774904 2020-11-01] (Microsoft Corporation -> Microsoft Corporation) Task: {ED311F0D-4249-49DD-9713-E56871346104} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {F391538A-E7F8-4FAF-B198-6C2731FFFC10} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2845510748-558110454-3949872108-1000.job => C:\Users\Heiko\AppData\Local\GoToMeeting\18962\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2845510748-558110454-3949872108-1000.job => C:\Users\Heiko\AppData\Local\GoToMeeting\18962\g2mupload.exe Task: C:\WINDOWS\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe Task: C:\WINDOWS\Tasks\{96EE9592-6BD3-4E47-A246-AFF22E13EC96}.job => C:\Users\Heiko\AppData\Local\Temp\is-1TVQ6.tmp\XRD Manager.exeȸ/exenoupdates /exelang 1031 /noprereqs /qr AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION=INSTALL EXECUTEACTION=INSTALL ROOTDRIVE H:\ TRANSFORMS=:1031 AI_PREREQFILES=C:\Users\Heiko\AppData\Local\Temp\{96EE9592-6BD3-4E47-A246-AFF22E13EC96}\drivers64.msi AI_PREREQDIRS=C:\Users\Heiko\AppData\Local\Temp AI_SETUPEXEPATH=C:\Users\Heiko\AppData\Local\Temp\is-1TVQ6.tmp\XRD Manager.exe SETUPEXEDIR=C:\Users\Heiko\AppData\Local\Temp\is-1TVQ6.tmp <==== ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{30feb819-c50e-4153-b29d-f1b8d11678f9}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{749578d7-2b19-4c83-8340-4a3e48d19377}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{92ee36b9-d9d0-49d0-80ce-18d45fa54e5b}: [DhcpNameServer] 192.168.178.1 Edge: ====== Edge Extension: (Kein Name) -> EdgeExtension_GrammarlyGrammarlyforMicrosoftEdge_zee0y2571dhse => C:\Program Files\WindowsApps\Grammarly.GrammarlyforMicrosoftEdge_1.120.2309.0_neutral__zee0y2571dhse [nicht gefunden] Edge DefaultProfile: Default Edge Profile: C:\Users\Heiko\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-11] Edge DownloadDir: E:\ Edge HomePage: Default -> hxxp://www.google.de/ Edge Extension: (Grammarly for Microsoft Edge) - C:\Users\Heiko\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2020-12-11] Edge Extension: (Grammarly for Chrome) - C:\Users\Heiko\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-12-11] FireFox: ======== FF DefaultProfile: 33b6yza4.default-1547670688659 FF ProfilePath: C:\Users\Heiko\AppData\Roaming\Mozilla\Firefox\Profiles\33b6yza4.default-1547670688659 [2020-12-07] FF Extension: (HTTPS Everywhere) - C:\Users\Heiko\AppData\Roaming\Mozilla\Firefox\Profiles\33b6yza4.default-1547670688659\Extensions\https-everywhere@eff.org.xpi [2020-11-18] FF Extension: (uBlock Origin) - C:\Users\Heiko\AppData\Roaming\Mozilla\Firefox\Profiles\33b6yza4.default-1547670688659\Extensions\uBlock0@raymondhill.net.xpi [2020-12-02] FF Extension: (Video DownloadHelper) - C:\Users\Heiko\AppData\Roaming\Mozilla\Firefox\Profiles\33b6yza4.default-1547670688659\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-01] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => nicht gefunden FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-10-11] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [Datei ist nicht signiert] FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-12] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-12] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-10-11] (Adobe Inc. -> Adobe Systems) FF Plugin HKU\S-1-5-21-2845510748-558110454-3949872108-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\local-settings.js [2018-07-24] Chrome: ======= CHR Profile: C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default [2020-12-13] CHR DownloadDir: E:\ CHR Notifications: Default -> hxxp://atmendes-unternehmen.de; hxxps://drive.google.com; hxxps://helpx.adobe.com; hxxps://mg.mail.yahoo.com; hxxps://www.screencast.com CHR HomePage: Default -> hxxp://www.google.de/ CHR StartupUrls: Default -> "hxxp://google.de/" CHR Extension: (Präsentationen) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] CHR Extension: (Google Drive) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghbiahbpaijignceidepookljebhfak [2020-06-18] CHR Extension: (Docs) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Google Drive) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-03] CHR Extension: (YouTube) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-13] CHR Extension: (Google+) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2017-09-13] CHR Extension: (LinkedIn Sales Navigator) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjikilggkdpjklgpnceahcioemadje [2019-02-15] CHR Extension: (Adobe Acrobat) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-10-02] CHR Extension: (Gmail offline) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2017-09-13] CHR Extension: (Tabellen) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (Google Docs Offline) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-14] CHR Extension: (Google Play Music) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2017-09-13] CHR Extension: (Dropbox) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2018-03-23] CHR Extension: (Google Maps) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-09-13] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06] CHR Extension: (Picasa) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2017-09-13] CHR Extension: (Google Mail) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-13] CHR Extension: (Chrome Media Router) - C:\Users\Heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-18] CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] CHR HKU\S-1-5-21-2845510748-558110454-3949872108-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-10-11] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 BlueSoleilCS; E:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [4034560 2018-03-07] (IVT Corporation) [Datei ist nicht signiert] S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [Datei ist nicht signiert] R3 BsHelpCS; E:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [155136 2018-03-07] (IVT Corporation) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation) R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [43616 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) R2 DpHost; C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [530136 2020-05-16] (DigitalPersona, Inc. -> Crossmatch, Inc.) R2 dvhlp; C:\Program Files\Blackmagic Design\Desktop Video\DesktopVideoHelper.exe [36352 2019-09-18] () [Datei ist nicht signiert] S2 epinjectsvc; C:\Program Files (x86)\Citrix\ICA Client\inject.exe [501456 2020-06-19] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\FileSyncHelper.exe [2188664 2020-11-01] (Microsoft Corporation -> Microsoft Corporation) S3 FLCDLOCK; C:\WINDOWS\SysWOW64\flcdlock.exe [589208 2018-02-21] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company) R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4608320 2014-11-27] (SafeNet, Inc. -> SafeNet Inc.) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321608 2018-09-25] (HP Inc. -> HP Inc.) R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2019-04-12] (HP Inc. -> HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.) S4 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.) S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2470752 2019-08-07] (Intel Corporation -> Intel Corporation) R2 LanWlanSwitchingService; C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe [668712 2020-01-17] (HP Inc. -> HP) R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [499336 2020-10-26] (Logitech Inc -> Logitech) R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4489352 2019-06-12] (Logitech Inc -> Logitech) R2 NetDrive2_Service_NetDrive2; C:\Program Files\NetDrive2\nd2svc.exe [851112 2018-02-21] (Bdrive Inc. -> ) R2 NVWMI; C:\WINDOWS\system32\nvwmi64.exe [4786928 2020-11-04] (NVIDIA Corporation -> NVIDIA Corporation) S4 OKI OPHG DCS Loader; C:\WINDOWS\system32\spool\DRIVERS\x64\3\OPHGLDCS.EXE [20480 2018-01-18] (Oki Data Corporation -> Oki Data Corporation) S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\OneDriveUpdaterService.exe [2553200 2020-11-01] (Microsoft Corporation -> Microsoft Corporation) R2 PDF24; C:\Program Files\PDF24\pdf24.exe [558144 2020-11-25] (geek software GmbH -> geek software GmbH) S4 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [Datei ist nicht signiert] S4 RealtekWlanU; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [48856 2014-10-09] (Realtek Semiconductor Corp -> Realtek) S4 RTLDHCPService; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-10-09] (Realtek Semiconductor Corp -> Realtek) S4 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-15] (Realtek Semiconductor Corp -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-01] (Microsoft Windows Publisher -> Microsoft Corporation) R2 spacedeskService; C:\WINDOWS\system32\spacedeskService.exe [1116592 2020-11-08] (Datronicsoft, Inc. -> ) R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [365080 2019-07-23] (Synology Inc. -> ) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation) R2 UsbClientService; E:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [253912 2019-10-30] (Synology Inc. -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [91048 2020-01-30] (X-Rite Incorporated -> X-Rite Inc.) ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 BlueletAudio; C:\WINDOWS\System32\drivers\blueletaudio.sys [41184 2016-09-10] (IVT CORPORATION -> IVT Corporation) R3 BlueletAudio; C:\Windows\SysWOW64\drivers\blueletaudio.sys [41184 2016-09-10] (IVT CORPORATION -> IVT Corporation) R3 BT; C:\WINDOWS\System32\drivers\btnetdrv.sys [22240 2016-09-10] (IVT CORPORATION -> IVT Corporation.) R3 BTCOM; C:\WINDOWS\system32\DRIVERS\btcomport.sys [28456 2016-09-10] (IVT CORPORATION -> IVT Corporation.) R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [53488 2017-12-22] (IVT CORPORATION -> IVT Corporation.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] R3 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [22568 2016-09-10] (IVT CORPORATION -> IVT Corporation.) R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider) S3 Ctxusbr; C:\WINDOWS\System32\drivers\ctxusbr.sys [67480 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [74768 2018-02-21] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company) R2 entryprotectdrv; C:\Program Files (x86)\Citrix\ICA Client\entryprotect.sys [57032 2020-06-19] (Citrix Systems, Inc. -> Citrix Systems, Inc.) R1 epinject6; C:\Program Files (x86)\Citrix\ICA Client\epinject.sys [150520 2020-06-19] (Citrix Systems, Inc. -> ) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [331608 2014-11-27] (SafeNet, Inc. -> SafeNet Inc.) R3 IvtAudioBusSrv; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [27256 2016-09-10] (IVT CORPORATION -> IVT Corporation.) R3 IvtComBusSrv; C:\WINDOWS\System32\Drivers\btcombus.sys [25824 2016-09-10] (IVT CORPORATION -> IVT Corporation.) R3 IvtPanBusSrv; C:\WINDOWS\System32\Drivers\btnetBus.sys [31480 2016-09-10] (IVT CORPORATION -> IVT Corporation.) S3 JabraDFU; C:\WINDOWS\System32\Drivers\JabraBcDfuX64.sys [54408 2019-11-22] (GN Netcom A/S -> QTI Ltd) S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc -> Logitech Inc.) S3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2020-04-30] (Logitech Inc -> Logitech) S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [20624 2020-04-30] (WDKTestCert sqa,131523902232810150 -> Logitech, Inc.) S3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2020-04-30] (Logitech Inc -> Logitech) R3 NAL; C:\WINDOWS\system32\Drivers\iqvw64e.sys [58520 2019-10-09] (Intel(R) INTELND1820 -> Intel Corporation) R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation) R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [82136 2016-08-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd) R0 secnvmeF; C:\WINDOWS\System32\drivers\secnvmeF.sys [30672 2016-08-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd) R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2020-08-27] (Datronicsoft, Inc. -> ) S3 Switchers; C:\WINDOWS\System32\drivers\Switchers.sys [27368 2020-09-24] (WDKTestCert build,131613220053715806 -> Blackmagic Design) S3 swtoolsdriver; C:\WINDOWS\system32\drivers\swtoolsdriver.sys [17968 2018-07-03] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2020-04-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation) R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2015-08-26] (PC Micro Systems Inc. -> Nicomsoft Ltd.) R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation) S3 ZMHFMAudioSrv; C:\WINDOWS\system32\drivers\zmhfmau.sys [152704 2017-01-09] (Microsoft Windows Hardware Compatibility Publisher -> ZOOM) S3 ZMHFSAudioSrv; C:\WINDOWS\system32\drivers\zmhfsau.sys [71264 2017-08-02] (Microsoft Windows Hardware Compatibility Publisher -> ZOOM) U3 idsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2020-12-13 22:45 - 2020-12-13 22:46 - 000000000 ____D C:\FRST 2020-12-13 12:06 - 2020-12-13 12:44 - 000000000 ___RD C:\Users\Heiko\OneDrive - SAP SE 2020-12-11 13:08 - 2020-12-11 13:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit) 2020-12-10 11:20 - 2020-12-10 11:20 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2020-12-10 11:20 - 2020-12-10 11:20 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2020-12-10 11:20 - 2020-12-10 11:20 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2020-12-07 22:34 - 2020-12-11 20:23 - 000000000 ____D C:\Users\Heiko\AppData\Local\Amazon Drive 2020-12-07 17:36 - 2020-12-07 17:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-12-07 11:34 - 2020-12-07 11:34 - 000000937 _____ C:\Users\Public\Desktop\Synology Assistant.lnk 2020-12-07 11:34 - 2020-12-07 11:34 - 000000937 _____ C:\ProgramData\Desktop\Synology Assistant.lnk 2020-12-07 11:34 - 2020-12-07 11:34 - 000000000 ____D C:\ProgramData\Synology 2020-12-03 11:25 - 2020-12-03 11:25 - 000000000 ____D C:\Benutzerdefinierte Produktionseinstellungen 9.0 2020-12-03 09:54 - 2020-12-07 08:32 - 000000652 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2845510748-558110454-3949872108-1000.job 2020-12-03 09:54 - 2020-12-07 08:32 - 000000556 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2845510748-558110454-3949872108-1000.job 2020-12-03 09:54 - 2020-12-05 02:23 - 000000000 ____D C:\Users\Heiko\AppData\Local\GoToMeeting 2020-12-03 09:54 - 2020-12-03 09:54 - 000003806 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2845510748-558110454-3949872108-1000 2020-12-03 09:54 - 2020-12-03 09:54 - 000003710 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2845510748-558110454-3949872108-1000 2020-12-03 09:54 - 2020-12-03 09:54 - 000000000 ____D C:\Users\Heiko\AppData\Local\GoTo Opener 2020-12-01 23:55 - 2020-12-11 11:27 - 000000000 ____D C:\Users\Heiko\AppData\Roaming\FreeFileSync 2020-12-01 23:55 - 2020-12-01 23:55 - 000000910 _____ C:\Users\Public\Desktop\FreeFileSync.lnk 2020-12-01 23:55 - 2020-12-01 23:55 - 000000910 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk 2020-12-01 23:55 - 2020-12-01 23:55 - 000000910 _____ C:\ProgramData\Desktop\FreeFileSync.lnk 2020-12-01 23:55 - 2020-12-01 23:55 - 000000900 _____ C:\Users\Public\Desktop\RealTimeSync.lnk 2020-12-01 23:55 - 2020-12-01 23:55 - 000000900 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk 2020-12-01 23:55 - 2020-12-01 23:55 - 000000900 _____ C:\ProgramData\Desktop\RealTimeSync.lnk 2020-12-01 21:41 - 2020-12-01 21:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2020-12-01 21:41 - 2020-12-01 21:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2020-12-01 21:41 - 2020-12-01 21:41 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2020-12-01 21:41 - 2020-12-01 21:41 - 001328392 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll 2020-12-01 21:41 - 2020-12-01 21:41 - 001263104 _____ C:\WINDOWS\system32\FaceProcessor.dll 2020-12-01 21:41 - 2020-12-01 21:41 - 000512856 _____ C:\WINDOWS\system32\FaceProcessorCore.dll 2020-12-01 21:41 - 2020-12-01 21:41 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-01 21:41 - 2020-12-01 21:41 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2020-12-01 21:41 - 2020-12-01 21:41 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2020-12-01 21:41 - 2020-12-01 21:41 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2020-12-01 21:41 - 2020-12-01 21:41 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe 2020-12-01 21:40 - 2020-12-01 21:40 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2020-12-01 21:40 - 2020-12-01 21:40 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-12-01 21:40 - 2020-12-01 21:40 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-12-01 21:40 - 2020-12-01 21:40 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-01 21:40 - 2020-12-01 21:40 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2020-12-01 21:40 - 2020-12-01 21:40 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2020-12-01 21:40 - 2020-12-01 21:40 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2020-12-01 21:40 - 2020-12-01 21:40 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2020-12-01 21:40 - 2020-12-01 21:40 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2020-12-01 21:40 - 2020-12-01 21:40 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2020-12-01 21:40 - 2020-12-01 21:40 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2020-12-01 12:38 - 2020-12-01 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jabra 2020-12-01 12:38 - 2020-12-01 12:38 - 000000000 ____D C:\Program Files (x86)\Jabra 2020-12-01 10:51 - 2020-12-01 10:51 - 000000968 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24.lnk 2020-12-01 10:51 - 2020-12-01 10:51 - 000000000 ____D C:\Program Files\PDF24 2020-11-28 11:32 - 2020-11-28 11:32 - 000000000 ____D C:\WINDOWS\SysWOW64\NV 2020-11-28 11:32 - 2020-11-28 11:32 - 000000000 ____D C:\WINDOWS\system32\NV 2020-11-27 23:42 - 2020-11-27 23:42 - 000002592 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Workspace.lnk 2020-11-23 14:52 - 2020-11-23 14:52 - 000000000 ____D C:\Users\Heiko\AppData\Local\Elgato_Systems 2020-11-23 14:51 - 2020-11-23 14:52 - 000000000 ____D C:\Users\Heiko\AppData\Roaming\Elgato 2020-11-23 14:51 - 2020-11-23 14:51 - 000001185 _____ C:\Users\Public\Desktop\4K Capture Utility.lnk 2020-11-23 14:51 - 2020-11-23 14:51 - 000001185 _____ C:\ProgramData\Desktop\4K Capture Utility.lnk 2020-11-23 14:51 - 2020-11-23 14:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato 2020-11-23 14:51 - 2020-11-23 14:51 - 000000000 ____D C:\Program Files\Elgato 2020-11-21 11:56 - 2020-11-21 11:56 - 000001936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\spacedesk SERVER.lnk 2020-11-21 11:56 - 2020-11-21 11:56 - 000000000 ____D C:\Program Files\datronicsoft 2020-11-21 11:47 - 2020-11-21 11:47 - 000000000 ____D C:\Users\Heiko\AppData\Local\spacedesk 2020-11-21 11:46 - 2020-11-21 11:46 - 000002657 _____ C:\Users\Public\Desktop\spacedesk Windows VIEWER.lnk 2020-11-21 11:46 - 2020-11-21 11:46 - 000002657 _____ C:\ProgramData\Desktop\spacedesk Windows VIEWER.lnk 2020-11-21 11:46 - 2020-11-21 11:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\spacedesk Windows VIEWER 2020-11-21 11:46 - 2020-11-21 11:46 - 000000000 ____D C:\Program Files (x86)\datronicsoft 2020-11-20 21:17 - 2020-11-20 21:19 - 000000000 ___RD C:\Users\Heiko\OneDrive - Moe, Inc 2020-11-20 17:37 - 2020-11-23 14:43 - 000000015 _____ C:\Users\Heiko\AppData\Roaming\obs-virtualcam.txt 2020-11-20 14:22 - 2020-11-20 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2020-11-20 11:53 - 2020-11-20 11:53 - 000000000 ____D C:\ProgramData\obs-studio-hook 2020-11-18 19:38 - 2020-11-18 19:38 - 000000000 ____D C:\Users\Heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2020-11-18 19:11 - 2020-11-18 19:11 - 000000000 ____D C:\Users\Heiko\AppData\Local\mbam 2020-11-18 19:11 - 2020-11-18 19:11 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-11-18 18:37 - 2020-11-18 18:37 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chocolatey GUI.lnk 2020-11-18 18:37 - 2020-11-18 18:37 - 000000000 ____D C:\Users\Heiko\AppData\Roaming\NuGet 2020-11-18 18:37 - 2020-11-18 18:37 - 000000000 ____D C:\Users\Heiko\AppData\Local\NuGet 2020-11-18 18:37 - 2020-11-18 18:37 - 000000000 ____D C:\Users\Heiko\AppData\Local\Chocolatey GUI 2020-11-18 18:37 - 2020-11-18 18:37 - 000000000 ____D C:\ProgramData\shimgen 2020-11-18 18:37 - 2020-11-18 18:37 - 000000000 ____D C:\ProgramData\Chocolatey GUI 2020-11-18 18:37 - 2020-11-18 18:37 - 000000000 ____D C:\ProgramData\chocolatey 2020-11-18 18:37 - 2020-11-18 18:37 - 000000000 ____D C:\Program Files (x86)\Chocolatey GUI 2020-11-17 16:59 - 2020-11-17 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSnap 2020-11-15 16:20 - 2020-11-15 16:20 - 000001078 _____ C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2021.lnk 2020-11-15 16:20 - 2020-11-15 16:20 - 000001078 _____ C:\ProgramData\Desktop\WISO Steuer-Sparbuch 2021.lnk 2020-11-15 16:20 - 2020-11-15 16:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2021 2020-11-13 08:18 - 2020-11-13 08:18 - 000001034 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2021.lnk 2020-11-13 08:13 - 2020-11-13 08:13 - 000001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Rush 1.5.lnk ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2020-12-13 22:45 - 2020-10-06 19:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-12-13 22:44 - 2020-04-30 14:59 - 000000000 ____D C:\Users\Heiko\AppData\Roaming\Jabra Direct 2020-12-13 22:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-13 20:46 - 2018-09-30 16:00 - 000000000 ____D C:\Users\Heiko\AppData\Roaming\WTablet 2020-12-13 12:48 - 2020-10-06 19:50 - 001933682 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-12-13 12:48 - 2019-12-07 15:51 - 000822564 _____ C:\WINDOWS\system32\perfh007.dat 2020-12-13 12:48 - 2019-12-07 15:51 - 000183896 _____ C:\WINDOWS\system32\perfc007.dat 2020-12-13 12:48 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2020-12-13 12:46 - 2017-11-20 11:05 - 000000000 ____D C:\ProgramData\NetDrive2 2020-12-13 12:44 - 2020-03-12 14:46 - 000005063 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI 2020-12-13 12:44 - 2020-03-12 14:46 - 000000100 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI 2020-12-13 12:44 - 2018-03-06 17:06 - 000001588 _____ C:\WINDOWS\SysWOW64\bscs.ini 2020-12-13 12:44 - 2017-11-16 09:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-12-13 12:43 - 2020-10-06 19:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-12-13 12:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2020-12-13 12:43 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-12-13 12:43 - 2017-09-14 12:50 - 000000000 ____D C:\ProgramData\NVIDIA 2020-12-13 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2020-12-13 12:42 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-12-13 12:06 - 2020-10-06 18:17 - 000000000 ____D C:\Users\Heiko 2020-12-13 11:12 - 2018-12-14 18:22 - 000000000 ____D C:\Users\Heiko\AppData\Roaming\obs-studio 2020-12-12 13:28 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-12 13:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-12-12 13:27 - 2020-04-08 10:02 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-12-10 21:30 - 2017-12-02 20:46 - 000000000 ____D C:\Users\Heiko\AppData\Local\Packages 2020-12-10 17:59 - 2017-10-05 19:43 - 000000000 ____D C:\Program Files\Microsoft Office 2020-12-10 11:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2020-12-10 11:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-12-10 11:24 - 2018-06-23 22:12 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-12-10 07:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-12-09 23:08 - 2019-11-24 12:28 - 000001518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2020-12-09 23:08 - 2017-08-31 21:14 - 000000000 ____D C:\Program Files (x86)\Intel 2020-12-09 23:08 - 2017-04-07 18:25 - 000000000 ____D C:\ProgramData\Package Cache 2020-12-08 08:40 - 2017-09-12 11:09 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-12-08 08:40 - 2017-09-12 11:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-12-07 22:34 - 2020-10-02 21:28 - 000001265 _____ C:\Users\Heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Photos.lnk 2020-12-07 22:34 - 2017-09-16 20:52 - 000000000 ____D C:\Users\Heiko\AppData\Roaming\Amazon Cloud Drive 2020-12-07 18:55 - 2017-09-12 11:10 - 000000000 ____D C:\Users\Heiko\AppData\LocalLow\Mozilla 2020-12-07 17:37 - 2019-07-18 11:38 - 000000000 ____D C:\ProgramData\Mozilla 2020-12-07 17:36 - 2019-01-16 21:28 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-12-07 11:34 - 2019-09-02 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology 2020-12-07 08:34 - 2020-04-30 14:59 - 000000000 ____D C:\Users\Heiko\AppData\Roaming\JabraSDK 2020-12-04 06:00 - 2018-05-20 19:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-12-03 22:59 - 2020-10-06 19:56 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-12-03 22:59 - 2020-10-06 19:56 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-12-02 21:00 - 2017-09-13 17:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-12-02 19:14 - 2019-02-24 09:35 - 000000000 ____D C:\Users\Heiko\AppData\Local\Citrix 2020-12-01 21:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2020-12-01 21:47 - 2020-10-06 19:46 - 000451824 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-12-01 21:46 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2020-12-01 21:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-12-01 21:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2020-12-01 21:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-12-01 21:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2020-12-01 21:46 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2020-12-01 21:46 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2020-12-01 20:27 - 2017-04-07 18:47 - 000000000 ____D C:\ProgramData\HP 2020-12-01 14:12 - 2020-03-12 14:47 - 000000443 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI 2020-12-01 14:07 - 2020-03-13 09:22 - 000003369 _____ C:\WINDOWS\SysWOW64\SHORTCUT.INI 2020-12-01 12:39 - 2020-06-15 07:42 - 000000000 ____D C:\Users\Heiko\AppData\Local\Jabra 2020-11-28 11:32 - 2017-12-16 09:16 - 000000000 ____D C:\Users\Heiko\AppData\Local\PlaceholderTileLogoFolder 2020-11-27 23:46 - 2019-02-24 09:35 - 000000000 ____D C:\ProgramData\Citrix 2020-11-27 23:42 - 2019-02-24 09:35 - 000000000 ____D C:\Program Files (x86)\Citrix 2020-11-25 08:39 - 2020-10-06 19:56 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-11-25 08:39 - 2020-10-06 19:56 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-11-24 15:39 - 2017-09-14 13:59 - 000000000 ____D C:\Users\Heiko\AppData\Local\CrashDumps 2020-11-24 15:39 - 2017-09-12 11:08 - 000000000 ____D C:\Users\Heiko\AppData\Local\Adobe 2020-11-23 18:25 - 2020-10-06 19:56 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2020-11-23 14:52 - 2017-10-22 09:16 - 000000000 ____D C:\Users\Heiko\AppData\LocalLow\Temp 2020-11-22 13:43 - 2020-10-06 19:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard 2020-11-20 17:26 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-11-20 08:54 - 2018-10-30 23:35 - 000000000 ____D C:\Users\Heiko\AppData\Local\SynologyDrive 2020-11-20 07:49 - 2018-05-20 20:57 - 000000000 ____D C:\Users\Heiko\AppData\Local\D3DSCache 2020-11-18 19:38 - 2017-09-26 16:12 - 000000000 ____D C:\Users\Heiko\AppData\Roaming\Zoom 2020-11-18 19:32 - 2018-01-23 22:40 - 000000000 ____D C:\Users\Heiko\AppData\Local\Okidata 2020-11-18 19:26 - 2018-02-11 17:59 - 000000000 ____D C:\Program Files\VideoLAN 2020-11-18 19:16 - 2018-01-03 17:54 - 000000000 ____D C:\Users\Heiko\AppData\Local\Synology 2020-11-18 19:16 - 2017-09-16 20:01 - 000000000 ____D C:\Program Files (x86)\Synology 2020-11-18 19:12 - 2017-10-16 17:32 - 000000000 ____D C:\Program Files\Logitech 2020-11-18 19:12 - 2017-09-21 13:18 - 000000000 ____D C:\ProgramData\LogiShrd 2020-11-18 19:12 - 2017-09-21 12:45 - 000000000 ____D C:\Users\Heiko\AppData\Roaming\Logishrd 2020-11-18 18:42 - 2017-09-14 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith 2020-11-18 18:41 - 2017-10-12 20:45 - 000000000 ____D C:\ProgramData\Nuance 2020-11-18 18:40 - 2019-10-19 20:01 - 000000000 ____D C:\Users\Heiko\AppData\Local\DeepL 2020-11-18 18:39 - 2019-10-19 20:01 - 000000000 ____D C:\Users\Heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL GmbH 2020-11-18 18:39 - 2019-10-19 20:01 - 000000000 ____D C:\Users\Heiko\AppData\Local\DeepL_GmbH 2020-11-18 18:11 - 2018-10-28 20:20 - 000000000 ____D C:\Program Files (x86)\UnityMedia 2020-11-18 17:31 - 2010-11-21 04:27 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2020-11-18 17:29 - 2018-10-28 20:20 - 000000000 ____D C:\ProgramData\F-Secure 2020-11-17 17:13 - 2018-09-17 18:34 - 000000000 ____D C:\Users\Heiko\AppData\Local\PFU 2020-11-17 03:36 - 2017-09-13 17:39 - 000000000 ____D C:\ProgramData\Blackmagic Design 2020-11-15 16:43 - 2017-08-31 21:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2020-11-15 16:20 - 2018-05-05 09:18 - 000000000 ____D C:\temp 2020-11-15 16:20 - 2017-10-10 00:05 - 000000000 ____D C:\Users\Heiko\AppData\Local\Buhl 2020-11-15 16:18 - 2017-10-09 23:56 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH 2020-11-14 15:35 - 2017-09-19 05:12 - 000000000 ____D C:\Program Files\Common Files\Adobe 2020-11-14 15:35 - 2017-09-19 05:12 - 000000000 ____D C:\Program Files\Adobe 2020-11-14 15:33 - 2017-09-08 11:56 - 000000000 ____D C:\Users\Heiko\AppData\Roaming\Adobe 2020-11-14 13:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-11-14 13:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2018-12-19 10:30 - 2018-12-19 10:30 - 000035975 _____ () C:\Users\Heiko\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR 2020-11-20 17:37 - 2020-11-23 14:43 - 000000015 _____ () C:\Users\Heiko\AppData\Roaming\obs-virtualcam.txt 2017-10-12 21:42 - 2020-01-28 18:03 - 000001675 _____ () C:\Users\Heiko\AppData\Roaming\SAS7_000.DAT 2017-09-19 10:58 - 2019-03-07 17:35 - 000001456 _____ () C:\Users\Heiko\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2017-09-21 14:03 - 2017-12-02 01:06 - 000015360 _____ () C:\Users\Heiko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-09-28 05:43 - 2018-09-28 05:43 - 000000000 _____ () C:\Users\Heiko\AppData\Local\oobelibMkey.log 2018-09-14 17:56 - 2018-09-14 18:00 - 000000600 _____ () C:\Users\Heiko\AppData\Local\PUTTY.RND 2020-06-11 12:30 - 2020-06-11 12:30 - 000001257 _____ () C:\Users\Heiko\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
13.12.2020, 22:59 | #4 |
| Windows 10: Freunde erhalten "verseuchte" Emails, vermute TrojanerCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 13-12-2020 durchgeführt von Heiko (13-12-2020 22:47:13) Gestartet von E:\Heiko2\OneDrive\Desktop Windows 10 Pro Version 20H2 19042.685 (X64) (2020-10-06 18:56:42) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2845510748-558110454-3949872108-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2845510748-558110454-3949872108-503 - Limited - Disabled) elkew (S-1-5-21-2845510748-558110454-3949872108-1012 - Limited - Disabled) Gast (S-1-5-21-2845510748-558110454-3949872108-501 - Limited - Disabled) Heiko (S-1-5-21-2845510748-558110454-3949872108-1000 - Administrator - Enabled) => C:\Users\Heiko HomeGroupUser$ (S-1-5-21-2845510748-558110454-3949872108-1003 - Limited - Enabled) postgres (S-1-5-21-2845510748-558110454-3949872108-1001 - Limited - Enabled) => C:\Users\postgres WDAGUtilityAccount (S-1-5-21-2845510748-558110454-3949872108-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: UnityMedia Sicherheitspaket by F-Secure (Enabled - Up to date) {01EEC97C-28E5-34E7-6F5F-47CED8192856} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: UnityMedia Sicherheitspaket by F-Secure (Disabled - Out of date) {31A9D001-F96D-024E-EACB-7693DE78B727} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 4K Capture Utility (HKLM\...\{17A66458-FDD6-435B-B6FF-6D7DAC00ACD5}) (Version: 1.7.2.4692 - Elgato Systems) 4K Video Downloader 4.4 (HKLM-x32\...\{AA5C80E7-8876-4026-A0D0-582D8EFBA2E1}) (Version: 4.4.7.2307 - Open Media LLC) 4K YouTube to MP3 3.3 (HKLM-x32\...\{7DD40CC0-533F-4EF3-9DDC-1B6B91C8567D}) (Version: 3.3.6.1809 - Open Media LLC) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) ABBYY FineReader for ScanSnap (TM) 5.0 (HKLM-x32\...\{FB500000-0013-0000-0000-074957833700}) (Version: 11.0.346 - ABBYY) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated) Adobe Bridge 2021 (HKLM-x32\...\KBRG_11_0) (Version: 11.0 - Adobe Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.1.470 - Adobe Inc.) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.8 - Adobe Systems Incorporated) Adobe Fuse CC (Beta) (HKLM-x32\...\{B57067F9-E97B-46EE-94F5-179373B81A6C}) (Version: 1.0 - Adobe Systems Incorporated) Adobe Photoshop Elements 2019 (HKLM-x32\...\PSE_17_0) (Version: 17.0 - Adobe Systems Incorporated) Adobe Premiere Elements 2019 (HKLM-x32\...\PRE_17_0) (Version: 17.0 - Adobe Systems Incorporated) Adobe Premiere Rush (HKLM-x32\...\RUSH_1_5_34) (Version: 1.5.34 - Adobe Inc.) Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.) Amazon Photos (HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\Amazon Photos) (Version: 7.6.2 - Amazon.com, Inc.) App Protection (HKLM-x32\...\{7B987E10-B037-4E58-BBC4-218818EF9ED6}) (Version: 19.12.1000.2 - Citrix Systems, Inc.) Hidden Apple Application Support (32-Bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.) Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team) AudioExpert 15.2 (HKLM-x32\...\{B65893CF-96D3-4085-917B-D79CBB69257A}_is1) (Version: - Ulrich Decker Software Entwicklung) Aurora HDR (HKLM\...\Aurora HDR) (Version: 1.0.0.2550 - Skylum) Avidemux VC++ 64bits (HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\{1eba6e86-8b4c-4a7c-87fb-4ef6be1982ba}) (Version: 2.7.5 - Mean) Blackmagic ATEM Switchers (HKLM\...\{FF354572-E7D2-43D4-9996-75707793A49B}) (Version: 8.5.0.0 - Blackmagic Design) Blackmagic Converters (HKLM\...\{347BBC38-0EEB-4DDE-BA5D-64BDA68E5D75}) (Version: 7.3.4.0 - Blackmagic Design) Blackmagic Desktop Video (HKLM\...\{3539326B-08F2-4462-AA6B-56C51CC16EB7}) (Version: 11.4.1.0 - Blackmagic Design) Blackmagic RAW Common Components (HKLM\...\{28612306-CE2C-429F-8288-D707C9A84838}) (Version: 1.8.1 - Blackmagic Design) Blackmagic Web Presenter (HKLM\...\{58C3ACD9-247F-429A-8B07-0E83DBC2338A}) (Version: 1.2.0.0 - Blackmagic Design) BlueSoleil A9.2.496.11 (HKLM\...\{6A1A3648-BA56-4DE3-B5A5-D0845EDA2CC3}) (Version: 9.2.496.11 - IVT Corporation) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CalDavSynchronizer (HKLM-x32\...\{82C0BFE6-E5C2-49C4-9539-C0D04763B657}) (Version: 3.6.2 - Gerhard Zehetbauer) calibre 64bit (HKLM\...\{67283D6C-1305-4045-8CF6-33097EBBD3A5}) (Version: 3.32.0 - Kovid Goyal) Camtasia 9 (HKLM\...\{AA8424C0-4638-4436-ADD6-DD03964E4443}) (Version: 9.1.2.3011 - TechSmith Corporation) Hidden Camtasia 9 (HKLM-x32\...\{8d45144f-f708-40ac-aa93-010ee73de22f}) (Version: 9.1.2.3011 - TechSmith Corporation) Chocolatey GUI (HKLM-x32\...\{2DDCD9C4-5A12-4EF2-9632-C401069DA54F}) (Version: 0.17.2.0 - Chocolatey) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Citrix Workspace 1912 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 19.12.1001.3 - Citrix Systems, Inc.) ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper) DaVinci Resolve (HKLM\...\{8CD009CC-08AB-4873-BA5C-DC4AEA8BACEB}) (Version: 16.2.7010 - Blackmagic Design) DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design) DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design) DFUDriverSetupX64Setup (HKLM-x32\...\{2A9E04BE-BDF4-4F19-ABBE-5B8CAD7570F4}) (Version: 6.6.1939.0 - GN Netcom A/S) Hidden Discover HP Touchpoint Manager (HKLM-x32\...\{F2CCC061-8454-4F98-AABB-E067E1CCDEC0}) (Version: 1.0.20.1 - HP) Dynamic Application Loader Host Interface Service (HKLM\...\{E78EE885-2CA5-487E-9CEB-B47586EED887}) (Version: 1.0.0.0 - Intel Corporation) Hidden eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.12.5.1277 - Steinberg Media Technologies GmbH) Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design) Fairlight Sound Library (HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\{04cb6a34-8956-4424-b3c2-bc589837b1a6}) (Version: 1.0.0 - Blackmagic Design) Fairlight Studio Utility (HKLM\...\{6C7FC3A1-DA64-4ACE-8F05-301CBECD5BE9}) (Version: 1.2.0.0 - Blackmagic Design) FileZilla Client 3.42.1 (HKLM-x32\...\FileZilla Client) (Version: 3.42.1 - Tim Kosse) FreeFileSync 11.3 (HKLM-x32\...\FreeFileSync_is1) (Version: 11.3 - FreeFileSync.org) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.) GoToMeeting 10.14.0.18962 (HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\GoToMeeting) (Version: 10.14.0.18962 - LogMeIn, Inc.) GPL Ghostscript (HKLM\...\GPL Ghostscript 9.50) (Version: 9.50 - Artifex Software Inc.) Grammarly (HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\GrammarlyForWindows) (Version: 1.5.58 - Grammarly) Grammarly for Microsoft® Office Suite (HKLM\...\{1251CB7B-9724-447E-8C00-CDF690911EA4}) (Version: 6.7.204 - Grammarly) Hidden Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\{8cbb7b6c-e24a-45ea-ae85-858943fc14b2}) (Version: 6.7.204 - Grammarly) H_and_F_Series_ASIO64 (HKLM\...\{E3EEB85E-158E-465A-9280-5DEE15E3559D}) (Version: 4.0.0.63 - ZOOM) H_and_F-Series_Multi_Track_ASIO64 (HKLM\...\{0751E62E-5898-4791-B97A-F91C3EF3366C}) (Version: 2.1.0.19 - ZOOM) HandBrake 1.3.2 (HKLM-x32\...\HandBrake) (Version: 1.3.2 - ) HL-L2340D series (HKLM-x32\...\{46B58839-2405-48D6-A59D-F8246158A6ED}) (Version: 1.0.1.0 - Brother Industries, Ltd.) HP BIOS Configuration Utility (HKLM-x32\...\{FADF6CC4-5AF3-4630-AEDB-41F14BC09FCF}) (Version: 4.0.15.1 - HP Inc.) HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.5.4.2912 - HP Inc.) HP Color LaserJet Pro MFP M282-M285 Hilfe (HKLM-x32\...\{28178A3D-D102-434C-AF23-1F936ABCC893}) (Version: 0.00.0005 - HP) HP ColorLaserJet MFP M282-M285 - Grundlegende Software für das Gerät (HKLM\...\{11F0F8DA-58E2-4BBB-8CB3-B42EF5DEAB21}) (Version: 44.6.2709.19315 - HP Inc.) HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.13.0 - HP Inc.) HP Device Access Manager (HKLM\...\{CB3778DF-7A35-4D97-93D1-F42619A34A80}) (Version: 8.4.14.0 - HP Inc.) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP Dropbox Plugin (HKLM-x32\...\{0A9CC01F-D879-4C38-9CAD-FE00069E52C0}) (Version: 44.5.501.81934 - HP) HP EmailSMTP Plugin (HKLM-x32\...\{C81E4240-9280-4954-BC08-F95DE943EAA0}) (Version: 44.5.0.0 - HP) HP FTP Plugin (HKLM-x32\...\{683CB3DB-AA1A-414C-82FC-EF1F2F1B49D0}) (Version: 44.5.0.0 - HP) HP Google Drive Plugin (HKLM-x32\...\{A87DA792-B9B6-4367-BC9F-71CE6BF66491}) (Version: 44.5.501.81934 - HP) HP Hotkey Support (HKLM-x32\...\{1FAC3FC3-0AD5-46BF-A010-3B096757465F}) (Version: 6.2.55.1 - HP Inc.) HP OneDrive Plugin (HKLM-x32\...\{936D840F-D274-40DD-97DC-2024E18AAA9E}) (Version: 44.5.0.0 - HP) HP PC Hardware Diagnostics Windows (HKLM-x32\...\{DF16F6E3-6550-468A-9C0C-306B4F60D501}) (Version: 1.5.8.0 - HP Inc.) HP Performance Advisor (HKLM-x32\...\{D53F8C54-587E-473A-B2C7-4E18A0DE3C15}) (Version: 2.1.4130 - HP Inc.) HP SharePoint Plugin (HKLM-x32\...\{FFB85384-C54C-45C4-9515-78F9945A7945}) (Version: 44.5.0.0 - HP) HP SoftPaq Download Manager (HKLM-x32\...\{51388444-3369-4569-bbf3-98582f5e67a1}) (Version: 4.4.0.0 - HP) HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.8.34.31 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{FC8A64EE-AE92-4705-9C3E-63A87DDFD205}) (Version: 12.18.34.21 - HP Inc.) HP System Default Settings (HKLM-x32\...\{FF94262A-A307-4D6A-AD8A-9D814A93E344}) (Version: 3.1.1 - Hewlett-Packard Company) HP System Software Manager (HKLM-x32\...\{0654A5BE-4E69-4F93-88B2-A81B13A7960C}) (Version: 3.2.7.1 - HP) HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.) I.R.I.S OCR (HKLM-x32\...\{C5E64A12-F3D8-4735-8A3B-F9B07C071AFE}) (Version: 15.2.10.1114 - HP Inc.) i1Profiler (HKLM-x32\...\i1Profiler_is1) (Version: 3.2.1.12931 - X-Rite) Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation) Imaging Edge (Remote/Viewer/Edit) (HKLM\...\{362241E2-0592-4BFD-9A56-AE9A95729EC1}) (Version: 2.0.01.09170 - Sony Imaging Products & Solutions, Inc.) iMazing HEIC Converter 1.0.10.0 (HKLM\...\{FA58AFA9-B210-409C-88F1-2A90D577C170}_is1) (Version: 1.0.10.0 - DigiDNA) Inkscape 0.92.4 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.92.4.0 - Inkscape project) Intel Driver && Support Assistant (HKLM-x32\...\{513BFF20-438E-4C8B-9C41-DE06B47D3148}) (Version: 20.11.50.9 - Intel) Hidden Intel(R) Computing Improvement Program (HKLM\...\{0798FE0D-0E50-488A-B0DC-07E65B2758AE}) (Version: 2.4.05982 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2031.15.0.1748 - Intel Corporation) Intel(R) Network Connections 24.0.0.11 (HKLM\...\PROSetDX) (Version: 24.0.0.11 - Intel) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.8.1051 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{7237f6c4-bcae-41b5-8f4b-ec446f5c115f}) (Version: 10.1.2.8 - Intel(R) Corporation) Hidden Intel® Driver & Support Assistant (HKLM-x32\...\{7972bdc2-99e9-4a54-b071-e7f08bdf056d}) (Version: 20.11.50.9 - Intel) Intel® Software Guard Extensions Platform Software (HKLM\...\{2DF17C75-9627-4213-8612-17955E92F782}) (Version: 1.6.101.32869 - Intel Corporation) iPod-Unterstützung (HKLM\...\{D9DF60DE-E46E-40DC-BAF6-546AA63013EC}) (Version: 120.7.3.55 - Apple Inc.) Jabra Direct (HKLM-x32\...\{49c04bb7-05d1-4c04-b370-1edbbd64388f}) (Version: 4.14.15119 - GN Audio A/S) Jabra Direct (HKLM-x32\...\{B1C6D0D9-A9E2-488B-90E3-8A199785B80A}) (Version: 4.14.15119 - GN Audio A/S) Hidden Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation) Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Logitech Capture (HKLM\...\Capture) (Version: 2.04.13 - Logitech) Logitech Kameraeinstellungen (HKLM-x32\...\LogiUCDPP) (Version: 2.10.4.0 - Logitech Europe S.A.) Luminar 4 (HKLM\...\Luminar 4) (Version: 4.3.0.6175 - Skylum) Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.13426.20332 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - ) Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation) Microsoft Support- und Wiederherstellungs-Assistent für Office 365 (HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\dacae1bed46e81d5) (Version: 16.0.1974.10 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\Teams) (Version: 1.3.00.9267 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation) Mozilla Firefox 83.0 (x64 de) (HKLM\...\Mozilla Firefox 83.0 (x64 de)) (Version: 83.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.7.2 - Mozilla) Mp3tag v3.03 (HKLM-x32\...\Mp3tag) (Version: 3.03 - Florian Heidenreich) Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.3.2.413 - Native Instruments) Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.1.1.66 - Native Instruments) Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.8.1.43 - Native Instruments) Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.12.1.129 - Native Instruments) Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.3.1.6 - Native Instruments) Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.11.3.17 - Native Instruments) Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version: - Native Instruments) Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.7 - Notepad++ Team) NVIDIA Grafiktreiber 452.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.39 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation) NVIDIA Quadro View 200.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 200.93 - NVIDIA Corporation) NVIDIA WMI 2.35.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.35.0 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20332 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20332 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.13426.20332 - Microsoft Corporation) Hidden OKI Color Correct Utility (HKLM-x32\...\{5D729200-F340-4A74-A1E9-32387CDC63EF}) (Version: - ) Online Plug-in (HKLM-x32\...\{93BF46A5-56BA-4A16-9494-62C09D3DD0BA}) (Version: 19.12.1001.3 - Citrix Systems, Inc.) Hidden PDF24 Creator (HKLM\...\{D52E4188-909D-46FC-9D2B-1358E7DCE527}) (Version: 10.0.3 - geek software GmbH) PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group) PuTTY release 0.74 (64-bit) (HKLM\...\{127B996B-5308-4012-865B-9446451EA326}) (Version: 0.74.0.0 - Simon Tatham) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8934.1 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0285 - REALTEK Semiconductor Corp.) Samsung Portable SSD Software (HKLM-x32\...\SamsungPortableSSD_is1) (Version: 1.6.7.50 - Samsung Electronics) ScanSnap Home (HKLM-x32\...\{1806D5A5-0B2C-4E54-8219-7BD4CB9CB690}) (Version: 1.9.1.15 - PFU) ScanSnap Manager (HKLM-x32\...\{BFA3B384-A783-49DC-BD0A-ADE2788480B5}) (Version: 6.5.40.4.6 - PFU) Hidden ScanSnap Organizer (HKLM-x32\...\{54F4F5ED-F3D0-463B-898E-8FDB79F488A2}) (Version: 5.6.20.1 - PFU LIMITED) Hidden Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 5.1.0.2 - ASCOMP Software GmbH) Self-Service Plug-in (HKLM-x32\...\{3087B47F-1D1E-458D-9B09-D341B60B4CB9}) (Version: 19.12.1001.2 - Citrix Systems, Inc.) Hidden Skype for Business 2016 - de-de (HKLM\...\SkypeforBusinessRetail - de-de) (Version: 16.0.13426.20332 - Microsoft Corporation) Snagit 2019 (HKLM\...\{19908037-743E-4FC6-915D-26A902012DEA}) (Version: 19.1.5 - TechSmith Corporation) Hidden Snagit 2019 (HKLM-x32\...\{e76e425e-6c32-495a-864f-f0205c2a4ba5}) (Version: 19.1.5.4806 - TechSmith Corporation) spacedesk Windows DRIVER (HKLM\...\{2EFFFB55-FE4E-4400-8BD0-5E062ACB1A2F}) (Version: 0.9.1052.0 - datronicsoft Inc.) spacedesk Windows VIEWER (HKLM-x32\...\{4EF6C799-7CD0-4076-9135-B1CF4968C758}) (Version: 0.9.1013.0 - datronicsoft Inc.) Steinberg Cubase LE AI Elements 8 64bit (HKLM\...\{C801D1E6-30E3-46BE-368D-0106B42CCE17}) (Version: 8.0.40 - Steinberg Media Technologies GmbH) Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH) Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH) Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH) Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.20 - Steinberg Media Technologies GmbH) Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.1 - Steinberg Media Technologies GmbH) Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.20 - Steinberg Media Technologies GmbH) Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH) Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH) Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH) Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH) Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH) Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-24922 - Synology) Synology Drive Client (remove only) (HKLM\...\Synology Drive) (Version: 6.0.0.11050 - Synology, Inc.) Synology Surveillance Station Client (HKLM\...\Synology Surveillance Station Client) (Version: 1.2.7.0775 - Synology) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer) TechSmith Capture (HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\RelayRecorder) (Version: 1.1.8 - TechSmith Corporation) Thunderbolt(TM) Software (HKLM-x32\...\{5B88BE64-93E7-4D6B-83D0-37B911166FF2}) (Version: 15.2.35.250 - Intel Corporation) TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VS2010MergeModule (HKLM-x32\...\{16B1B5E5-78F7-4F6F-BF4B-3AD51E4AEA92}) (Version: 1.00.0000 - Your Company Name) Hidden VS2013MergeModule (HKLM-x32\...\{D6B1F9B7-B880-47F0-9C83-68278998CBD5}) (Version: 1.00.0000 - Your Company Name) Hidden Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.39-1 - Wacom Technology Corp.) WaveLab LE 8 (64 bit) (HKLM\...\WaveLabLE8_64) (Version: 8.0.3.698 - Steinberg) Windows-Treiberpaket - Leaf Imaging Ltd. Image (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.) Windows-Treiberpaket - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya) WISO steuer:Sparbuch 2019 (HKLM-x32\...\{CA4B076B-028D-43CF-8AA6-76910216C10D}) (Version: 26.09.1982 - Buhl Data Service GmbH) WISO steuer:Sparbuch 2020 (HKLM-x32\...\{67FCF96C-1C29-4FDB-9392-3D825328A05B}) (Version: 27.02.1606 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2021 (HKLM-x32\...\{BDEE6F5D-066C-496C-9A8F-A0D537F33C5C}) (Version: 28.00.1410 - Buhl Data Service GmbH) x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - ) X-Rite Device Services Manager (HKLM\...\{9E7734B1-71D2-4C78-9C55-0A8E0EEDB3A5}) (Version: 3.1.110.130 - X-Rite) ZEDi USB Driver v4.67.0 (HKLM-x32\...\Software_Allen & Heath_ZEDiUSBDriver_Setup) (Version: 4.67.0 - Allen & Heath) Zoom (HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.) Packages: ========= Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-08-07] (Adobe Systems Incorporated) Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_34.4.12.3_x64__adky2gkssdxte [2020-11-13] (Adobe Systems Incorporated) Adobe-Fresco -> C:\Program Files\WindowsApps\Adobe.Fresco_2.0.1.316_x64__pc75e8sa7ep4e [2020-11-13] (Adobe Inc.) EasyCast - Mirror Display -> C:\Program Files\WindowsApps\53887HaoCai.EasyCast-MirrorDisplay_1.3.2.0_x64__qrw73ppzkf79y [2020-11-21] (Hao Cai) Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-14] (Microsoft Corporation) Free Color Picker -> C:\Program Files\WindowsApps\AnywaySoftInc.FreeColorPicker_1.2.0.0_x64__0qkrc2qacwvfm [2020-07-25] (AnywaySoft, Inc.) [MS Ad] Grammarly for Microsoft Edge -> C:\Program Files\WindowsApps\Grammarly.GrammarlyforMicrosoftEdge_1.121.2317.0_neutral__zee0y2571dhse [2020-04-17] (Grammarly) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1.193.0_x64__v10z8vjag6ke6 [2020-11-03] (HP Inc.) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-18] (Apple Inc.) [Startup Task] Maps by Google -> C:\Program Files\WindowsApps\37564Microsoftgames.146136186B19F_1.1.2.0_x64__0c8hkgztxcs6t [2018-07-14] (11K Studio) [MS Ad] Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-30] (Microsoft Corporation) Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2018-11-27] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2018-11-27] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad] Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.32.33291.0_x64__8wekyb3d8bbwe [2020-12-08] (Microsoft Corporation) [Startup Task] Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_20.11020.5493.0_x64__8wekyb3d8bbwe [2020-12-10] (Microsoft Corporation) MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-11-16] (Netflix, Inc.) OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.11.0_x64__8wekyb3d8bbwe [2020-07-24] (Microsoft Corporation) Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.32861.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Corporation) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-13] (Adobe Systems Incorporated) WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2049.8.0_x64__cv1g1gvanyjgm [2020-12-11] (WhatsApp Inc.) XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.6.0_x86__xpfg3f7e9an52 [2020-11-01] (New Work SE) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0 CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{04271989-4A69-4957-5501-40876BA827E2} -> [OneDrive - SAP SE] => C:\Users\Heiko\OneDrive - SAP SE [2020-12-13 12:06] CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{04271989-C4D2-4149-1D27-E5365E36A3F5} -> [OneDrive - Moe, Inc] => E:\Heiko2\OneDrive - Moe. Inc\OneDrive - Moe, Inc [2020-11-20 21:21] CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-15246EF26B9C} -> [Creative Cloud Files] => E:\Heiko2\Adobe\Creative Cloud Files [2020-03-28 12:07] CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Heiko\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20077.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel) CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\Heiko\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.204\0BAF02BD17\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName) CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll () [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\Heiko\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.204\0BAF02BD17\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly) CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Heiko\AppData\Local\GoToMeeting\18962\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.) CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert] CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Heiko\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20077.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2845510748-558110454-3949872108-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-13] (TODO: <Company name>) [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-13] (TODO: <Company name>) [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-13] (TODO: <Company name>) [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-13] (TODO: <Company name>) [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-13] (TODO: <Company name>) [Datei ist nicht signiert] ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-13] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-13] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-13] (Adobe Inc. -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-13] (Adobe Inc. -> ) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => E:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-06-05] (Notepad++ -> ) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => E:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers1: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => E:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2016-02-03] (ASCOMP Software GmbH -> ) ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2019\DLLx64\SnagitShellExt64.dll [2019-11-15] (TechSmith Corporation -> TechSmith Corporation) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => E:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => E:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [Datei ist nicht signiert] ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2019\DLLx64\SnagitShellExt64.dll [2019-11-15] (TechSmith Corporation -> TechSmith Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-01] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-09-23] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers5: [NvQuadroView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2020-11-04] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-11-13] (Adobe Inc. -> ) ContextMenuHandlers6: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => E:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2016-02-03] (ASCOMP Software GmbH -> ) ContextMenuHandlers1_S-1-5-21-2845510748-558110454-3949872108-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2020-05-13] () [Datei ist nicht signiert] ContextMenuHandlers6_S-1-5-21-2845510748-558110454-3949872108-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2020-05-13] () [Datei ist nicht signiert] ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.hdyc] => C:\Program Files\Blackmagic Design\Desktop Video\BMDCodecLib64.dll [736256 2019-09-18] (Blackmagic Design) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.v210] => C:\Program Files\Blackmagic Design\Desktop Video\BMDCodecLib64.dll [736256 2019-09-18] (Blackmagic Design) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.r210] => C:\Program Files\Blackmagic Design\Desktop Video\BMDCodecLib64.dll [736256 2019-09-18] (Blackmagic Design) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mjpg] => C:\Program Files\Blackmagic Design\Desktop Video\BMDCodecMJPG64.dll [642048 2019-09-18] (Blackmagic Design) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.hdyc] => C:\Program Files (x86)\Blackmagic Design\Desktop Video\BMDCodecLib.dll [599552 2019-09-18] (Blackmagic Design) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.v210] => C:\Program Files (x86)\Blackmagic Design\Desktop Video\BMDCodecLib.dll [599552 2019-09-18] (Blackmagic Design) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.r210] => C:\Program Files (x86)\Blackmagic Design\Desktop Video\BMDCodecLib.dll [599552 2019-09-18] (Blackmagic Design) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mjpg] => C:\Program Files (x86)\Blackmagic Design\Desktop Video\BMDCodecMJPG.dll [503808 2019-09-18] (Blackmagic Design) [Datei ist nicht signiert] ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2020-12-07 11:31 - 2020-12-07 11:31 - 000126464 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Intel\Driver and Support Assistant\DSASsdInterop.dll 2020-08-08 12:18 - 2020-10-19 10:32 - 000476160 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsConfig.dll 2020-08-08 12:18 - 2020-04-22 18:42 - 000188416 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\PFU\ScanSnap\Home\SSHCPfuPDFLib.dll 2020-11-13 08:23 - 2020-11-13 08:23 - 001800704 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct4\resources\app.asar.unpacked\node_modules\@gnaudio\jabra-node-sdk\build\Release\sdkintegration.node 2020-11-13 08:23 - 2020-11-13 08:23 - 001965568 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct4\resources\app.asar.unpacked\node_modules\panacastapi\build\Release\panacastapi.node 2020-11-13 08:22 - 2020-11-13 08:22 - 002608128 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct4\ffmpeg.dll 2020-11-13 08:22 - 2020-11-13 08:22 - 000356352 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct4\libegl.dll 2020-11-13 08:22 - 2020-11-13 08:22 - 008347648 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Jabra\Direct4\libglesv2.dll 2020-08-08 12:19 - 2011-03-03 16:11 - 000054784 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDIPER.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 000888832 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IDIGCROP.dll 2020-08-08 12:18 - 2020-10-19 10:32 - 003213312 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsExtention.dll 2020-08-08 12:18 - 2020-06-11 12:34 - 000135168 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsImgIO.dll 2020-08-08 12:18 - 2018-05-02 10:44 - 000943104 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\x86\e_sqlite3.dll 2020-01-30 15:17 - 2020-01-30 15:17 - 001664512 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll 2018-02-21 07:20 - 2018-02-21 07:20 - 000120320 _____ () [Datei ist nicht signiert] C:\Program Files\NetDrive2\jansson.dll 2018-02-21 07:20 - 2018-02-21 07:20 - 000207360 _____ () [Datei ist nicht signiert] C:\Program Files\NetDrive2\libevent.dll 2018-02-21 07:20 - 2018-02-21 07:20 - 001103360 _____ () [Datei ist nicht signiert] C:\Program Files\NetDrive2\libxml2.dll 2018-02-21 07:20 - 2018-02-21 07:20 - 000068096 _____ () [Datei ist nicht signiert] C:\Program Files\NetDrive2\zlib.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 001874432 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\cairo.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 000790528 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\fontconfig.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 001041920 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\harfbuzz-vs14.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 000060928 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\iconv.dll 2018-12-11 14:09 - 2018-12-11 14:09 - 000790016 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\libhpdf.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 000257536 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\libpng16.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 001294336 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\libxml2.dll 2017-10-18 07:43 - 2017-10-18 07:43 - 010857984 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\opencv_core300.dll 2017-10-18 07:43 - 2017-10-18 07:43 - 025250304 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\opencv_imgproc300.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 000086528 _____ () [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\zlib1.dll 2020-12-04 23:13 - 2020-12-04 23:13 - 000799744 _____ () [Datei ist nicht signiert] C:\Users\Heiko\AppData\Local\Amazon Drive\sqlite3.dll 2020-05-13 06:18 - 2020-05-13 06:18 - 001367552 _____ () [Datei ist nicht signiert] C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll 2020-05-13 06:18 - 2020-05-13 06:18 - 000198144 _____ () [Datei ist nicht signiert] C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\WinCFWrapper.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000010240 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.P81f1fedd#\e3bbaaca56f40a97fb9e0edbf8fc032e\Microsoft.Practices.Prism.SharedInterfaces.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000084480 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Pb5eff1e2#\3f39fdc7c456589c26d5d31018292a07\Microsoft.Practices.Prism.Mvvm.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000133632 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Prism\78f2edbb9b8626ab74284474c315b7b1\Prism.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000348160 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SSHCPfuPDFLib\36596d124ff436a055a765542611bb02\SSHCPfuPDFLib.ni.dll 2018-03-07 11:27 - 2018-03-07 11:27 - 000070144 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\BlueSoleilCSps.dll 2018-03-07 11:27 - 2018-03-07 11:27 - 000010240 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\BsHelpCSps.dll 2018-03-07 11:28 - 2018-03-07 11:28 - 000147456 _____ () [Datei ist nicht signiert] C:\WINDOWS\SYSTEM32\BsProfilefunc.dll 2018-03-07 11:27 - 2018-03-07 11:27 - 000022016 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BsTrace.dll 2018-03-07 11:30 - 2018-03-07 11:30 - 000287232 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\IVTCredentialProvider.DLL 2018-03-07 11:25 - 2018-03-07 11:25 - 000352768 _____ () [Datei ist nicht signiert] E:\Program Files (x86)\IVT Corporation\BlueSoleil\setup.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 002145280 _____ (.NET Foundation and Contributors.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Inted443010e#\1ccc0767ac214e4e736c2f69296b97ea\System.Interactive.Async.ni.dll 2019-09-18 09:15 - 2019-09-18 09:15 - 004997632 _____ (Blackmagic Design) [Datei ist nicht signiert] C:\Program Files\Blackmagic Design\Desktop Video\DeckLinkAPI64.dll 2020-05-16 07:23 - 2020-05-16 07:23 - 000382464 _____ (Crossmatch, Inc.) [Datei ist nicht signiert] C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCPFelica.dll 2020-05-16 07:23 - 2020-05-16 07:23 - 000338432 _____ (Crossmatch, Inc.) [Datei ist nicht signiert] C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice2.dll 2020-05-16 07:23 - 2020-05-16 07:23 - 000456192 _____ (Crossmatch, Inc.) [Datei ist nicht signiert] C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice5.dll 2018-02-21 07:20 - 2018-02-21 07:20 - 000984576 _____ (Free Software Foundation) [Datei ist nicht signiert] C:\Program Files\NetDrive2\iconv.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 000088576 _____ (Free Software Foundation) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\intl.dll 2020-08-08 12:18 - 2020-04-13 23:56 - 000655872 _____ (FUJITSU LABORATORIES LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\FJ\f5alocrl.dll 2020-08-08 12:18 - 2020-04-13 23:57 - 000397824 _____ (FUJITSU LABORATORIES LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\FJ\f5awzbin.dll 2020-08-08 12:18 - 2020-04-13 23:59 - 001015296 _____ (FUJITSU LABORATORIES LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\FJ\f5awztbl.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 000925696 _____ (Fujitsu Laboratories LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\dct.dll 2020-08-08 12:18 - 2020-04-13 23:55 - 000351744 _____ (Fujitsu Laboratories Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\FJ\ExtOcrFJOCR.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 002705408 _____ (FUJITSU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\dic\I3ipf5alocre.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 000387072 _____ (FUJITSU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\dic\I3ipf5awzbin.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 000964608 _____ (FUJITSU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\dic\I3ipf5awztbl.dll 2020-08-08 12:18 - 2020-05-26 17:11 - 002176512 _____ (FUJITSU) [Datei ist nicht signiert] C:\ProgramData\PFU\ScanSnap\Home\SSDriver\fi5110\mercury.dll 2020-08-08 12:18 - 2020-04-13 23:00 - 002867200 _____ (FUJITSU@LABORATORIES LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\FJ\f5alocre.dll 2020-11-13 08:23 - 2020-11-13 08:23 - 002081792 _____ (GN Audio A/S) [Datei ist nicht signiert] \\?\C:\Program Files (x86)\Jabra\Direct4\resources\app.asar.unpacked\node_modules\@gnaudio\jabra-node-sdk\build\Release\libjabra.dll 2020-03-06 12:45 - 2020-03-06 12:45 - 000097792 _____ (GN Netcom A/S) [Datei ist nicht signiert] [Datei wird verwendet] C:\PROGRAM FILES (X86)\JABRA\DIRECT4\AVAYAONEXV3INTEGRATION\GNDeviceInterface.dll 2016-01-08 12:28 - 2016-01-08 12:28 - 000356352 _____ (hxxp://hunspell.sourceforge.net/) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\libhunspell.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 001168384 _____ (hxxps://system.data.sqlite.org/) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.SQLite\beaa1f2a4f713a6afaf4e4023b3b5350\System.Data.SQLite.ni.dll 2019-12-10 20:33 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [Datei ist nicht signiert] E:\Program Files\7-Zip\7-zip.dll 2020-08-08 12:18 - 2018-08-29 14:31 - 000352256 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\ijl15.dll 2020-08-03 15:02 - 2020-08-03 15:02 - 000016896 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\esrv_lib_security.dll 2019-05-14 11:30 - 2019-05-14 11:30 - 000373248 _____ (Intel(R) Corporation) [Datei ist nicht signiert] C:\WINDOWS\system32\NCS2Setp.dll 2018-03-07 11:23 - 2018-03-07 11:23 - 000151040 _____ (IVT Corporation) [Datei ist nicht signiert] C:\WINDOWS\system32\Bs2Res.dll 2018-03-07 11:29 - 2018-03-07 11:29 - 003393024 _____ (IVT Corporation) [Datei ist nicht signiert] C:\WINDOWS\SYSTEM32\Bscdlg.dll 2018-03-07 11:28 - 2018-03-07 11:28 - 000219136 _____ (IVT Corporation) [Datei ist nicht signiert] C:\WINDOWS\system32\BsCommon.dll 2017-09-11 15:30 - 2017-09-11 15:30 - 020913664 _____ (IVT Corporation) [Datei ist nicht signiert] C:\WINDOWS\system32\BsLangInDepRes.dll 2018-03-07 11:28 - 2018-03-07 11:28 - 000544256 _____ (IVT Corporation) [Datei ist nicht signiert] C:\WINDOWS\system32\BsSDK.dll 2018-03-07 11:30 - 2018-03-07 11:30 - 000749568 _____ (IVT Corporation) [Datei ist nicht signiert] C:\WINDOWS\system32\BsShell.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 003058688 _____ (Newtonsoft) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\938152a823b6c5bbda34770d43081c79\Newtonsoft.Json.ni.dll 2020-12-03 08:21 - 2020-12-03 08:21 - 002306560 _____ (Newtonsoft) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\ebbe56c810e33ddc68d58c6eda34257e\Newtonsoft.Json.ni.dll 2020-08-08 12:18 - 2020-09-29 10:28 - 000075776 _____ (PFU Limited) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshMonFunc.dll 2020-08-08 12:18 - 2020-10-19 10:32 - 000168960 _____ (PFU Limited) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshProfile.dll 2020-08-08 12:18 - 2018-08-29 14:31 - 000093184 _____ (PFU Limited) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\PFU\ScanSnap\Home\SupportLogConvert.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 000401920 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\A4ToA3.dll 2020-08-08 12:19 - 2018-05-30 18:27 - 000188928 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\f5bdabyw.dll 2020-08-08 12:19 - 2018-05-17 15:19 - 000075264 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDBCRD.dll 2020-08-08 12:18 - 2018-05-30 23:53 - 000295936 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDCCOR.dll 2020-08-08 12:19 - 2016-11-07 14:20 - 000071168 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDCOM.dll 2020-08-08 12:18 - 2020-01-22 15:29 - 000455168 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDCREC.dll 2020-08-08 12:19 - 2016-11-18 20:02 - 000116224 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5bdiacp.dll 2020-08-08 12:19 - 2018-05-30 18:26 - 000389120 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDIADR.dll 2020-08-08 12:19 - 2018-05-30 18:26 - 000337920 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDINAM.dll 2020-08-08 12:18 - 2018-05-30 23:53 - 000309248 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDKCOR.dll 2020-08-08 12:18 - 2018-05-30 23:53 - 000330240 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDKEAD.dll 2020-08-08 12:18 - 2020-01-22 05:29 - 000428544 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDKECD.dll 2020-08-08 12:18 - 2020-01-22 05:29 - 000319488 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDKENA.dll 2020-08-08 12:18 - 2018-05-30 23:53 - 000286720 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\f5bdkeys.dll 2020-08-08 12:19 - 2018-05-30 18:26 - 000312832 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDKG2B.DLL 2020-08-08 12:19 - 2018-05-30 18:26 - 000285696 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\f5bdkNIN.dll 2020-08-08 12:19 - 2020-01-22 15:29 - 000772608 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDKNIO.DLL 2020-08-08 12:19 - 2018-05-30 18:26 - 000292864 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\f5bdkudr.dll 2020-08-08 12:18 - 2018-05-30 23:53 - 000298496 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDKUM2.dll 2020-08-08 12:19 - 2018-05-17 15:17 - 000145920 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\f5bdutly.dll 2020-08-08 12:18 - 2018-05-31 14:59 - 000458240 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\SLIB.dll 2020-08-08 12:18 - 2019-04-25 13:22 - 001884160 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bookbound.dll 2020-08-08 12:18 - 2019-08-07 08:38 - 000012800 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\CONVOCRRESULT.dll 2020-08-08 12:18 - 2019-12-24 09:46 - 000332288 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\FJ\pthread.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 000060416 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\i3helper.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 000054272 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\I3ipCommon.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 000039424 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\I3ipDeskewCroppingSS.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 000239104 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\I3IPDETECTORIENTATIONSS.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 008161792 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\I3ipShare.dll 2020-08-08 12:18 - 2020-05-29 13:12 - 000069632 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\IMGPROC2.dll 2020-08-08 12:18 - 2020-05-29 13:12 - 000019456 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\MonoComp.DLL 2020-08-08 12:18 - 2020-09-01 16:31 - 001537536 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\OCRWrp.dll 2020-08-08 12:18 - 2020-05-29 13:12 - 000077312 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IATRES.DLL 2020-08-08 12:18 - 2020-05-29 13:12 - 000765952 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IBSKEW.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 000780288 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2ICRPPR.dll 2020-08-08 12:18 - 2020-05-29 13:12 - 000033280 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IERSDW.dll 2020-08-08 12:18 - 2020-05-29 13:12 - 000073216 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IJDGWP.DLL 2020-08-08 12:18 - 2020-10-05 15:00 - 000242688 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2ITITLE.dll 2020-08-08 12:18 - 2020-10-05 15:00 - 000732672 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\p2iunite.dll 2020-08-08 12:18 - 2019-04-25 13:31 - 000015872 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuBookCoordinateInfo.dll 2020-08-08 12:18 - 2020-01-22 05:29 - 002022912 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\pfuCardRecog.dll 2020-08-08 12:18 - 2019-05-11 23:57 - 000649728 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuIPLib.dll 2020-08-08 12:18 - 2019-08-07 08:38 - 000897536 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuPDFLib.dll 2020-08-08 12:18 - 2020-10-19 10:32 - 003251200 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsCommon.dll 2020-08-08 12:18 - 2020-10-05 15:00 - 002165760 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsImgCtl.dll 2020-08-08 12:18 - 2020-10-19 10:32 - 003231744 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsLaunchapp.dll 2020-08-08 12:18 - 2020-10-19 10:32 - 003082240 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsMon0407.dll 2020-08-08 12:18 - 2020-09-29 11:31 - 000117248 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsNetIF.dll 2020-08-08 12:18 - 2020-06-11 12:34 - 000053248 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsOrgFolder.dll 2020-08-08 12:18 - 2020-05-29 13:12 - 003212800 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsSvc.dll 2020-08-08 12:18 - 2019-08-07 08:38 - 000171008 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuXMPLib.dll 2020-08-08 12:18 - 2020-09-29 11:31 - 003291648 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SshCtl.dll 2020-08-08 12:18 - 2020-09-29 11:31 - 002065408 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SshCtlNet.dll 2020-08-08 12:18 - 2020-09-29 11:31 - 000146944 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SshCtlWrp.dll 2020-08-08 12:18 - 2020-01-28 08:35 - 002019840 _____ (PFU LIMITED) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SshSvcOCRHandle.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 001069056 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SsIjl.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 000017920 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SSSLog.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 000024064 _____ (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SSSPLog.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 002433024 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna379543f2#\8324315ad61bca2af3c0df7c4044568e\Pfu.ScanSnap.Home.Data.API.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 001777664 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna4c5c42f8#\28a64102f59f18ec3a24aab3a3a61af1\Pfu.ScanSnap.Home.Data.Access.API.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000084992 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna4c5c5acc#\c44cc59aba90eb2564b86fadff6f7909\Pfu.ScanSnap.Home.Data.Access.Cif.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000031744 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna4c5c5f4b#\8853b470511817dfeff6a7f6f1990dee\Pfu.ScanSnap.Home.Data.Access.Dif.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 002300416 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna58e7faab#\86056068d27015bcfc81dd0aab7b8b03\Pfu.ScanSnap.Register.DataCtrl.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 001541632 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna6345fb45#\6b44a76ce9f213794f6a8bfa3c6ae2d9\Pfu.ScanSnap.Home.Data.Access.Database.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 001594368 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna63fb4378#\8352ceac3b839a8040a376f756c733c0\Pfu.ScanSnap.ConfigControl.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000630272 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna6a564338#\664b13c7a7302a642d87b0f2d2657aea\Pfu.ScanSnap.Home.SshScanTo.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000356864 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna6b551ecb#\ba986ab468d12ff9508a6731f23a6663\Pfu.ScanSnap.Register.CommunicationClient.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000011776 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna7e571121#\61f91282af1ac4409fac85e34aaab7f0\Pfu.ScanSnap.Home.Data.Access.Manage.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000017408 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna84e45bec#\a043a4014f8ad2b00eceb407021963c3\Pfu.ScanSnap.Home.SsHomeException.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000369664 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna8905475d#\c32232b870f9bbf688836dceb45dd521\Pfu.ScanSnap.AssistantFramework.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000025088 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSna8fc4d5b2#\fde51b408d0b93868ce1f7c4dde636bb\Pfu.ScanSnap.Home.Logging.SupportLog.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000429568 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnaa1690287#\dda443eaa4475170e1802ee1e75a991d\Pfu.ScanSnap.Home.Data.Common.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 001993728 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnaa542b72b#\ec9611ce4dee9489a31b3053931aecd5\Pfu.ScanSnap.Home.UI.Common.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000095232 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnaae4eb517#\f34478f360e43bda9e435913e0114572\Pfu.ScanSnap.ConfigControl.App.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000024576 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnab1480024#\2b18df7d7e9d95dba484b4e272bcc8e7\Pfu.ScanSnap.Register.SshRegisterException.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000090112 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnab28d1a0d#\ab7748c8b9c23677c50e0897788b442f\Pfu.ScanSnap.SshRegisterResources.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000127488 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnac44cffff#\6cb74a4252a40a5d43b0c35d6bcf1a2a\Pfu.ScanSnap.Register.Common.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000515072 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnad7e73fe6#\0224af5a319e3c129b9c7502de709cb6\Pfu.ScanSnap.Home.Data.Access.File.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 013470208 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnae91a7162#\81f08be9f41c342d8682d010144464b7\Pfu.ScanSnap.Home.UI.Sub.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000048128 _____ (PFU Limited) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pfu.ScanSnap.Utility\91acac93740c2ece400732fc427860b5\Pfu.ScanSnap.Utility.ni.dll 2020-08-08 12:18 - 2020-10-14 10:09 - 000099328 _____ (PFU Limited.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshWCFWrap.dll 2020-08-08 12:19 - 2018-05-30 19:00 - 000056320 _____ (PFU Limited.) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\bcd_file\F5BDCNAM.dll 2020-08-08 12:18 - 2020-05-19 08:52 - 000077824 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\ErrorDifusion.dll 2020-08-08 12:18 - 2020-06-12 10:44 - 000136704 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\OCRFileIOModule.dll 2020-08-08 12:18 - 2020-05-29 13:12 - 000131072 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IDEPTH.DLL 2020-08-08 12:18 - 2020-05-29 13:12 - 000118784 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IGR2MO.DLL 2020-08-08 12:18 - 2020-05-29 13:12 - 000057344 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2IROTAT.dll 2020-08-08 12:18 - 2020-05-29 13:12 - 000065536 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\P2ISCALE.DLL 2020-08-08 12:18 - 2020-06-11 12:34 - 000516179 _____ (PFU) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\pgd_file.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 000291840 _____ (Red Hat Software) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\pango-1.0.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 000578560 _____ (Red Hat Software) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\pangocairo-1.0.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 000605184 _____ (Red Hat Software) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\pangoft2-1.0.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 000064512 _____ (Red Hat Software) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\pangowin32-1.0.dll 2020-08-08 12:18 - 2017-06-10 19:54 - 001154560 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\x86\SQLite.Interop.dll 2020-08-03 15:02 - 2020-08-03 15:02 - 001688576 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll 2020-12-04 23:13 - 2020-12-04 23:13 - 000125952 _____ (Robert Vazan) [Datei ist nicht signiert] C:\Users\Heiko\AppData\Local\Amazon Drive\crc32c.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000785408 _____ (rubicon IT GmbH) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Remotion.Linq\9c2875049f1d3df9afead917b841ad6f\Remotion.Linq.ni.dll 2020-08-03 15:02 - 2020-08-03 15:02 - 001918464 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000138240 _____ (SuperSocket) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SuperSocket30abddd8#\a9da84e773f7642fb0b12fd7fb0503c9\SuperSocket.ClientEngine.ni.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000793088 _____ (The Apache Software Foundation) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\f5b7d5e092ca71fcbb3d4259f2c1ad51\log4net.ni.dll 2018-02-21 07:20 - 2018-02-21 07:20 - 000320000 _____ (The cURL library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files\NetDrive2\libcurl.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 001338368 _____ (The GLib developer community) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\glib-2.0.dll 2018-08-14 13:49 - 2018-08-14 13:49 - 000284160 _____ (The GLib developer community) [Datei ist nicht signiert] C:\Program Files\TechSmith\Snagit 2019\gobject-2.0.dll 2018-02-21 07:20 - 2018-02-21 07:20 - 000135168 _____ (The libssh2 library, hxxps://www.libssh2.org/) [Datei ist nicht signiert] C:\Program Files\NetDrive2\libssh2.dll 2018-02-21 07:20 - 2018-02-21 07:20 - 001204224 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\NetDrive2\LIBEAY32.dll 2018-02-21 07:20 - 2018-02-21 07:20 - 000295936 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\NetDrive2\SSLEAY32.dll 2020-05-13 06:18 - 2020-05-13 06:18 - 002822144 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Users\Heiko\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000233472 _____ (WebSocket4Net) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WebSocket4Net\377338428ed3c947c5294ea14647355d\WebSocket4Net.ni.dll 2020-01-30 15:17 - 2020-01-30 15:17 - 001502208 _____ (X-Rite Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\X-Rite\Devices\i1pro\i1iO.dll 2020-01-30 15:17 - 2020-01-30 15:17 - 003962368 _____ (X-Rite Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\X-Rite\Devices\i1pro\i1Pro.dll 2020-01-30 15:17 - 2020-01-30 15:17 - 001492480 _____ (X-Rite Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\X-Rite\Devices\i1pro3\i1iO3.dll 2020-01-30 15:17 - 2020-01-30 15:17 - 003992576 _____ (X-Rite Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\X-Rite\Devices\i1pro3\i1Pro3.dll 2020-01-30 15:18 - 2020-01-30 15:18 - 000150016 _____ (X-Rite Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\X-Rite\Devices\i1pro3\i1pro3.xrdevice 2020-01-30 15:17 - 2020-01-30 15:17 - 002359296 _____ (X-Rite) [Datei ist nicht signiert] C:\Program Files (x86)\X-Rite\Devices\i1isis\EyeOne_iSis.dll 2020-01-30 15:17 - 2020-01-30 15:17 - 001019392 _____ (X-Rite) [Datei ist nicht signiert] C:\Program Files (x86)\X-Rite\Devices\i1pro\i1Fun.dll 2020-01-30 15:17 - 2020-01-30 15:17 - 001162752 _____ (X-Rite) [Datei ist nicht signiert] C:\Program Files (x86)\X-Rite\Devices\i1pro3\i1Pro3Fun.dll 2020-12-03 08:20 - 2020-12-03 08:20 - 000120320 _____ (Zumero, LLC) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SQLitePCLRaw.core\dba2d4710380e6c3db3acac48cf37268\SQLitePCLRaw.core.ni.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\Temp:8779C396 [135] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17prewin10.msn.com/?pc=HCTE HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17prewin10.msn.com/?pc=HCTE HKU\S-1-5-21-2845510748-558110454-3949872108-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-2845510748-558110454-3949872108-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17prewin10.msn.com/?pc=HCTE SearchScopes: HKU\S-1-5-21-2845510748-558110454-3949872108-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-2845510748-558110454-3949872108-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-06] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-28] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-28] (Oracle America, Inc. -> Oracle Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-12] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-12] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\sharepoint.com -> hxxps://forgres-files.sharepoint.com ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts |
13.12.2020, 23:00 | #5 |
| Windows 10: Freunde erhalten "verseuchte" Emails, vermute TrojanerCode:
ATTFilter ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\HP\HP Performance Advisor;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Calibre2\;E:\gs;E:\Program Files\gs\gs9.50\bin;E:\Program Files\gs\gs9.50\lib;C:\Program Files (x86)\HP\IdrsOCR_15.2.10.1114\;C:\ProgramData\chocolatey\bin;E:\Program Files\PuTTY\ HKU\S-1-5-21-2845510748-558110454-3949872108-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Heiko\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\permonitorwallpaper1.bmp DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AdobeUpdateService => 2 MSCONFIG\Services: AGMService => 2 MSCONFIG\Services: AGSService => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: BrYNSvc => 3 MSCONFIG\Services: DragonLoggerService => 2 MSCONFIG\Services: DragonSvc => 2 MSCONFIG\Services: dvhlp => 2 MSCONFIG\Services: fshoster => 2 MSCONFIG\Services: fsnethoster => 2 MSCONFIG\Services: fsulhoster => 2 MSCONFIG\Services: fsulnethoster => 2 MSCONFIG\Services: fsulorsp => 2 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: hpqcaslwmiex => 3 MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2 MSCONFIG\Services: HPTouchpointAnalyticsService => 2 MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2 MSCONFIG\Services: iaStorAfsService => 3 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) PROSet Monitoring Service => 2 MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LBTServ => 3 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NetDrive2_Service_NetDrive2 => 2 MSCONFIG\Services: NIHardwareService => 2 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: NVWMI => 2 MSCONFIG\Services: OKI OPHG DCS Loader => 2 MSCONFIG\Services: postgresql-x64-9.5 => 2 MSCONFIG\Services: RealtekWlanU => 2 MSCONFIG\Services: RtkAudioService => 2 MSCONFIG\Services: RTLDHCPService => 2 MSCONFIG\Services: RunSwUSB => 2 MSCONFIG\Services: Synology Drive VSS Service x64 => 2 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: ThunderboltService => 3 MSCONFIG\Services: UsbClientService => 2 MSCONFIG\Services: WTabletServicePro => 2 HKLM\...\StartupApproved\StartupFolder: => "CardMinder Viewer.lnk" HKLM\...\StartupApproved\StartupFolder: => "In PDF-Datei mit ScanSnap Organizer konvertieren.lnk" HKLM\...\StartupApproved\StartupFolder: => "ScanSnap Manager.lnk" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "Blackmagic CheckVersion PCI" HKLM\...\StartupApproved\Run: => "Blackmagic Streaming Server" HKLM\...\StartupApproved\Run: => "Blackmagic Desktop Video Updater" HKLM\...\StartupApproved\Run: => "EvtMgr6" HKLM\...\StartupApproved\Run32: => "IMSS" HKLM\...\StartupApproved\Run32: => "BrStsMon00" HKLM\...\StartupApproved\Run32: => "ISUSPM" HKLM\...\StartupApproved\Run32: => "DNS7reminder" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "LWS" HKLM\...\StartupApproved\Run32: => "Blackmagic CheckVersion" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "ScanSnap OnlineUpdate Watcher" HKLM\...\StartupApproved\Run32: => "ScanSnap WIA Service Checker" HKLM\...\StartupApproved\Run32: => "ConnectionCenter" HKLM\...\StartupApproved\Run32: => "Redirector" HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\StartupApproved\StartupFolder: => "Synology Drive.lnk" HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk" HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\StartupApproved\Run: => "ISUSPM" HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_7FECADEFBB871C94D0B847B513B0817A" HKU\S-1-5-21-2845510748-558110454-3949872108-1000\...\StartupApproved\Run: => "com.squirrel.WhatsApp.WhatsApp" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{4E497DD1-5F3B-4467-AEE9-83BE8A391D54}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{32F0379E-AB51-4FDD-B2AE-B131BC523A8D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{E50F834A-5BED-499B-83C6-6DF4B016BDBD}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{5CE85EE6-2160-4390-99CD-734907D18665}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [UDP Query User{E37B53F7-4F41-44CD-B5C6-CE653AA6021D}C:\program files (x86)\pfu\scansnap\home\pfussmon.exe] => (Allow) C:\program files (x86)\pfu\scansnap\home\pfussmon.exe (PFU Limited -> PFU Limited) FirewallRules: [TCP Query User{AF6D5B49-B1A1-4C53-A718-0601653DB4C0}C:\program files (x86)\pfu\scansnap\home\pfussmon.exe] => (Allow) C:\program files (x86)\pfu\scansnap\home\pfussmon.exe (PFU Limited -> PFU Limited) FirewallRules: [UDP Query User{B64D4A0C-A649-4D7A-ACBF-A1B7D38045AE}E:\program files (x86)\pfu\scansnap\driver\pfussmon.exe] => (Allow) E:\program files (x86)\pfu\scansnap\driver\pfussmon.exe => Keine Datei FirewallRules: [TCP Query User{3E773DE9-52EA-4EC1-B3D4-8D40AB7D7C76}E:\program files (x86)\pfu\scansnap\driver\pfussmon.exe] => (Allow) E:\program files (x86)\pfu\scansnap\driver\pfussmon.exe => Keine Datei FirewallRules: [{79316649-CAEF-463B-85B5-7F03DA876B01}] => (Allow) LPort=5454 FirewallRules: [{27813777-862C-4F24-B3EB-588816E838EE}] => (Allow) C:\WINDOWS\system32\hasplms.exe (SafeNet, Inc. -> SafeNet Inc.) FirewallRules: [{E3A65C8A-1E39-4272-9B91-6CEA989F286A}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M282-M285\Bin\HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.) FirewallRules: [{A61616CA-BCC5-4EBB-85C8-2418C4084A96}] => (Allow) LPort=5357 FirewallRules: [{052843AC-18DC-4C0D-8E6E-A32CA6DE005D}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M282-M285\Bin\DeviceSetup.exe (HP Inc -> HP Inc.) FirewallRules: [{3DEC2FA1-8AC0-4539-BB22-B2EF2C14023C}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M282-M285\bin\FaxPrinterUtility.exe (HP Inc -> HP Inc.) FirewallRules: [{7BBE0D30-9967-4D5E-AFA0-49D4F9EE6DB9}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M282-M285\bin\SendAFax.exe (HP Inc -> HP Inc.) FirewallRules: [{79F1FB15-2D8D-44C3-89FB-409E570E148D}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M282-M285\bin\DigitalWizards.exe (HP Inc -> HP Inc.) FirewallRules: [{6150573D-C68D-4469-8848-5F6A4DC49F71}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M282-M285\bin\FaxApplications.exe (HP Inc -> HP Inc.) FirewallRules: [{D9CB5F95-C7B1-4CC7-A895-4872E5BFEE23}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M282-M285\bin\EWSProxy.exe (HP Inc -> HP Inc.) FirewallRules: [UDP Query User{B2F2BBDE-73EE-4A20-BA05-F0BDF7857A5A}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe => Keine Datei FirewallRules: [TCP Query User{770C6DD7-D388-4C83-8B18-997126AAB488}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe => Keine Datei FirewallRules: [{394EF374-C4A5-4E34-8285-6D5435E4FF9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{3C718438-A912-4FB3-B8FF-B76E8BB4DA0C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E5EB2B05-B1DD-4104-9E1D-D319E3409BAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{153B99E4-3488-45EE-90A3-191D5DD718DA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [UDP Query User{0B076F3F-A051-4BCC-9A94-078DE7597CB1}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => Keine Datei FirewallRules: [TCP Query User{015E5CEB-AE59-4640-88B1-66E159234E3D}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => Keine Datei FirewallRules: [UDP Query User{EC7DC15B-651B-4368-BCFA-1694F005BF28}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe => Keine Datei FirewallRules: [TCP Query User{3994AAFD-5066-40EE-9D14-4523B77423FC}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe => Keine Datei FirewallRules: [UDP Query User{70658F6E-1D10-4AF7-AE81-C771A1C0B50D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => Keine Datei FirewallRules: [TCP Query User{E2A09435-CD9B-4ED2-B574-C26AA90DBE58}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe => Keine Datei FirewallRules: [UDP Query User{89538CD9-F3AE-4F6A-9465-16CFD044960F}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => Keine Datei FirewallRules: [TCP Query User{550F6713-EFA2-4D82-ACDE-757FB37263B2}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => Keine Datei FirewallRules: [{2B8D23CC-C712-4FA8-878B-5A762E776C6A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{43CC27BF-63BF-4DE3-896C-E70B9255C6EF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{042493FA-D43F-499C-9892-F4B902E19EF8}] => (Allow) E:\Program Files (x86)\WOMic\womicclient.exe => Keine Datei FirewallRules: [{BF9574FB-4C38-4507-BADA-DF03892BF4F7}] => (Allow) C:\Users\Heiko\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{AFCD6C0D-9D76-4D3F-B750-BE9EEF934A67}] => (Allow) C:\Users\Heiko\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{717C83E7-0F83-40FE-99E6-64225F198D74}] => (Allow) E:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe (IVT Corporation) [Datei ist nicht signiert] FirewallRules: [{DD133127-50ED-4124-A434-78E0BFD2BED1}] => (Allow) E:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe (IVT Corporation) [Datei ist nicht signiert] FirewallRules: [{3C85C708-36F9-4791-A533-3EEE845AD786}] => (Allow) E:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe (IVT Corporation) [Datei ist nicht signiert] FirewallRules: [{9C2C9270-9537-419E-9F6A-5979CB69985C}] => (Allow) E:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe (IVT Corporation) [Datei ist nicht signiert] FirewallRules: [UDP Query User{3F897888-E062-4889-8DD1-F740B9CA0694}E:\program files\synology\synologysurveillancestationclient\bin\synologysurveillancestationclient.exe] => (Allow) E:\program files\synology\synologysurveillancestationclient\bin\synologysurveillancestationclient.exe (Synology Inc. -> Synology Inc.) FirewallRules: [TCP Query User{87978300-B7DB-43A0-BACB-9F387CD67BDA}E:\program files\synology\synologysurveillancestationclient\bin\synologysurveillancestationclient.exe] => (Allow) E:\program files\synology\synologysurveillancestationclient\bin\synologysurveillancestationclient.exe (Synology Inc. -> Synology Inc.) FirewallRules: [{11F1146A-DFC2-4508-8ADB-581DA01C4CA0}] => (Allow) LPort=8299 FirewallRules: [UDP Query User{F53D7A80-E324-441F-965E-F6B005D1B717}C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.) FirewallRules: [TCP Query User{7E93BA8A-EC4B-47D9-B146-7CB29771ECE3}C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.) FirewallRules: [{26ECB512-7301-447F-9E13-0D71C568855B}] => (Allow) C:\Program Files (x86)\Blackmagic Design\Blackmagic Converters\Setup\Blackmagic Converters Setup.exe () [Datei ist nicht signiert] FirewallRules: [{0305D530-99AA-4802-9469-30CCCAF0B494}] => (Allow) E:\Program Files\NetDrive2\nd2cmd.exe => Keine Datei FirewallRules: [{7585B235-81CA-4FBC-9FC7-56B4C88190BB}] => (Allow) E:\Program Files\NetDrive2\nd2cmd.exe => Keine Datei FirewallRules: [{3ED2A54C-75C9-41AE-B48A-D93A13DB8945}] => (Allow) E:\Program Files\NetDrive2\NetDrive2.exe => Keine Datei FirewallRules: [{13689BDA-76FD-4C72-B325-B447F20F73B6}] => (Allow) E:\Program Files\NetDrive2\NetDrive2.exe => Keine Datei FirewallRules: [{54A34D39-30B7-4422-9E2F-E318D4011C69}] => (Allow) E:\Program Files\NetDrive2\nd2svc.exe => Keine Datei FirewallRules: [{421DB6B7-11DC-4477-A7E5-4C3CF2AFF0DC}] => (Allow) E:\Program Files\NetDrive2\nd2svc.exe => Keine Datei FirewallRules: [{D92C89D7-7814-4D4F-9D16-BABD5EECF44D}] => (Allow) E:\Program Files\NetDrive2\nd2cmd.exe => Keine Datei FirewallRules: [{1B90113A-8510-4896-A644-F04F316A1AEA}] => (Allow) E:\Program Files\NetDrive2\nd2cmd.exe => Keine Datei FirewallRules: [{FD959A65-652A-42F1-8917-C7DE8B128CB4}] => (Allow) E:\Program Files\NetDrive2\NetDrive2.exe => Keine Datei FirewallRules: [{55AA5278-DE7B-4710-AF6C-189556AAB355}] => (Allow) E:\Program Files\NetDrive2\NetDrive2.exe => Keine Datei FirewallRules: [{84E54318-9684-49DA-87E2-F6167F127B56}] => (Allow) E:\Program Files\NetDrive2\nd2svc.exe => Keine Datei FirewallRules: [{279CA734-D8E8-46DB-A273-4EC2B47A541B}] => (Allow) E:\Program Files\NetDrive2\nd2svc.exe => Keine Datei FirewallRules: [UDP Query User{A6A68A16-EDCE-4374-B163-26B920123247}E:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) E:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) FirewallRules: [TCP Query User{2F8C554C-3F54-453A-8D50-42B649930594}E:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) E:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) FirewallRules: [UDP Query User{A124BA6B-946C-480C-968C-3D2B975CE9AD}E:\program files (x86)\reolink client\reolink client.exe] => (Allow) E:\program files (x86)\reolink client\reolink client.exe => Keine Datei FirewallRules: [TCP Query User{65A3476F-AF81-467C-9547-9C259A729EE4}E:\program files (x86)\reolink client\reolink client.exe] => (Allow) E:\program files (x86)\reolink client\reolink client.exe => Keine Datei FirewallRules: [{0A956DCA-857E-49A3-BD9D-0AC87B5C5E93}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Keine Datei FirewallRules: [{45A6FB64-14E0-489C-B7D2-B1C07B541549}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => Keine Datei FirewallRules: [{4517D7DC-E59C-4DDB-975C-999F1B0753B5}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Keine Datei FirewallRules: [{768D1420-2D39-409C-AE2B-3CFFAB73D3E2}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => Keine Datei FirewallRules: [UDP Query User{122C6215-0C81-466E-9DC4-D8E9779B4C20}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => Keine Datei FirewallRules: [TCP Query User{9FA22F96-0D87-4983-8A93-2CA1F6E5F1A0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => Keine Datei FirewallRules: [UDP Query User{7E06BAA2-D13C-4B16-9BC0-071FA55781A6}E:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [TCP Query User{52E68D3B-19E8-4E93-A0D7-BA3198ADD0F1}E:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [UDP Query User{EB0C7EDA-5DDC-48BD-9D55-495D381AC02F}C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.) FirewallRules: [TCP Query User{D66DD59A-D435-433F-ACB2-7E831858DC36}C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.) FirewallRules: [UDP Query User{C6946DF4-F344-4D07-9F21-9248EA68A3F0}C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.) FirewallRules: [TCP Query User{B8EFB5CB-4944-452F-8FC3-21E9BA62587E}C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.) FirewallRules: [{82395016-957D-42E5-9F29-3CD15A291907}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek) FirewallRules: [{6C40114D-90E3-4B61-B580-C674A303AF9D}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek) FirewallRules: [{698B9150-BC3C-45C8-8604-F2E567A4ABD3}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek) FirewallRules: [{DCE7726C-5358-4EA4-9937-97FB3AF682C1}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek) FirewallRules: [{7B160FFE-CC96-4D0B-B804-3BBC137B0821}] => (Allow) LPort=53 FirewallRules: [{0CFBB8F8-27A3-46C2-A7A7-6FDAAC392852}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek) FirewallRules: [{2DDAB5B0-F7DC-4DC3-9E10-91DA99102AB5}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek) FirewallRules: [{0BA2090D-0E93-4D45-8BC1-986ED0A15194}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek) FirewallRules: [{C7750EA4-A3AE-44A6-A5F0-9CE66E4F502E}] => (Allow) LPort=53 FirewallRules: [{23B929BF-D46D-493F-A27D-F2C8BBF8F5BD}] => (Allow) LPort=1542 FirewallRules: [{C417804D-6D2F-486F-B4F4-4D28C5D8744E}] => (Allow) LPort=1542 FirewallRules: [{82C318BE-3ABD-4775-8F31-16B80BEA0877}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) FirewallRules: [UDP Query User{7D22094C-1EF6-4175-A353-7009F1A34E1D}C:\program files (x86)\pfu\scansnap\driver\pfussmon.exe] => (Allow) C:\program files (x86)\pfu\scansnap\driver\pfussmon.exe => Keine Datei FirewallRules: [TCP Query User{17B66FD4-B405-41E0-A192-A8F45DB8EE71}C:\program files (x86)\pfu\scansnap\driver\pfussmon.exe] => (Allow) C:\program files (x86)\pfu\scansnap\driver\pfussmon.exe => Keine Datei FirewallRules: [UDP Query User{11470133-CB08-4630-AAEC-007D950CA1F6}C:\program files (x86)\pfu\scansnap\driver\pfussmon.exe] => (Allow) C:\program files (x86)\pfu\scansnap\driver\pfussmon.exe => Keine Datei FirewallRules: [TCP Query User{98863582-F766-41FB-A847-524590E1DBE0}C:\program files (x86)\pfu\scansnap\driver\pfussmon.exe] => (Allow) C:\program files (x86)\pfu\scansnap\driver\pfussmon.exe => Keine Datei FirewallRules: [{0914E670-DAAF-4126-B118-F4F47193142D}] => (Allow) C:\ProgramData\Qweb\converter\youtube-dl.exe => Keine Datei FirewallRules: [{980CDBE0-D12E-42D3-A030-4193E440DC9E}] => (Allow) C:\ProgramData\Qweb\converter\youtube-dl.exe => Keine Datei FirewallRules: [{85A19340-C344-4B7E-BF05-3DABAD2F2E93}] => (Allow) C:\ProgramData\Qweb\converter\aria2c.exe => Keine Datei FirewallRules: [{BA829507-855F-43C3-81BE-EF8C17D364F3}] => (Allow) C:\ProgramData\Qweb\converter\aria2c.exe => Keine Datei FirewallRules: [{5F13CA18-35F9-4297-ACBB-5609741A9EA9}] => (Allow) C:\ProgramData\Qweb\converter\video-downloader.exe => Keine Datei FirewallRules: [{2C232521-E631-4827-A129-DE14698B32C1}] => (Allow) C:\ProgramData\Qweb\converter\video-downloader.exe => Keine Datei FirewallRules: [{4825A9A4-EB6A-4D6C-A1BD-6EBF2FB3F400}] => (Allow) C:\ProgramData\Qweb\nginx\nginx.exe => Keine Datei FirewallRules: [{E7B73AD4-00F2-432C-A04B-E84C5CE3326D}] => (Allow) C:\ProgramData\Qweb\nginx\nginx.exe => Keine Datei FirewallRules: [{0024DFA0-0944-49B0-9947-A0BFB3653E76}] => (Allow) LPort=51001 FirewallRules: [{020A045F-E468-4018-90FE-889CF1E2AF0D}] => (Allow) C:\Program Files\NetDrive2\nd2cmd.exe (Bdrive Inc. -> Bdrive Inc) FirewallRules: [{FD917B78-728D-4D98-AC5B-D720BE3D1224}] => (Allow) C:\Program Files\NetDrive2\nd2cmd.exe (Bdrive Inc. -> Bdrive Inc) FirewallRules: [{390CD4DA-D2D1-417A-B252-7EF057DC6839}] => (Allow) C:\Program Files\NetDrive2\NetDrive2.exe (Bdrive Inc. -> Bdrive Inc) FirewallRules: [{D1918607-1753-42E8-AC84-F2C81DB40EC8}] => (Allow) C:\Program Files\NetDrive2\NetDrive2.exe (Bdrive Inc. -> Bdrive Inc) FirewallRules: [{64F05D6F-5907-47AB-A3D7-371E5D80296B}] => (Allow) C:\Program Files\NetDrive2\nd2svc.exe (Bdrive Inc. -> ) FirewallRules: [{7A7AC2F9-0CDC-49E7-9B9B-167AA9BBCD99}] => (Allow) C:\Program Files\NetDrive2\nd2svc.exe (Bdrive Inc. -> ) FirewallRules: [{C1465B3D-C6E1-45CF-AC44-75FA0DEE3D72}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{4089BAC2-A418-41A0-80FC-EEB892CBADED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{9F6EA27C-29D3-4614-A3D5-373DFB5261CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D1A5512C-E40C-4277-820E-16E21AC41913}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{9FE239B3-BB63-4DA5-B557-E34C0263B935}] => (Allow) LPort=51001 FirewallRules: [{CDC92049-BB9B-4FCA-B03C-0A2351AEFD8E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BB3617BE-877E-43C9-9DF8-38EA48C5EAB0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{AEE83849-E15D-4965-9A59-CBEFEB855810}] => (Allow) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\UcMapi.exe => Keine Datei FirewallRules: [{D32B3940-7916-4C59-B0DF-891B15FD543E}] => (Allow) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\Lync.exe => Keine Datei FirewallRules: [UDP Query User{57BD5168-1F9A-40E7-9A8B-88D7223019B3}C:\users\heiko\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe] => (Allow) C:\users\heiko\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe => Keine Datei FirewallRules: [TCP Query User{D187AADF-FB30-49F1-9AC4-437086098D78}C:\users\heiko\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe] => (Allow) C:\users\heiko\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe => Keine Datei FirewallRules: [UDP Query User{CE09B81E-623D-4C77-A952-658C072D1EA4}C:\users\heiko\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\heiko\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{E07404D0-291D-4DEB-B874-3EC423603E46}C:\users\heiko\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\heiko\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.) [Datei ist nicht signiert] FirewallRules: [{AC9F73D8-58E5-41A1-812A-99D6A78A06F3}] => (Block) C:\program files\logitech gaming software\lcore.exe => Keine Datei FirewallRules: [{FC4E5576-79DA-49F5-B248-5BC8AD6D9E8A}] => (Block) C:\program files\logitech gaming software\lcore.exe => Keine Datei FirewallRules: [UDP Query User{A858A8E6-6DAB-4570-942D-970235B9D544}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => Keine Datei FirewallRules: [TCP Query User{5A71DC76-0591-4C30-B01A-857E7A10C81D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => Keine Datei FirewallRules: [UDP Query User{5E79CED4-06C2-4618-BFB4-81846C1D1216}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Keine Datei FirewallRules: [TCP Query User{8CE0941E-5DE4-48BF-88D4-993D7487B455}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Keine Datei FirewallRules: [{4DFE0244-2071-40A9-8B38-121A3E8D9C13}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0CB87915-D372-4EF0-8DBD-57C80E71868E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{47A0EF28-0C2B-469A-84FD-D0226DA93561}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{ECE813C8-4778-417B-8A91-957F32B9C41A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{2CB6760E-E26C-4489-878B-175E6954CE4D}] => (Allow) LPort=8318 FirewallRules: [{CACD5D03-E4E0-4BA4-BEE2-042F68493851}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{A4CABA01-EB3E-4771-A555-3A6CFD7D0076}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => Keine Datei FirewallRules: [{F10FD9EF-8E75-4BF2-9061-4EFCAB1CE65D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink) FirewallRules: [{A2B68021-0269-40AF-9659-1E3DC39C36D7}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => Keine Datei FirewallRules: [{D847E99A-5F5B-4FA4-8A7C-19EAA8EEF15D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{FAE157C4-94AA-44D6-BBD0-EA82A615C91E}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{BE91EF71-0CAE-4460-88B4-44FBED7B2F9F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{80BB7E87-8AA4-4475-B669-42DA2A403C0D}C:\program files (x86)\synology\photo station uploader\mediauploader.exe] => (Allow) C:\program files (x86)\synology\photo station uploader\mediauploader.exe => Keine Datei FirewallRules: [UDP Query User{35E4C9A3-B3F8-4EA8-8098-AC953D95738E}C:\program files (x86)\synology\photo station uploader\mediauploader.exe] => (Allow) C:\program files (x86)\synology\photo station uploader\mediauploader.exe => Keine Datei FirewallRules: [TCP Query User{621600ED-0040-4F83-8D15-64E258792533}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Keine Datei FirewallRules: [UDP Query User{6B4A87D7-46F2-43A1-8F2D-0B1F292895AB}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Keine Datei FirewallRules: [TCP Query User{9562BD8E-7A0C-424F-A5FB-3BF9B8759B62}C:\users\heiko\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\heiko\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{EBFEB269-94B7-4382-A726-889C5FFAE833}C:\users\heiko\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\heiko\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{9221C667-0A4E-42A6-8694-6478A3540036}C:\users\heiko\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe] => (Allow) C:\users\heiko\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe => Keine Datei FirewallRules: [UDP Query User{6E758406-1282-49B6-911C-DE592A9649D4}C:\users\heiko\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe] => (Allow) C:\users\heiko\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe => Keine Datei FirewallRules: [TCP Query User{0B54F34F-1B15-48B0-ACDC-C110DD05558E}C:\users\heiko\appdata\local\temp\lrea4c5.tmp\bin\java.exe] => (Allow) C:\users\heiko\appdata\local\temp\lrea4c5.tmp\bin\java.exe => Keine Datei FirewallRules: [UDP Query User{9A2BD4F4-38DC-4B94-BB0F-7FAC65163038}C:\users\heiko\appdata\local\temp\lrea4c5.tmp\bin\java.exe] => (Allow) C:\users\heiko\appdata\local\temp\lrea4c5.tmp\bin\java.exe => Keine Datei FirewallRules: [TCP Query User{1B1D8166-B199-4EC1-9101-A4935E4935F8}C:\users\heiko\appdata\local\temp\j2ee.exe2\package\jre\bin\java.exe] => (Allow) C:\users\heiko\appdata\local\temp\j2ee.exe2\package\jre\bin\java.exe => Keine Datei FirewallRules: [UDP Query User{D43293BF-4DF2-4461-AE78-73A8ECEDBC8E}C:\users\heiko\appdata\local\temp\j2ee.exe2\package\jre\bin\java.exe] => (Allow) C:\users\heiko\appdata\local\temp\j2ee.exe2\package\jre\bin\java.exe => Keine Datei FirewallRules: [TCP Query User{B6127F91-786D-4DF1-8515-5CC5AB8C07E0}C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.) FirewallRules: [UDP Query User{EC687891-8C44-4D7E-951E-52452E82C8ED}C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\heiko\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.) FirewallRules: [{29049529-E4A5-489A-8666-D37564F81629}] => (Allow) LPort=53 FirewallRules: [{512D13C6-D316-44A3-90F8-36449ACD1E7F}] => (Allow) C:\Program Files\NetDrive2\nd2svc.exe (Bdrive Inc. -> ) FirewallRules: [{92BB72BE-92D1-40B4-B77D-5D194AABB2FF}] => (Allow) C:\Program Files\NetDrive2\NetDrive2.exe (Bdrive Inc. -> Bdrive Inc) FirewallRules: [{501563C1-9A88-4B4B-B9B4-DF17B1156753}] => (Allow) C:\Program Files\NetDrive2\nd2cmd.exe (Bdrive Inc. -> Bdrive Inc) FirewallRules: [{41AFE289-60FE-4198-AC42-7DA75E876FBA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{79E9D364-4869-4E76-A399-3A2638838B79}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{7CD17438-40FC-4742-AEAE-9CD5048B9E8F}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Keine Datei FirewallRules: [UDP Query User{79C5CD30-E0FB-4516-87AF-7461A2B12A2A}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe => Keine Datei FirewallRules: [{C87F270C-4ED2-43A8-A185-47BC58FBC57A}] => (Allow) LPort=51001 FirewallRules: [TCP Query User{9661C24B-EBF5-4AFD-AF98-779E71A8AA1E}E:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [UDP Query User{443AB7A5-19EA-4073-9EAD-BCE6A17E7F90}E:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [TCP Query User{F4F8AD9F-D5CC-4DFE-9702-CA101AE86D67}E:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [UDP Query User{48A092E6-5CC6-4E26-A358-2938E42A024E}E:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [TCP Query User{4790820B-D5F4-4BAC-9011-2CC45195E517}E:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [UDP Query User{E0BF69BB-03BA-407B-9FEA-0C06B7FF88F6}E:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [TCP Query User{6027D7D8-013E-4834-BF4A-C3354C7315F3}E:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [UDP Query User{0C805C18-4A5A-4F16-B620-66B0A5381304}E:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [TCP Query User{5A4A58D8-252A-4196-9649-4511E849FC7C}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => Keine Datei FirewallRules: [UDP Query User{6A5495BB-5519-419F-8B80-75C85E0583A5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => Keine Datei FirewallRules: [{BA549D27-B048-4CC4-809B-6787E49C4F25}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.) FirewallRules: [{9B5F5E7A-8008-4A22-8CA5-F06F5D0B61B9}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [{C8F8CD56-5749-4F83-B9A5-A01F708B63C0}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [{2A54160F-2D28-483A-B304-99935884481F}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [{09F153BB-361B-4EB6-837F-71828E232B37}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [{121EFB4E-3749-4197-A52A-262F72762FE5}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [{654B1DFF-EAF4-4267-B51F-4B8B087B0E14}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => Keine Datei FirewallRules: [{AB183192-0E5C-4608-B3A6-A3CC32C7BAF4}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => Keine Datei FirewallRules: [{D19BD4EA-9D5E-48B2-ADBF-A9D4FF467A4D}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> ) FirewallRules: [{CD884239-6C9B-48B4-B114-28AAE00553B2}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => Keine Datei FirewallRules: [TCP Query User{F1120627-4181-4F6E-A5D6-35F5CDB92AB7}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{B0C59623-9A0B-48CB-8CEE-A55A8E58900C}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{7F533B89-AA27-4A49-977F-022D228F57EE}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{7AE94A8E-40D1-46E5-8235-AE1EEBA72880}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{B051D9CA-3FB3-493A-896E-1D0DBDFCBE3F}C:\program files (x86)\pfu\scansnap\home\pfussmon.exe] => (Allow) C:\program files (x86)\pfu\scansnap\home\pfussmon.exe (PFU Limited -> PFU Limited) FirewallRules: [UDP Query User{6E74CB7C-3D57-4B81-B3A6-6E9FF5384EA4}C:\program files (x86)\pfu\scansnap\home\pfussmon.exe] => (Allow) C:\program files (x86)\pfu\scansnap\home\pfussmon.exe (PFU Limited -> PFU Limited) FirewallRules: [TCP Query User{613E49D6-C56B-4152-800C-0208F3352C7D}E:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) E:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) FirewallRules: [UDP Query User{8F3A1AE5-7C22-41EB-88E8-9F3DAEF49669}E:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) E:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) FirewallRules: [TCP Query User{35FB18EB-66F2-40A5-956B-DF1ECDC47CC0}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{9F33E4D7-D2D7-4DFF-9922-462732320C9C}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{F2AEC817-7BB2-4B01-BE14-60BB4AE8C054}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{FEC85130-A86E-4752-9C8E-1AA153B645E7}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe () [Datei ist nicht signiert] FirewallRules: [{1C632899-A626-42CA-B106-8F1FFD8372A5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{AD6114A2-3EB4-4D4D-B05B-02942CADC8F7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4CE99DBE-3755-4050-AB17-E7ADC15AD90E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C304D144-D964-4B2A-80C6-B773CD9E146C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{A5115906-2798-4553-A6B6-D1EF878CC053}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{FEF6BC5F-EC03-4356-9951-106526F6A901}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B2DB9209-B759-4B2E-AEB4-BE95C3C7C67F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{BBC275E5-9B91-456D-8C4F-4FB85E05C449}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{39B52888-55EE-4DBA-B6FA-4F8611A8F4E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DF0D8CD2-458D-44EF-98CD-4C28CD6BB0A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{02B66DE1-60FD-4C89-9DD9-763FE4143E85}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1D6E1B96-6563-4E6D-915C-963F42360150}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{60861208-49A0-4BD5-AD75-FD8D072E7388}] => (Allow) C:\WINDOWS\system32\spacedeskService.exe (Datronicsoft, Inc. -> ) FirewallRules: [{CF358DDE-1EA6-46E1-9B4B-A62F8A29D244}] => (Allow) C:\Program Files\Elgato\4KCaptureUtility\4KCaptureUtility.exe (Corsair Memory, Inc. -> Elgato Systems) FirewallRules: [{BF0600D6-5284-4915-9B04-783AB63EDED7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{5CB2D4B1-29AD-49C5-AF20-6D35E6B071D1}C:\program files (x86)\citrix\ica client\hdxteams.exe] => (Allow) C:\program files (x86)\citrix\ica client\hdxteams.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) FirewallRules: [UDP Query User{5ABB13A0-4E39-4B4D-86D9-CD46F8942257}C:\program files (x86)\citrix\ica client\hdxteams.exe] => (Allow) C:\program files (x86)\citrix\ica client\hdxteams.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) FirewallRules: [{9B43AB15-6325-4D66-BACC-4C499D77A86E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Wiederherstellungspunkte ========================= 11-12-2020 13:08:43 Installed PuTTY release 0.74 (64-bit) 13-12-2020 12:41:47 Windows Modules Installer 13-12-2020 19:00:18 Windows-Sicherung ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: iAP Interface Description: iAP Interface Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Traktor Kontrol Z1 DFU Description: Traktor Kontrol Z1 DFU Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (12/13/2020 07:10:09 PM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: Die Sicherung war nicht erfolgreich. Fehler: Fehler beim Anfordern einer exklusiven Sperre für die EFI-Systempartition (ESP) durch die Windows-Sicherung. Dies kann auftreten, wenn Dateien auf der ESP von einer anderen Anwendung verwendet werden. Wiederholen Sie den Vorgang. (0x8078011E). Error: (12/13/2020 07:10:05 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: NT-AUTORITÄT) Description: Fehler bei der um 2020-12-13T18:00:18.0106086Z gestarteten Sicherung. Fehlercode: "0x8078011e" (Fehler beim Anfordern einer exklusiven Sperre für die EFI-Systempartition (ESP) durch die Windows-Sicherung. Dies kann auftreten, wenn Dateien auf der ESP von einer anderen Anwendung verwendet werden. Wiederholen Sie den Vorgang. ). Suchen Sie in den Ereignisdetails nach einer Lösung, und führen Sie die Sicherung erneut aus, nachdem das Problem behoben wurde. Error: (12/13/2020 12:48:02 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: HEIKO-HP) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (12/13/2020 12:44:51 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: HEIKO-HP) Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126). Error: (12/13/2020 12:44:51 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: HEIKO-HP) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (12/13/2020 12:42:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: DPAgent.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00000000 Stapel: Error: (12/13/2020 10:56:39 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: HEIKO-HP) Description: microsoft.windows.cortana_cw5n1h2txyewy-2147024893 Error: (12/13/2020 10:50:19 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: HEIKO-HP) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Systemfehler: ============= Error: (12/13/2020 12:45:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) SUR QC Software Asset Manager erreicht. Error: (12/13/2020 10:47:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) SUR QC Software Asset Manager erreicht. Error: (12/12/2020 01:21:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) SUR QC Software Asset Manager erreicht. Error: (12/11/2020 06:31:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) SUR QC Software Asset Manager erreicht. Error: (12/11/2020 03:03:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) SUR QC Software Asset Manager erreicht. Error: (12/11/2020 01:09:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts. Error: (12/10/2020 01:32:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) SUR QC Software Asset Manager erreicht. Error: (12/10/2020 01:26:18 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Der Dienst DigitalPersona Authentifizierungsdienst konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Windows Defender: =================================== Date: 2020-12-13 12:07:01.6430000Z Description: C:\Windows\explorer.exe wurde durch den überwachten Ordnerzugriff daran gehindert, E:\Heiko2\Favoriten zu ändern. Erkennungszeit: 2020-12-13T11:07:01.643Z Benutzer: Heiko-HP\Heiko Pfad: E:\Heiko2\Favoriten Prozessname: C:\Windows\explorer.exe Sicherheitsversion: 1.329.322.0 Modulversion: 1.1.17700.4 Produktversion: 4.18.2011.6 Date: 2020-12-13 11:49:09.6370000Z Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {877B62EA-E9C4-4FB4-A2D5-345F1ECAD83F} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2020-12-13 11:35:51.9980000Z Description: C:\Program Files (x86)\4KDownload\4kvideodownloader\4kvideodownloader.exe wurde durch den überwachten Ordnerzugriff daran gehindert, E:\Heiko2\Video zu ändern. Erkennungszeit: 2020-12-13T10:35:51.998Z Benutzer: Heiko-HP\Heiko Pfad: E:\Heiko2\Video Prozessname: C:\Program Files (x86)\4KDownload\4kvideodownloader\4kvideodownloader.exe Sicherheitsversion: 1.329.322.0 Modulversion: 1.1.17700.4 Produktversion: 4.18.2011.6 Date: 2020-12-13 11:22:34.0700000Z Description: C:\Program Files\TechSmith\Camtasia 9\CamRecorder.exe wurde durch den überwachten Ordnerzugriff daran gehindert, E:\Heiko2\Video\Camtasia\ zu ändern. Erkennungszeit: 2020-12-13T10:22:34.069Z Benutzer: Heiko-HP\Heiko Pfad: E:\Heiko2\Video\Camtasia\ Prozessname: C:\Program Files\TechSmith\Camtasia 9\CamRecorder.exe Sicherheitsversion: 1.329.322.0 Modulversion: 1.1.17700.4 Produktversion: 4.18.2011.6 Date: 2020-12-13 11:14:19.5080000Z Description: C:\Program Files\Logitech\LogiCapture\bin\LogiCapture.exe wurde durch den überwachten Ordnerzugriff daran gehindert, E:\Heiko2\Video\Logitech\LogiCapture\ zu ändern. Erkennungszeit: 2020-12-13T10:14:19.508Z Benutzer: Heiko-HP\Heiko Pfad: E:\Heiko2\Video\Logitech\LogiCapture\ Prozessname: C:\Program Files\Logitech\LogiCapture\bin\LogiCapture.exe Sicherheitsversion: 1.329.322.0 Modulversion: 1.1.17700.4 Produktversion: 4.18.2011.6 CodeIntegrity: =================================== Date: 2020-12-13 22:46:15.9820000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 22:46:15.8670000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 22:41:15.9910000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 22:41:15.8770000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 22:37:15.9790000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 22:37:15.8680000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 22:33:16.4480000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-13 22:31:15.9870000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Citrix\ICA Client\epclient64.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== BIOS: HP N51 Ver. 01.80 06/09/2020 Hauptplatine: HP 802F Prozessor: Intel(R) Xeon(R) CPU E3-1245 v5 @ 3.50GHz Prozentuale Nutzung des RAM: 50% Installierter physikalischer RAM: 16303.59 MB Verfügbarer physikalischer RAM: 8142.55 MB Summe virtueller Speicher: 32687.59 MB Verfügbarer virtueller Speicher: 20678.1 MB ==================== Laufwerke ================================ Drive c: (Windows ) (Fixed) (Total:224.95 GB) (Free:37.95 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (HP_RECOVERY) (Fixed) (Total:11.27 GB) (Free:1.68 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: (DATADRIVE0) (Fixed) (Total:476.81 GB) (Free:184.06 GB) NTFS Drive g: (My Passport Air) (Fixed) (Total:465.73 GB) (Free:455.47 GB) NTFS Drive h: (MasterData) (Fixed) (Total:1863.01 GB) (Free:140.32 GB) NTFS Drive i: (Volume) (Fixed) (Total:3725.99 GB) (Free:2242.37 GB) NTFS \\?\Volume{d6cc87ea-265c-450b-9fa9-9a0a98329052}\ (Windows RE Tools) (Fixed) (Total:1 GB) (Free:0.65 GB) NTFS \\?\Volume{17a33cb2-e86e-4f00-806d-7ba20d550de4}\ () (Fixed) (Total:0.78 GB) (Free:0.24 GB) NTFS \\?\Volume{49c35905-b3f3-4202-bc99-22b823737c4c}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.2 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 2 (Size: 465.7 GB) (Disk ID: C3E5F24C) Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ========================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 2CE1609B) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ========================================================== Disk: 4 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ======================= |
Themen zu Windows 10: Freunde erhalten "verseuchte" Emails, vermute Trojaner |
befall, dezember, e-mails, emails, erhalte, erhalten, freund, freunde, geholfen, herzlichen, meinem, nutze, rechner, sonntag, troja, trojane, trojaner, vermute, verseuchte, weiteren, windows, windows 10, würde, yahoo.com |