| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Vermeintliche Infektion mit "murofetweekly"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.01.2021, 00:22
| #1 |
 |  Vermeintliche Infektion mit "murofetweekly" Guten Abend Zusammen, wie der ein oder andere habe auch ich eine Email von der Telekom bekommen, dass ein Endgerät hinter unserer IP mit dem "murofetweekly" infiziert sei. Die Infektion soll nach Angaben der Telekom am 08.01.2021 um 21:59:12 MEZ stattgefunden haben. Wie schon anderweitig berichtet, war die Telekom nicht in der Lage (am Telefon) irgendwelche Details dazu mitzuteilen  Im Netz findet sich dazu auch sehr sehr wenig.Ich konnte aus unserem Pi-Hole noch um den Zeitpunkt 3 spannende DNS-Anfragen finden:
Die DNS-Anfragen kamen alle von einem unserer Android-Tablets. Ich bin mir nicht sicher, was genau zu der Zeit gesurft wurde - man sieht google.de sowie diverse "Werbetreibende". Vielleicht handelt es sich hier um ein gehacktes "Werbebanner" wodurch der Firefox auf obige Adressen zugegriffen hat und im Honigtopf hing. Eine grobe Sichtung der DNS Anfrage seit Anfang des Jahres bis zum 13.1. lieferte keine weiteren URLs, die nach diesem Muster aufgebaut sind. Unsere Windows-Rechner habe ich mit Malewarebytes und dem Windows Defender gescannt. Unsere Androiden mit AVG und Malewarebytes. Alle Scans berichteten 0 Infektionen. Ich werde jetzt aber auf jeden Fall die https://www.trojaner-board.de/96344-anleitung-cleanup-massnahmen-absicherung-rechners.html#post627442 lesen und vermutlich noch einiges lernen und umsetzen. Etwas Bauchweh habe ich noch bei unserem ältesten Windows-PC (doch - ist Win10). Der ist im gleichen Netz, ist der auf dem alles läuft und da würde ich jetzt gerne sichergehen... Dort habe ich dann auch gleich angefangen und bei den installierten Programmen etwas aufgeräumt (so ein Brief von der Telekom ist für die Heimcomputer wie die anstehende Prüfung für die Sauberkeit Bude...). Dann habe ich AdwCleaner und die FRST Scans durchgeführt. Zur Sicherheit bitte ich Euch da mal reinzuschauen. Die Scanergebnise von Malewarebytes... Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 13.01.21
Scan-Zeit: 22:14
Protokolldatei: 545fa840-55e4-11eb-9fb2-f832e4bc5f9c.json
-Softwaredaten-
Version: 4.3.0.98
Komponentenversion: 1.0.1130
Version des Aktualisierungspakets: 1.0.35689
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 18362.1316)
CPU: x64
Dateisystem: NTFS
Benutzer: **Computer**\**AdminUser**
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 519223
Erkannte Bedrohungen: 2
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 27 Min., 56 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 2
PUP.Optional.ChipDe, C:\$RECYCLE.BIN\S-1-5-21-2974319683-333524289-2430525430-1001\$RIN0QMP.EXE, Keine Aktion durch Benutzer, 9554, 562568, 1.0.35689, , ame, , 54DEDA959FABD5C0C646C1E5E6375151, 3F6B3FF7AA0912ECB4515179C5BF6DC80FC7DBD2A0C65FEB4572ECCBAD10D660
PUP.Optional.ChipDe, C:\USERS\**NormalUser**\APPDATA\LOCAL\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754}\CHIP INSTALLER.MSI, Keine Aktion durch Benutzer, 9554, 594115, 1.0.35689, , ame, , 09592483D17F4F088723F4084EA94BD0, BC47ABA34B923C9C53F71928F1D57F6211D52EC020FA14DCC145B4919108F781
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Hinweis dazu: die WebUpdater-Ordner wurden beim Blick aufs Datum während Installationen erzeugt 15.1.21 - die Ordner waren leer. Ich vermute, dass sie zu Garmin gehören (Garmin WebUpdater heißt auch "WebUpdater", hat die gleiche Versionsnr. und wurde am gleichen Tag aktualisiert). Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-16-2021
# Duration: 00:00:44
# OS: Windows 10 Home
# Scanned: 31956
# Detected: 12
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Chip C:\Users\**NormalUser**\AppData\Local\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754}
PUP.Optional.Legacy C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
Trojan.Agent C:\Users\**NormalUser**\AppData\Local\Temp\WebUpdater
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.ASUSAISuite Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2AEAE3EB-AF83-4A1E-A749-2C263F62955B}
Preinstalled.CyberLinkMediaEspresso Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}
Preinstalled.CyberLinkMediaEspresso Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E3739848-5329-48E3-8D28-5BBD6E8BE384}
Preinstalled.CyberLinkService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BDRegion
Preinstalled.CyberLinkService Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|BDRegion
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|RemoteControl10
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-16-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 4
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\Users\**NormalUser**\AppData\Local\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754}
Deleted C:\Users\**NormalUser**\AppData\Local\Temp\WebUpdater
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2916 octets] - [16/01/2021 12:20:16]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Vielen Dank schonmal! Toll, dass es so ein Board gibt! Grüße, Alex P.S.: Kleines Schmankerl noch... In der Telekom-Mail wurde auf eine Info-Seite verwiesen (https://www.telekom.de/hilfe/festnetz-internet-tv/sicherheit/missbrauch-von-diensten/informationen-zur-sicherheitswarnung). Dort steht unter der Frage "Wie kann ich sicher sein, dass der Sicherheitshinweis wirklich vom Telekom Sicherheitsteam ist?" unter Anderem, dass im Text namentlich der Anschlussinhaber genannt wird sowie eine persönliche Anrede erfolgt. Naja.... in dem Anschreiben traf das beides nicht zu  ... Teil 2/3: FRST.txt ... Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-01-2021
durchgeführt von **AdminUser** (Administrator) auf HAL (16-01-2021 23:31:07)
Gestartet von C:\z.Notes
Geladene Profile: **NormalUser** & **AdminUser**
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\FahCore_22.exe
() [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit-avx-256\a7-0.0.19\Core_a7.fah\FahCore_a7.exe
() [Datei ist nicht signiert] D:\Programme\FAHClient\FAHClient.exe
() [Datei ist nicht signiert] D:\Programme\FAHClient\FAHCoreWrapper.exe <2>
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe
(CyberLink Corp. -> cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG) D:\Programme\AusweisApp2\AusweisApp2.exe
(Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <13>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Notepad++ -> Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe <2>
(Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/) D:\Programme\TortoiseGit\bin\TGitCache.exe
(QNAP Systems, Inc. -> QNAP Systems, Inc.) C:\Program Files (x86)\QNAP\Qsync\Qsync.exe
(QNAP Systems, Inc. -> QNAP) C:\Program Files\QNAP\QVR Pro Client\QVRProAgent.exe
(Simon Tatham) [Datei ist nicht signiert] C:\Program Files (x86)\PuTTY\pageant.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Tresorit Kft. -> Tresorit) C:\Users\**NormalUser**\AppData\Local\Tresorit\v0.8\Tresorit.exe
0 C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
0 C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [571192 2014-08-14] (Acronis International GmbH -> Acronis)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8495320 2015-06-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobePSE19AutoAnalyzer] => D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe [2653808 2020-08-27] (Adobe Inc. -> Adobe)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (CyberLink Corp. -> cyberlink)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5356288 2015-07-24] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [693336 2015-07-20] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [612304 2019-11-18] (NIKON CORPORATION -> Nikon Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3137728 2021-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [404200 2019-10-01] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Qsync] => C:\Program Files (x86)\QNAP\Qsync\Qsync.exe [76201784 2020-10-26] (QNAP Systems, Inc. -> QNAP Systems, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-12-14] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-12-14] (Adobe Inc. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [Tresorit] => C:\Users\**NormalUser**\AppData\Local\Tresorit\v0.8\Tresorit.exe [32839824 2021-01-15] (Tresorit Kft. -> Tresorit)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [Fences] => c:\program files (x86)\stardock\fences\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [KeePass Password Safe 2] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3137728 2021-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [AusweisApp2] => D:\Programme\AusweisApp2\AusweisApp2.exe [2405504 2020-11-30] (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [Steam] => D:\Programme\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [38400 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2974319683-333524289-2430525430-1007\...\Run: [Fences] => c:\program files (x86)\stardock\fences\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation)
HKU\S-1-5-21-2974319683-333524289-2430525430-1007\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2974319683-333524289-2430525430-1007\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\Windows\System32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series XPS: C:\Windows\System32\CNMXLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\FRITZ!fax Color Port Monitor: C:\Windows\System32\FritzColorPort64.dll [20480 2006-02-23] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\FRITZ!fax Port Monitor: C:\Windows\System32\FritzPort64.dll [20480 2006-02-22] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\IppMon: C:\Windows\System32\IPPMon.dll [251392 2018-04-12] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\KM Language Monitor: C:\Windows\System32\KMPJL64.DLL [80384 2013-04-08] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Finanzmanager 2020 Zahlungserinnerung.lnk [2020-06-27]
ShortcutTarget: Finanzmanager 2020 Zahlungserinnerung.lnk -> C:\Windows\Installer\{5B16F1F5-E232-4189-ABF1-3F7555CAE778}\billmind.exe (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk [2020-12-06]
ShortcutTarget: Folding@home.lnk -> D:\Programme\FAHClient\HideConsole.exe () [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-12-29]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) [Datei ist nicht signiert]
Startup: C:\Users\**NormalUser**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2019-02-03]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\**NormalUser**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pageant.lnk [2015-12-30]
ShortcutTarget: Pageant.lnk -> (Keine Datei)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05346278-5C82-475D-9773-BAE8A9165931} - System32\Tasks\ASUS\ASUS Media Streamer DMR => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe [304952 2015-05-12] (ASUSTeK Computer Inc. -> )
Task: {0A04C4C3-ED2E-4E33-BF28-9F6064BB0C02} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0DE025B9-51D6-4C5A-BF59-164D08A75841} - System32\Tasks\Finanzmanager\Umsatzabruf Finanzmanager für Datei 4c6e2c38-0044d3b4-2a34-439a-6f9b-abcd => D:\Programme\Finanzmanager2020\QW.EXE [26283240 2020-04-09] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) -> "D:\Shares\B+A\Programme\LW_FinanzMgr2020\QDATA.QDF" /S /X
Task: {0FE28C34-90D4-44EE-BDDA-0373A389084F} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {12F64776-F064-42DB-ACEE-1B2DED1BF87F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {136EAEC8-241D-4A5E-B25E-F5A785C535D8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {18CC0F66-3D34-4A64-9213-DF3ED8A80ED3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E9F70CC-B510-487F-BB45-57123CDA127A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {2824463D-5024-40F1-B7A2-ACF4EE3262F6} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1459152 2015-09-10] (ASUSTeK Computer Inc. -> )
Task: {284C5087-4CC7-4A07-AF43-F82DD9CA44CE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2A07D1C0-F4A9-4B8E-AB1B-A30C26C0546C} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4331288 2015-06-04] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {2DF20549-A11F-4B35-81BC-04BD64FEB16C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30C7D8C8-BE82-4CA2-B573-5D04DFAB3EB6} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe [139932 2020-10-04] (The Git Development Community) [Datei ist nicht signiert]
Task: {544431D7-276F-482C-9C54-D9B95FB0A98F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56B262BE-C7BD-4DC2-B0C7-420FF8105C7E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5FC874A9-0954-4B1B-8FD0-88072DB2FF60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60FC2054-E42F-4698-B528-4CB9064BB1FD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {672E100C-1B3D-4406-8C58-14E81CDB6DE9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {69493FB9-621A-466F-A50A-C3FAC16728CA} - System32\Tasks\AdobeAAMUpdater-1.0-HAL-**NormalUser** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6D7C8B84-90E4-4037-BCAE-8333B18CA176} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7290A6B1-F870-49DF-B216-CC21A730A390} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8C0129A7-6B52-4D9D-9422-3071AE12CD3E} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [3646264 2014-05-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {8EC87098-A10D-4EEB-8A7A-98F184363181} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-19] (Google Inc -> Google Inc.)
Task: {A26E7D5A-70B3-46B9-96FA-D372738F5F39} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {BA878AF4-CA9A-4D99-B836-8BF1F38A06E8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C799DA39-1508-465C-B30C-2BEE4CC88D9A} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1871800 2015-08-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {C856EB2C-BE2D-4B8A-BDD7-B8E2C0D8DBB7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8807819-C01C-48B9-86E9-55BAFAED1561} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-19] (Google Inc -> Google Inc.)
Task: {D528A7E4-0238-4C8E-AD4A-CF8E37CDCF39} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1275672 2015-06-30] (ASUSTeK Computer Inc. -> )
Task: {DC6D2540-17FA-47E6-ABA1-8974BFB97CBE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEA4B3DC-E851-4FF6-BBA2-E72652F79AA9} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {DFBDBE55-3B43-4915-9787-A851924F664D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {E17D15C7-BFBD-4C81-BB36-96E4DBFA33A8} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "https://www.roboform.com/uninstall.html?aaa=KICMMMLJOMOMJJLJNJKMCNMJJMJMJMCNLMOMPMIMCNGMOJHMMJCNKJIMJJJJOJNJKJKMLMLMJMLJJNJICMHMCNKMCNMMFMOMOMCNMMLMKMCNOMIMOMMMLMFMPMCNPMCNOMIMOMMMLMCNNMJNPICMOMFMFMNMJMGMPMJNHICMMJBJKJLIMJJNBJCMNLKJHJNIGJBJIJMIJNKJCMJNNICMJNDJCMLJKJJNMJCMPMFMPMFMPMJNFICMNIJJIIGJPIKJAJKILIBNKJHIKJ"
Task: {F40045BA-4AFC-4662-AB57-84DF336C882C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8CF59B1-E464-450E-9525-79ABE2764E40} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 127.0.0.1 drive.tresorit.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.13
Tcpip\..\Interfaces\{9ded46ae-805c-434a-9125-0bcc662dc150}: [DhcpNameServer] 192.168.178.13
Edge:
=======
Edge HomeButtonPage: HKU\S-1-5-21-2974319683-333524289-2430525430-1001 -> hxxps://www.rollende-gemuesekiste.de/
Edge DefaultProfile: Default
Edge Profile: C:\Users\**AdminUser**\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-13]
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-12-14] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-12-14] (Adobe Inc. -> Adobe Systems)
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264472 2014-08-14] (Acronis International GmbH -> Acronis)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-12-14] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4029432 2015-12-29] (Acronis International GmbH -> Acronis)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-05-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe [397592 2015-07-02] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960904 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink Corp. -> CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [66280 2019-10-02] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
S3 MBAMService; D:\Programme\Malwarebytes\MBAMService.exe [7456464 2021-01-13] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$KNXETS4; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 QvrProAgent; C:\Program Files\QNAP\QVR Pro Client\QVRProAgent.exe [220472 2019-12-10] (QNAP Systems, Inc. -> QNAP)
S4 SQLAgent$KNXETS4; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [6857752 2014-09-13] (Acronis International GmbH -> Acronis)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; D:\Programme\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [43064 2015-06-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R1 cbfs20; C:\WINDOWS\System32\drivers\cbfs20.sys [419872 2020-09-08] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2015-12-29] (Disc Soft Ltd -> Disc Soft Ltd)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [296736 2015-12-29] (Acronis International GmbH -> Acronis International GmbH)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] (Giga-Byte Technology -> )
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-13] (Malwarebytes Inc -> Malwarebytes)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [1058632 2015-12-29] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [248648 2015-12-29] (Acronis International GmbH -> Acronis International GmbH)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174536 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [829320 2018-12-28] (IDRIX -> IDRIX)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-16 12:16 - 2021-01-16 12:29 - 000000000 ____D C:\AdwCleaner
2021-01-16 11:16 - 2021-01-16 11:16 - 000000000 ____D C:\Users\**AdminUser**\AppData\LocalLow\Oracle
2021-01-16 11:14 - 2021-01-16 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-01-16 11:14 - 2021-01-16 11:14 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\Sun
2021-01-16 11:13 - 2021-01-16 11:13 - 000000000 ____D C:\Users\**AdminUser**\AppData\LocalLow\Sun
2021-01-16 11:11 - 2021-01-16 11:11 - 000000840 _____ C:\Users\**AdminUser**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JOSM.lnk
2021-01-16 11:11 - 2021-01-16 11:11 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\JOSM
2021-01-16 11:10 - 2021-01-16 11:14 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-01-16 01:38 - 2021-01-16 01:38 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HeidiSQL
2021-01-16 01:36 - 2021-01-16 01:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Basic
2021-01-16 01:36 - 2021-01-16 01:36 - 000000000 ____D C:\Program Files\PDFsam Basic
2021-01-16 01:22 - 2021-01-16 01:22 - 000000802 _____ C:\Users\**AdminUser**\Desktop\SumatraPDF.lnk
2021-01-16 01:22 - 2021-01-16 01:22 - 000000802 _____ C:\Users\**AdminUser**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2021-01-16 01:22 - 2021-01-16 01:22 - 000000802 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2021-01-16 01:22 - 2021-01-16 01:22 - 000000000 ____D C:\Users\**NormalUser**\AppData\Local\SumatraPDF
2021-01-16 01:11 - 2021-01-16 01:11 - 000004088 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 00:59 - 2021-01-16 01:29 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\Visual Studio Setup
2021-01-16 00:59 - 2021-01-16 00:59 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\vstelemetry
2021-01-16 00:59 - 2021-01-16 00:59 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\Microsoft Visual Studio
2021-01-16 00:59 - 2021-01-16 00:59 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\ServiceHub
2021-01-16 00:56 - 2021-01-16 00:56 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\Microsoft_Corporation
2021-01-16 00:13 - 2021-01-16 00:13 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\SmartControlCenter.B3C165F3B13910B3FE57B6A8F7FCD1A5FFD8D5C2.1
2021-01-16 00:10 - 2021-01-16 00:10 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\Downloaded Installations
2021-01-15 23:41 - 2021-01-15 23:41 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\IrfanView
2021-01-15 23:41 - 2021-01-15 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2021-01-15 23:27 - 2021-01-15 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind
2021-01-15 23:15 - 2021-01-15 23:15 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\EAC
2021-01-15 23:15 - 2021-01-15 23:15 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\AccurateRip
2021-01-15 23:10 - 2021-01-15 23:10 - 000000392 _____ C:\Users\**AdminUser**\Desktop\DiskInternals Research.lnk
2021-01-15 23:10 - 2021-01-15 23:10 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2021-01-15 12:30 - 2021-01-15 12:30 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\KeePass
2021-01-15 12:24 - 2021-01-15 12:24 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\KeePass
2021-01-15 12:12 - 2021-01-15 12:12 - 000000708 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-01-15 12:08 - 2021-01-15 12:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2021-01-15 12:06 - 2021-01-15 12:06 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\Aiseesoft Studio
2021-01-15 11:57 - 2021-01-15 11:57 - 000000040 ____H C:\CFDBF1C16CA3
2021-01-14 23:56 - 2021-01-15 00:49 - 000341535 _____ C:\Users\**NormalUser**\Desktop\DomainAnalyse_2101xx.xlsm
2021-01-14 23:26 - 2021-01-14 23:26 - 000001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DB Browser (SQLCipher).lnk
2021-01-14 23:26 - 2021-01-14 23:26 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DB Browser (SQLite).lnk
2021-01-13 23:43 - 2021-01-13 23:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-13 23:29 - 2021-01-16 23:31 - 000000000 ____D C:\z.Notes
2021-01-13 22:18 - 2021-01-13 23:03 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\TortoiseGit
2021-01-13 22:17 - 2021-01-13 22:18 - 241147480 _____ (The GIMP Team ) C:\Users\**AdminUser**\Downloads\gimp-2.10.22-setup.exe
2021-01-13 22:16 - 2021-01-13 22:16 - 000000000 ____D C:\Users\**AdminUser**\Documents\temp
2021-01-13 22:14 - 2021-01-13 22:14 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\mbam
2021-01-13 22:10 - 2021-01-16 23:31 - 000000000 ____D C:\FRST
2021-01-13 21:42 - 2021-01-13 21:42 - 000000000 ____D C:\Users\**AdminUser**\AppData\LocalLow\Adobe
2021-01-13 21:38 - 2021-01-13 22:11 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\Notepad++
2021-01-13 21:38 - 2021-01-13 21:38 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\PlaceholderTileLogoFolder
2021-01-13 21:32 - 2021-01-13 21:32 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2974319683-333524289-2430525430-1007
2021-01-13 21:32 - 2021-01-13 21:32 - 000000000 ___RD C:\Users\**AdminUser**\OneDrive
2021-01-13 21:32 - 2021-01-13 21:32 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\Comms
2021-01-13 21:30 - 2021-01-13 21:30 - 000002099 _____ C:\Users\**AdminUser**\Desktop\Anpassen Fences.lnk
2021-01-13 21:30 - 2021-01-13 21:30 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\Stardock
2021-01-13 21:30 - 2021-01-13 21:30 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\Stardock
2021-01-13 21:22 - 2021-01-13 21:22 - 000000782 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-13 21:22 - 2021-01-13 21:22 - 000000000 ____D C:\Users\**NormalUser**\AppData\Local\mbam
2021-01-13 21:21 - 2021-01-13 21:21 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-13 21:21 - 2021-01-13 21:21 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-13 21:21 - 2021-01-13 21:21 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-13 21:21 - 2021-01-13 21:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-13 21:20 - 2021-01-13 21:22 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-13 21:20 - 2020-10-05 14:05 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-13 21:20 - 2020-10-05 14:05 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-13 21:20 - 2020-10-05 14:05 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-13 21:20 - 2020-10-05 14:05 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-13 21:20 - 2020-10-05 14:05 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-13 21:20 - 2020-10-05 14:05 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-13 21:20 - 2020-10-05 14:05 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-13 21:20 - 2020-10-05 14:05 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 001507224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 001161112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000673520 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000555248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000047424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 007707544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 006860184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 002098072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445671.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445671.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 000657304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-13 21:18 - 2021-01-15 11:59 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\Adobe
2021-01-13 21:18 - 2021-01-13 21:33 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\D3DSCache
2021-01-13 21:18 - 2021-01-13 21:18 - 000001010 _____ C:\Users\**AdminUser**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elements Creations Notification 2021.lnk
2021-01-13 21:18 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**AdminUser**\Documents\Adobe
2021-01-13 21:18 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\Lexware
2021-01-13 21:18 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\Greenshot
2021-01-13 21:18 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\QNAP
2021-01-13 21:18 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\Greenshot
2021-01-13 21:17 - 2021-01-13 21:17 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\CEF
2021-01-13 21:16 - 2021-01-16 11:13 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\TSVNCache
2021-01-13 21:16 - 2021-01-16 00:12 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\Adobe
2021-01-13 21:16 - 2021-01-13 22:15 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\NVIDIA
2021-01-13 21:16 - 2021-01-13 21:42 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\Packages
2021-01-13 21:16 - 2021-01-13 21:32 - 000002394 _____ C:\Users\**AdminUser**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-13 21:16 - 2021-01-13 21:32 - 000000000 ____D C:\Users\**AdminUser**
2021-01-13 21:16 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\NVIDIA Corporation
2021-01-13 21:16 - 2021-01-13 21:16 - 000000020 ___SH C:\Users\**AdminUser**\ntuser.ini
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ___RD C:\Users\**AdminUser**\3D Objects
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\TeamViewer
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\Subversion
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\VirtualStore
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\TeamViewer
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\Publishers
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\ConnectedDevicesPlatform
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**AdminUser**\AppData\Local\AO Link
2021-01-13 21:16 - 2018-09-15 13:21 - 000002247 _____ C:\Users\**AdminUser**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive (1).lnk
2021-01-13 21:16 - 2016-09-24 20:14 - 000000000 ____D C:\Users\**AdminUser**\AppData\Roaming\Macromedia
2021-01-13 20:12 - 2021-01-13 20:12 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-13 20:12 - 2021-01-13 20:12 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-13 20:12 - 2021-01-13 20:12 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-13 20:12 - 2021-01-13 20:12 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-13 20:12 - 2021-01-13 20:12 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-13 20:12 - 2021-01-13 20:12 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-13 20:12 - 2021-01-13 20:12 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-13 20:12 - 2021-01-13 20:12 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-13 20:12 - 2021-01-13 20:12 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-13 20:12 - 2021-01-13 20:12 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-13 20:12 - 2021-01-13 20:12 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-13 20:12 - 2021-01-13 20:12 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-13 20:12 - 2021-01-13 20:12 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-13 20:12 - 2021-01-13 20:12 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-13 20:12 - 2021-01-13 20:12 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-13 20:12 - 2021-01-13 20:12 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-13 20:12 - 2021-01-13 20:12 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-13 20:11 - 2021-01-13 20:11 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-13 20:11 - 2021-01-13 20:11 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-13 20:11 - 2021-01-13 20:11 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-13 20:11 - 2021-01-13 20:11 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-13 20:11 - 2021-01-13 20:11 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-13 20:11 - 2021-01-13 20:11 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-13 20:11 - 2021-01-13 20:11 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-13 20:11 - 2021-01-13 20:11 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-13 20:11 - 2021-01-13 20:11 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-13 20:10 - 2021-01-13 20:10 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-13 20:10 - 2021-01-13 20:10 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-12 19:05 - 2021-01-12 19:05 - 003453874 _____ C:\Users\**NormalUser**\Downloads\Beispiel-Leserolle.pdf
2021-01-12 19:04 - 2021-01-12 19:04 - 002280455 _____ C:\Users\**NormalUser**\Downloads\Auftragskarten Leserolle.pdf
2021-01-10 09:34 - 2021-01-10 09:34 - 000655499 _____ C:\Users\**NormalUser**\Downloads\Wochenplanarbeit für die Woche vom 11.01. - 15.01.2021.pdf
2021-01-08 08:35 - 2021-01-16 08:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-01-08 08:33 - 2010-12-31 16:00 - 005594977 _____ C:\Users\**NormalUser**\Desktop\210108_Behandlungsvertraege********.pdf
2021-01-07 15:39 - 2021-01-07 15:39 - 000552031 _____ C:\Users\**NormalUser**\Downloads\Weihnachtsgruß.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-16 23:27 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-16 23:04 - 2016-11-26 20:22 - 000000000 ____D C:\Users\**NormalUser**\AppData\LocalLow\Mozilla
2021-01-16 22:48 - 2020-03-12 21:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-16 18:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-16 16:57 - 2015-12-29 23:13 - 000000000 ____D C:\Users\**NormalUser**\AppData\Local\CrashDumps
2021-01-16 13:34 - 2019-11-23 23:45 - 000000000 ____D C:\Users\**NormalUser**\AppData\Local\TortoiseGit
2021-01-16 13:34 - 2019-02-10 10:27 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-16 12:39 - 2017-06-06 22:38 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-16 12:38 - 2020-03-12 21:27 - 001834628 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-16 12:38 - 2019-03-19 13:16 - 000785736 _____ C:\WINDOWS\system32\perfh007.dat
2021-01-16 12:38 - 2019-03-19 13:16 - 000167752 _____ C:\WINDOWS\system32\perfc007.dat
2021-01-16 12:38 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-16 12:31 - 2020-12-14 06:19 - 000000000 ___RD C:\Users\**NormalUser**\Creative Cloud Files
2021-01-16 12:30 - 2020-03-12 21:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-16 12:30 - 2018-03-01 21:45 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-16 12:30 - 2017-08-21 07:34 - 000147656 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
2021-01-16 12:30 - 2015-12-30 00:23 - 000000000 ____D C:\Users\**NormalUser**\AppData\Local\TSVNCache
2021-01-16 12:29 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-16 12:29 - 2015-12-30 17:39 - 000000000 ____D C:\Users\**NormalUser**\AppData\Local\Downloaded Installations
2021-01-16 12:19 - 2018-07-27 23:16 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\KeePass
2021-01-16 08:18 - 2020-12-15 23:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-01-16 08:18 - 2018-03-26 20:18 - 000000000 ____D C:\Users\**NormalUser**\AppData\Local\Greenshot
2021-01-16 08:18 - 2017-06-06 22:38 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-16 08:18 - 2015-12-30 00:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-16 01:48 - 2018-07-28 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2017.2.0f3 (64-bit)
2021-01-16 01:45 - 2017-11-18 00:33 - 000000000 ____D C:\Users\**NormalUser**\AppData\Local\Packages
2021-01-16 01:41 - 2015-12-30 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge
2021-01-16 01:30 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-16 01:29 - 2019-08-08 21:21 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\VidCoder
2021-01-16 01:29 - 2018-07-28 23:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2021-01-16 01:29 - 2016-04-25 21:13 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2021-01-16 01:26 - 2020-03-12 20:59 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-01-16 01:26 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-16 01:25 - 2016-01-06 22:24 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-01-16 01:23 - 2015-12-31 00:49 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\TS3Client
2021-01-16 01:20 - 2016-04-25 21:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2021-01-16 01:20 - 2015-12-29 08:57 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-16 01:19 - 2016-08-01 21:49 - 000000000 ____D C:\Program Files\qemu
2021-01-16 01:15 - 2016-01-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2021-01-16 01:15 - 2016-01-06 22:24 - 000000000 ____D C:\WINDOWS\system32\1033
2021-01-16 01:11 - 2020-03-12 21:25 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2020-03-12 21:25 - 000004000 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2020-03-12 21:25 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2020-03-12 21:25 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2020-03-12 21:25 - 000003866 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2020-03-12 21:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2020-03-12 21:25 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2017-06-06 22:38 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-01-16 01:11 - 2017-06-06 22:38 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-16 01:09 - 2016-01-24 22:18 - 000000000 ____D C:\Program Files (x86)\MySQL
2021-01-16 01:08 - 2016-01-24 22:14 - 000000000 ____D C:\ProgramData\MySQL
2021-01-16 01:03 - 2015-12-30 23:46 - 000000000 ____D C:\ProgramData\tmp
2021-01-16 01:03 - 2015-12-30 23:44 - 000000000 ____D C:\Program Files\dm
2021-01-16 00:49 - 2015-12-30 00:11 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-01-16 00:46 - 2017-05-25 09:35 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\Audacity
2021-01-15 23:48 - 2015-12-30 00:09 - 000000000 ____D C:\ProgramData\Oracle
2021-01-15 23:44 - 2017-06-03 23:58 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\vlc
2021-01-15 23:35 - 2016-04-25 21:21 - 000000000 ____D C:\Program Files (x86)\IIS Express
2021-01-15 23:30 - 2019-09-14 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-01-15 23:30 - 2019-09-14 18:36 - 000000000 ____D C:\Program Files (x86)\Garmin
2021-01-15 23:28 - 2019-09-14 18:37 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\Garmin
2021-01-15 23:27 - 2018-04-03 21:25 - 000000000 ____D C:\Users\**NormalUser**\.freemind
2021-01-15 23:17 - 2016-01-05 00:11 - 000000000 ____D C:\Program Files (x86)\EXIF Date Changer
2021-01-15 23:10 - 2018-09-28 21:45 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2021-01-15 22:56 - 2016-01-02 00:12 - 000000000 ___HD C:\ProgramData\CanonIJScan
2021-01-15 22:56 - 2016-01-02 00:12 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\Canon
2021-01-15 22:56 - 2016-01-01 22:46 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2021-01-15 22:56 - 2016-01-01 22:46 - 000000000 ___HD C:\Program Files\CanonBJ
2021-01-15 22:53 - 2020-03-27 23:15 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\balena-etcher
2021-01-15 22:52 - 2015-12-30 00:14 - 000000000 ____D C:\Program Files (x86)\Areca
2021-01-15 17:06 - 2018-07-09 20:19 - 000000000 ____D C:\Users\**NormalUser**\AppData\Local\D3DSCache
2021-01-15 12:42 - 2020-04-27 19:55 - 000000826 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk
2021-01-15 12:38 - 2016-04-18 22:19 - 000000000 ____D C:\Users\**NormalUser**\.android
2021-01-15 12:36 - 2016-04-18 22:17 - 000000000 ____D C:\Program Files\Android
2021-01-15 12:24 - 2018-07-27 23:11 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2021-01-15 12:24 - 2018-07-27 23:11 - 000000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2021-01-15 12:07 - 2020-01-18 13:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
2021-01-15 12:01 - 2015-12-30 17:45 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-01-15 11:58 - 2015-12-30 23:57 - 000000000 ____D C:\Program Files\Adobe
2021-01-15 11:57 - 2015-12-30 23:58 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-01-15 11:57 - 2015-12-30 23:57 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-01-13 23:29 - 2015-12-29 00:05 - 000000000 ____D C:\Temp
2021-01-13 22:11 - 2018-07-10 18:52 - 000000716 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-01-13 21:21 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-13 21:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-13 21:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Help
2021-01-13 21:16 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-13 21:16 - 2015-12-29 08:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-13 21:15 - 2020-03-12 21:17 - 000533960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-13 21:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-13 21:15 - 2017-11-18 09:59 - 000000000 ___RD C:\Users\**NormalUser**\3D Objects
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-13 21:13 - 2020-12-03 21:35 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\Evernote
2021-01-13 21:13 - 2019-03-19 13:18 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-13 21:13 - 2019-03-19 13:18 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-13 20:22 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-13 20:20 - 2015-12-29 22:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 20:15 - 2015-12-29 22:17 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-13 20:10 - 2020-03-12 21:17 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-12 08:31 - 2020-06-14 12:37 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-12 08:31 - 2020-06-14 12:37 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-11 21:19 - 2020-07-09 06:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-11 21:19 - 2018-04-25 20:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-11 20:24 - 2015-12-31 00:22 - 000000600 _____ C:\Users\**NormalUser**\AppData\Local\PUTTY.RND
2021-01-11 20:02 - 2015-12-30 17:44 - 000000128 _____ C:\Users\**NormalUser**\AppData\Roaming\winscp.rnd
2021-01-11 07:17 - 2019-10-03 19:43 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-11 07:17 - 2019-10-03 19:43 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-01-09 20:46 - 2020-06-14 12:37 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-09 01:39 - 2017-11-20 20:53 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\Code
2021-01-05 21:44 - 2015-12-30 17:21 - 000000000 ____D C:\ProgramData\Lexware
2021-01-04 20:00 - 2015-12-31 00:03 - 000450334 _____ C:\ProgramData\StreamingMediaTechnologyLog.txt
2020-12-22 11:02 - 2020-04-13 21:08 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\Kodi
2020-12-22 00:19 - 2017-11-20 20:52 - 000000000 ____D C:\Program Files\Microsoft VS Code
2020-12-21 23:41 - 2017-11-20 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2020-12-21 17:01 - 2018-02-26 21:54 - 000000000 ____D C:\Users\**NormalUser**\AppData\Roaming\MusicBrainz
2020-12-18 23:53 - 2020-12-03 21:35 - 000000000 ____D C:\Users\**NormalUser**\AppData\Local\evernote-client-updater
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-01-18 16:53 - 2020-04-27 22:10 - 000000004 _____ () C:\ProgramData\hscanpdfdata.dat
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
17.01.2021, 00:23
| #2 |
| | Vermeintliche Infektion mit "murofetweekly" ... Teil 3/3: Additions.txt
__________________Da fällt beim draufschauen doch auf, dass ich mal bei den Firewall-Rules die Regeln der nicht mehr vorhandenen Programme entfernen sollte... Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-01-2021
durchgeführt von **AdminUser** (16-01-2021 23:34:19)
Gestartet von C:\z.Notes
Windows 10 Home Version 1909 18363.1316 (X64) (2020-03-12 20:26:01)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2974319683-333524289-2430525430-500 - Administrator - Disabled)
**NormalUser** (S-1-5-21-2974319683-333524289-2430525430-1001 - Limited - Enabled) => C:\Users\**NormalUser**
DefaultAccount (S-1-5-21-2974319683-333524289-2430525430-503 - Limited - Disabled)
**AdminUser** (S-1-5-21-2974319683-333524289-2430525430-1007 - Administrator - Enabled) => C:\Users\**AdminUser**
Gast (S-1-5-21-2974319683-333524289-2430525430-501 - Limited - Disabled)
**OtherUser*** (S-1-5-21-2974319683-333524289-2430525430-1006 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2974319683-333524289-2430525430-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Acronis True Image 2015 (HKLM-x32\...\{12889D0E-B7E0-4504-9F6C-7B4F1FC03CE5}) (Version: 18.0.4061 - Acronis)
Active Directory Authentication Library for SQL Server (HKLM\...\{E646D196-A17B-4F14-BE7B-F774527FE5E0}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{44DC843A-C591-4064-BE1F-2BDC177AF50C}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.1.470 - Adobe Inc.)
Adobe Photoshop Elements 2021 (HKLM-x32\...\PSE_19_0) (Version: 19.0 - Adobe Inc.)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.26 - ASUSTeK Computer Inc.)
Aiseesoft Blu-ray Player 6.7.6 (HKLM-x32\...\{3E1A13C3-E458-4995-BEA6-4B9BE279D502}_is1) (Version: 6.7.6 - Aiseesoft Studio)
Amazon Kindle (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Amazon Kindle) (Version: 1.17.0.44170 - Amazon)
Android Studio (HKLM\...\Android Studio) (Version: 4.1 - Google LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
Asus Sonic Suite Plugins (HKLM-x32\...\{3843fc8e-e352-4238-be32-74ca38dd57a0}) (Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
AusweisApp2 (HKLM-x32\...\{F3E22721-7F7E-472F-BBBA-6B5572E15A58}) (Version: 1.22.0 - Governikus GmbH & Co. KG)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin)
balenaEtcher 1.5.101 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.101 - Balena Inc.)
balenaEtcher 1.5.80 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\{d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b}) (Version: 1.5.80 - Balena Inc.)
Behaviors SDK (Windows) for Visual Studio 2013 (HKLM-x32\...\{B2429EA1-767E-4947-A458-F2204A2AA1BB}) (Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{7DF6313D-1090-4964-8EB4-632DFA704CF8}) (Version: 5.6.0 - Kovid Goyal)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
CEWE Fotowelt (HKLM-x32\...\CEWE Fotowelt) (Version: 7.1.1 - CEWE Stiftung u Co. KGaA)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DB Browser for SQLite (HKLM\...\{EBC2E51F-67BE-4839-8215-2D3C1AD19D1A}) (Version: 3.12.0 - DB Browser for SQLite Team)
DDBAC (HKLM-x32\...\{686F2AC2-CC20-48E6-8CBC-7CE405F4E688}) (Version: 5.6.17.0 - B+S Banksysteme Aktiengesellschaft)
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 4.7 - DiskInternals Research)
easyHDR 2 (HKLM-x32\...\easyHDR_2) (Version: 2.30.6 - BRTKSOFT Bartlomiej Okonek)
Evernote 10.5.7 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.5.7 - Evernote Corporation)
Exact Audio Copy 1.6 (HKLM-x32\...\Exact Audio Copy) (Version: 1.6 - Andre Wiethoff)
ffdshow v1.3.4531 [2014-06-28] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4531.0 - )
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Folding@home (HKLM-x32\...\FAHClient) (Version: 7.6.21 - Folding@home.org)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
Garmin BaseCamp (HKLM-x32\...\{9b6e1420-2b69-4974-a25f-ba67399695fd}) (Version: 4.7.3.0 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{F71A87C2-FEF5-450A-A601-DCC1A9E23DAF}) (Version: 4.7.3.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{4e365b8d-ed6f-4316-a1b8-f8762eaed5a0}) (Version: 2.5.8 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{9644C9A2-DB70-40B2-9CD3-E025F9CD867D}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Hidden
GDR 4042 für SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
GeoSetter 3.5.3 (HKLM-x32\...\GeoSetter_is1) (Version: - Friedemann Schmidt)
GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.90.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.90.0000 - GIGABYTE Technology Co.,Ltd.)
Git version 2.28.0 (HKLM\...\Git_is1) (Version: 2.28.0 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\GitHubDesktop) (Version: 2.5.0 - GitHub, Inc.)
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.2.23 - The GnuPG Project)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GoToMeeting 10.15.0.19228 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\GoToMeeting) (Version: 10.15.0.19228 - LogMeIn, Inc.)
Gpg4win (3.1.13) (HKLM-x32\...\Gpg4win) (Version: 3.1.13 - The Gpg4win Project)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HashCheck Shell Extension (HKLM\...\HashCheck Shell Extension) (Version: 2.4.0.55 - )
HashTab 6.0.0.34 (HKLM\...\HashTab) (Version: 6.0.0.34 - Implbits Software)
HeidiSQL 11.1.0.6116 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\HeidiSQL_is1) (Version: 11.1 - Ansgar Becker)
Horland's Scan2Pdf (HKLM-x32\...\Horlands Scan2Pdf 6_is1) (Version: 6.7.0.1 - Horland Software)
Hugin 2016.0.0 (HKLM-x32\...\Hugin) (Version: 2016.0.0 hg_3b4e2790cb90 - The Hugin Development Team)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6230EE50-BD4E-4B39-904D-3E7600053E08}) (Version: 6.2.1 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IrfanView 4.57 (64-bit) (HKLM\...\IrfanView64) (Version: 4.57 - Irfan Skiljan)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
JOSM 17428 (HKLM-x32\...\JOSM) (Version: 17428 - OpenStreetMap JOSM team)
KeePass Password Safe 2.47 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.47 - Dominik Reichl)
KNX eteC Falcon Runtime v2.1 (HKLM-x32\...\{9543BDC2-B910-4ED8-AD92-B8B92040245D}) (Version: 2.1.5431.49892 - KNX Association cvba) Hidden
KNX ETS4 (HKLM-x32\...\{A9F2E6BA-6756-4D8D-808E-671F4862EF2B}) (Version: 4.2.3884.50021 - KNX Association cvba) Hidden
KNX ETS4 (HKLM-x32\...\KNX ETS4) (Version: 4.2.3884.50021 - KNX Association cvba)
KNX ETS4 Additional Runtime (HKLM-x32\...\{B9681EB8-76E5-4022-AE84-F6B7CE464554}) (Version: 4.0.0.0 - KNX Association cvba) Hidden
Kodi (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Kodi) (Version: - XBMC Foundation)
Leawo Blu-ray Player Version 2.0.2.0 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 2.0.2.0 - Leawo Software)
Lexware buchhalter 2020 (HKLM-x32\...\{C82189A3-82A2-4C14-A477-A8E9CA16CACE}) (Version: 25.05.00.0382 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware EasyArchive 2020 (HKLM-x32\...\{6214A8D2-D034-4C64-891B-8B252DAE7EAF}) (Version: 4.00.00.0205 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Einnahmen-Überschuss-Rechner 2020 (HKLM-x32\...\{d74e6c1c-243b-43d6-ae85-a4092670274a}) (Version: 25.5.0.287 - Haufe-Lexware GmbH & Co. KG)
Lexware Elster 2020 (HKLM-x32\...\{03DE7F6B-41FF-43D2-91BB-2A1895388866}) (Version: 20.04.00.0376 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2020 (HKLM-x32\...\{9502e0b1-83d1-4d72-8a61-3f50175bce11}) (Version: 20.4.0.275 - Haufe-Lexware GmbH & Co. KG)
Lexware Finanzmanager 2020 (HKLM-x32\...\{4f7a16a4-aaad-448e-8bda-b3509a128728}) (Version: 27.39.0.181 - Haufe-Lexware GmbH & Co.KG)
Lexware finanzmanager 2020 (HKLM-x32\...\{5B16F1F5-E232-4189-ABF1-3F7555CAE778}) (Version: 27.39.00.0267 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Finanzmanager Import Export Server 2020 (HKLM-x32\...\{B434B636-B83B-4A90-8DF8-6A25456A0D21}) (Version: 27.05.00.0190 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware FolderPermission 2019 (HKLM-x32\...\{1E662826-FBAB-43A8-A43F-09F0DD5FFF26}) (Version: 2.00.00.0131 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Info Service 2020 (HKLM-x32\...\{CB8E2157-1AD1-45DF-9B8E-3B215EF0F9AE}) (Version: 20.00.00.0121 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst 2020 (HKLM-x32\...\{5D1CF90A-BC7A-40B3-8A15-4802F1BF5B73}) (Version: 9.00.00.0111 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking 2020 (HKLM-x32\...\{C7AD95C7-7974-4674-81F4-B89E62FB97D1}) (Version: 27.00.00.0166 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5.5 (HKLM-x32\...\{851F57CD-8A05-4995-9BC7-3DF1BDABB38C}) (Version: 5.52.00.0226 - Haufe-Lexware GmbH & Co.KG) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Media Streamer (HKLM-x32\...\{B457E718-00CA-45C8-9F75-45D66F8DAFF6}) (Version: 3.00.13 - ASUSTeK Computer Inc.)
Microsoft .NET Core SDK - 2.1.202 (x64) (HKLM-x32\...\{06b884b0-4947-4439-859f-098e431012d6}) (Version: 2.1.202 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.65 - )
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2974319683-333524289-2430525430-1007\...\OneDriveSetup.exe) (Version: 19.002.0107.0005 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB RC0 (HKLM\...\{9CED5D08-5664-4668-A927-CD6C60C4175D}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects RC0 (HKLM-x32\...\{948B5F49-A57E-46B4-9F1E-145D7A9E66D7}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects RC0 (x64) (HKLM\...\{F6F8053F-D328-4ACA-93A1-A49E495899F2}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service RC0 (HKLM-x32\...\{1852BD30-570B-4E47-8752-461448E8E250}) (Version: 13.0.12000.52 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom RC0 (HKLM\...\{D9F55D00-A8AB-4518-A56E-D9D5E615542A}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60311.1) (HKLM-x32\...\{28292CA9-8D65-4E37-95A3-753EEB38F122}) (Version: 14.0.60311.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM\...\{495CC0B4-D4C3-4D87-8317-F66BA48C5552}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM-x32\...\{3A87F9F2-D65D-4BA9-8459-E5BBE31EA64D}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ Compiler Package for Python 2.7 (HKLM-x32\...\{692514A8-5484-45FC-B0AE-BE2DF7A75891}) (Version: 9.0.1.30729 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.52.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 de) (HKLM\...\Mozilla Firefox 84.0.2 (x64 de)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
Mozilla Thunderbird 78.6.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 78.6.1 (x86 de)) (Version: 78.6.1 - Mozilla)
Müller Foto (HKLM-x32\...\Müller Foto) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 2.5.1 - MusicBrainz)
NahimicSettingsConfigurator (HKLM\...\{81B881EA-2E90-4E70-8022-BA48D358586A}) (Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.4.1 - Nikon Corporation)
Nikon Transfer 2 (HKLM-x32\...\{757DBE04-3DC8-4741-B10B-4628745E96FE}) (Version: 2.13.5 - Nikon Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Grafiktreiber 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.16 (HKLM\...\{6BC7BBCE-9202-4698-B866-F02AACB838C7}) (Version: 6.1.16 - Oracle Corporation)
OSM generic routable (new style) (HKLM-x32\...\OSM generic routable (new style)) (Version: - )
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PDFsam Basic (HKLM\...\{5F69C3E1-65F3-4B53-99A1-AABF8E9FFBA6}) (Version: 4.2.1.0 - Sober Lemur S.a.s. di Vacondio Andrea)
Picture Control Utility 2 (HKLM\...\{C03DA72C-DE1F-4628-9CA0-53AFAE96C05F}) (Version: 2.4.5 - Nikon Corporation)
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT RC0 (HKLM-x32\...\{AB72EB1C-9CF4-4274-984D-5EDA8BF37A08}) (Version: 13.0.1100.286 - Microsoft Corporation)
PuTTY release 0.66 (HKLM-x32\...\PuTTY_is1) (Version: 0.66 - Simon Tatham)
Python 2.7.15 (HKLM-x32\...\{16CD92A4-0152-4CB7-8FD6-9788D3363616}) (Version: 2.7.15150 - Python Software Foundation)
QNAP Qsync Client (HKLM-x32\...\Qsync) (Version: 4.5.1.1026 - QNAP Systems, Inc.)
QNAP QVR Pro Client (HKLM-x32\...\QNAPQVR Pro ClientX64) (Version: 1.3.0.19345 - QNAP Systems, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (HKLM-x32\...\{263EF873-F5D0-3134-A962-356C21A3510F}) (Version: 14.0.25126 - Microsoft Corporation) Hidden
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Sonic Studio Plugin (HKLM\...\{F55B1B94-3BFA-49D4-AE45-2ECE776BA815}) (Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
SourceTree (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\SourceTree) (Version: 3.3.8 - Atlassian)
Spotify (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Spotify) (Version: 1.1.44.538.g8057de92 - Spotify AB)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stardock Fences 3 (HKLM-x32\...\Stardock Fences 3) (Version: 3.09 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk)
TAXMAN 2020 (HKLM-x32\...\{1342F8EA-0E9F-4CCB-81E8-74638BC0C757}) (Version: 25.38.89 - Haufe-Lexware GmbH & Co.KG)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
tiptoi® Manager 4.2 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.2 - Ravensburger AG)
TortoiseGit 2.11.0.0 (64 bit) (HKLM\...\{BC4EEE50-1DEA-4CED-A29E-078B39247EFA}) (Version: 2.11.0.0 - TortoiseGit)
TortoiseSVN 1.13.1.28686 (64 bit) (HKLM\...\{F7080EF1-BD21-483B-ACAE-E19FAA2DF458}) (Version: 1.13.28686 - TortoiseSVN)
Tresorit (HKLM-x32\...\{F91B7DAB-1466-4473-AADC-B95F6197E5F9}) (Version: 3.5.2528.1420 - Tresorit)
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{DD51688B-194A-4A10-83D8-40AD1D9954A1}) (Version: 1.8.30.0 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.23-Hotfix-2 - IDRIX)
ViewNX-i (HKLM\...\{C02E1F40-7EB2-4084-991B-EBFC7F586E26}) (Version: 1.4.2 - Nikon Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WakeOnLAN Version 2.12.2.0 (HKLM\...\{05DF342B-3E1A-4862-9E67-8E7E9839D3EC}_is1) (Version: 2.12.2.0 - Aquila Technology)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinMerge 2.16.8.0 x64 (HKLM\...\WinMerge_is1) (Version: 2.16.8.0 - Thingamahoochie Software)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinSCP 5.17.6 (HKLM-x32\...\winscp3_is1) (Version: 5.17.6 - Martin Prikryl)
Zoom (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-13] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BAD45F}\localserver32 -> "C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe" -toastactivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32 -> D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2021}\localserver32 -> D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E0F5B1336BD1} -> [Creative Cloud Files] => C:\Users\**NormalUser**\Creative Cloud Files [2020-12-14 06:19]
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{1B8DEAA1-E192-429B-89A7-89BD19183A67} -> [Tresorit Drive] => W:\0
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{57D0E8CF-2552-4B76-A5C4-B1E9D413FD14} -> [Qsync] => C:\Users\**NormalUser**\AppData\Local\QNAP\Qsync\Quick Access [2017-11-15 22:41]
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\**NormalUser**\AppData\Local\GoToMeeting\12023\G2MOutlookAddin64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{D6EB3938-8CBE-4CC5-8CFA-C89750619193} -> [Synchronisierte Tresore] => %USERPROFILE%\.tresorit\Tresors0
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1007_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2021}\localserver32 -> D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1007_Classes\CLSID\{55808EA8-81FE-43c6-AAE8-1D8149F941D3}\InprocServer32 -> D:\Programme\SumatraPDF\PdfFilter.dll () [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1007_Classes\CLSID\{57D0E8CF-2552-4B76-A5C4-B1E9D413FD14} -> [Qsync] => C:\Users\**AdminUser**\AppData\Local\QNAP\Qsync\Quick Access [2021-01-13 21:18]
SSODL: CallbackTechMountNotificator-cbfs20 - {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99} - C:\WINDOWS\system32\cbfsShellHelper20.dll (Callback Technologies, Inc. -> Callback Technologies, Inc. - www.callback.com)
SSODL-x32: CallbackTechMountNotificator-cbfs20 - {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99} - C:\WINDOWS\SysWOW64\cbfsShellHelper20.dll (Callback Technologies, Inc. -> Callback Technologies, Inc. - www.callback.com)
ShellServiceObjects: Virtual Storage Mount Notification -> {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99} => C:\WINDOWS\system32\cbfsShellHelper20.dll [2020-09-08] (Callback Technologies, Inc. -> Callback Technologies, Inc. - www.callback.com)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99} => C:\WINDOWS\SysWOW64\cbfsShellHelper20.dll [2020-09-08] (Callback Technologies, Inc. -> Callback Technologies, Inc. - www.callback.com)
ShellIconOverlayIdentifiers: [ QsyncEx_Icon1] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ QsyncEx_Icon2] -> {E3FEB4FC-4836-4DC7-B6E6-200229DE3748} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ QsyncEx_Icon3] -> {5931A2EF-1745-4325-9AC8-2E569E0C7CF0} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ QsyncEx_Icon4] -> {9968E808-7FD7-43D3-9D03-724F975A6173} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Programme\Notepad++\NppShell_06.dll [2020-09-24] (Notepad++ -> )
ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers1-x32: [GeoSetterShellExt] -> {7506374C-A693-427B-8DDD-99DAFB79433D} => D:\Programme\GeoSetter\GeoSetterShellExt.dll [2019-10-29] (Friedemann Schmidt) [Datei ist nicht signiert]
ContextMenuHandlers1: [GeoSetterShellExt64] -> {A50BD5C6-4B18-44F3-8D6D-62DE89A969E9} => D:\Programme\GeoSetter\GeoSetterShellExt64.dll [2019-10-29] (Friedemann Schmidt) [Datei ist nicht signiert]
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => D:\Programme\Gpg4win\bin_64\gpgex.dll [2020-09-04] (g10 Code GmbH) [Datei ist nicht signiert]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ContextMenuHandlers1: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers1: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\Programme\WinMerge\ShellExtensionX64.dll [2020-07-20] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers2: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\Programme\WinMerge\ShellExtensionX64.dll [2020-07-20] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programme\Malwarebytes\mbshlext.dll [2021-01-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => D:\Programme\Gpg4win\bin_64\gpgex.dll [2020-09-04] (g10 Code GmbH) [Datei ist nicht signiert]
ContextMenuHandlers4: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ContextMenuHandlers4: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers4: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\Programme\WinMerge\ShellExtensionX64.dll [2020-07-20] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ContextMenuHandlers5: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers5: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\Programme\WinMerge\ShellExtensionX64.dll [2020-07-20] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programme\7-Zip\7-zip32.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers6-x32: [GeoSetterShellExt] -> {7506374C-A693-427B-8DDD-99DAFB79433D} => D:\Programme\GeoSetter\GeoSetterShellExt.dll [2019-10-29] (Friedemann Schmidt) [Datei ist nicht signiert]
ContextMenuHandlers6: [GeoSetterShellExt64] -> {A50BD5C6-4B18-44F3-8D6D-62DE89A969E9} => D:\Programme\GeoSetter\GeoSetterShellExt64.dll [2019-10-29] (Friedemann Schmidt) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programme\Malwarebytes\mbshlext.dll [2021-01-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ContextMenuHandlers6: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers6: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-06-28] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-12-29 08:57 - 2014-07-23 02:59 - 000104448 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2020-07-22 10:14 - 2020-07-22 10:14 - 000272384 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\IOTCAPIs.dll
2020-07-22 10:14 - 2020-07-22 10:14 - 000105984 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\P2PTunnelAPIs.dll
2020-06-01 09:18 - 2020-06-01 09:18 - 000166400 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\RdiffDll.dll
2020-07-22 10:14 - 2020-07-22 10:14 - 000103936 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\RDTAPIs.dll
2019-10-19 00:02 - 2019-10-19 00:02 - 000056320 _____ () [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\QtSolutions_Service-head.dll
2016-01-02 00:50 - 2006-02-23 11:35 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzColorPort64.dll
2016-01-02 00:50 - 2006-02-22 10:39 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzPort64.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 003213312 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\nvrtc-builtins64_92.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 003277824 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMM.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 000804864 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMMCPU.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 002045440 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMMCUDA.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 000281600 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMMCudaCompiler.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 002169344 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMMOpenCL.dll
2020-12-06 21:12 - 2020-12-06 21:12 - 002772692 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit-avx-256\a7-0.0.19\Core_a7.fah\libfftw3f-3.dll
2015-12-29 09:24 - 2015-05-08 07:26 - 000108544 ____R (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL
2015-12-29 09:25 - 2014-09-08 07:26 - 000108544 ____R (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsAcpi.dll
2015-12-29 08:57 - 2021-01-16 12:30 - 000037160 _____ (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-12-29 09:25 - 2014-09-08 07:26 - 000676864 ____R (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\asacpiEx.dll
2020-11-03 11:58 - 2019-10-29 22:47 - 000750900 _____ (Friedemann Schmidt) [Datei ist nicht signiert] D:\Programme\GeoSetter\GeoSetterShellExt64.dll
2020-09-04 14:53 - 2020-09-04 14:53 - 000449024 _____ (g10 Code GmbH) [Datei ist nicht signiert] D:\Programme\Gpg4win\bin_64\gpgex.dll
2021-01-14 07:05 - 2021-01-14 07:05 - 001936896 _____ (Greenshot) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\GreenshotPlugin\95aa56d453495d0bfdb383792c19768d\GreenshotPlugin.ni.dll
2021-01-16 01:41 - 2020-07-20 19:01 - 000203264 _____ (hxxp://winmerge.org) [Datei ist nicht signiert] D:\Programme\WinMerge\ShellExtensionX64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000251392 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\System32\IPPMon.dll
2020-03-12 21:19 - 2020-03-12 21:19 - 001654784 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2020-03-12 21:19 - 2020-03-12 21:19 - 000054272 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80DEU.DLL
2020-04-19 21:08 - 2020-04-19 21:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-04-19 21:08 - 2020-04-19 21:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 087017472 _____ (NVIDIA Corporation) [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\cufft64_92.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 015544832 _____ (NVIDIA Corporation) [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\nvrtc64_92.dll
2020-10-23 03:42 - 2020-10-23 03:42 - 066421248 _____ (QNAP Systems, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\Lang\QsyncDEU.dll
2021-01-14 07:05 - 2021-01-14 07:05 - 000740352 _____ (The Apache Software Foundation) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\log4net\23757deccb0632eb09e5c935a21a9ea3\log4net.ni.dll
2020-06-01 09:18 - 2020-06-01 09:18 - 002115584 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\libcrypto-1_1.dll
2020-06-01 09:18 - 2020-06-01 09:18 - 000371200 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\libssl-1_1.dll
2019-10-19 00:02 - 2019-10-19 00:02 - 001652224 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\LIBEAY32.dll
2019-10-19 00:03 - 2019-10-19 00:03 - 000345600 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\SSLEAY32.dll
2019-12-10 22:09 - 2019-12-10 22:09 - 006105088 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\Qt5Core.dll
2019-04-09 09:22 - 2019-04-09 09:22 - 001301504 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\Qt5Network.dll
2019-04-10 17:56 - 2019-04-10 17:56 - 000141312 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\Qt5WebSockets.dll
2016-01-02 00:50 - 2006-02-23 12:16 - 000047616 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmColorFax.dll
2016-01-02 00:50 - 2006-02-22 10:53 - 000043520 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmFax.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kein Name -> {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99}' -> Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Kein Name -> {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99}' -> Keine Datei
Toolbar: HKU\S-1-5-21-2974319683-333524289-2430525430-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - Keine Datei
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\localhost -> localhost
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2020-11-22 20:19 - 000000854 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 drive.tresorit.com
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Python27\;C:\Python27\Scripts;C:\Perl64\site\bin;C:\Perl64\bin;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\System32;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files\doxygen\bin;C:\Users\**NormalUser**\.dnx\bin;C:\Program Files\Microsoft DNX\Dnvm\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\System32;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files\Microsoft VS Code\bin;C:\Program Files\TortoiseSVN\bin;D:\Programme\Gpg4win\..\GnuPG\bin;C:\Program Files\Git\cmd;D:\Programme\TortoiseGit\bin;D:\Programme\Calibre2\;D:\Programme\FAHClient
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2974319683-333524289-2430525430-1007\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
ist aktiviert.
Network Binding:
=============
VirtualBox Host-Only Network #3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network #2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "Finanzmanager 2017 Zahlungserinnerung.lnk"
HKLM\...\StartupApproved\StartupFolder: => "GIGABYTE OC_GURU.lnk"
HKLM\...\StartupApproved\Run: => "Fences"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobePSE17AutoAnalyzer"
HKLM\...\StartupApproved\Run32: => "ASUS AiChargerPlus Execute"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer DMS"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer WSAgent"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer ShareEdit"
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\StartupApproved\Run: => "KeePass Password Safe 2"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{FFD85465-977C-4520-9B73-0CE33FDBB99E}C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm.exe => Keine Datei
FirewallRules: [TCP Query User{8FDC8FF6-B726-4023-B064-AF0D57E36B20}C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm.exe => Keine Datei
FirewallRules: [{F5206E27-BA97-48F4-BCB0-D07B397056FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{17572C71-10E4-4E11-B0F1-1ABD8E9ECEF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{150740DE-9B06-4242-AA93-65C90E8E57A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B5C7CF9E-5D82-4ED7-BF81-BE624DA7636F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{400804DD-6A28-4742-9C9E-092A7CB5D081}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52455608-870B-4DF4-AD26-3E30A4825514}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22D961F1-FB58-492E-992B-86DD59572D86}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42AD79A9-D6C1-4043-AEE8-914756F6C4DB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1DE0F898-186A-433C-92A0-A742811FA57C}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe (KNX Association) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{CFCA897C-657A-49ED-96FA-60C0951FCBF7}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe (KNX Association) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B68597A7-0609-4F25-8097-C7046FD042D0}C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [TCP Query User{ADAB3000-A29D-4F20-B4C6-037102D42D4B}C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [UDP Query User{F8A303EA-99C3-4F2C-B610-7BA96F894CE3}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe => Keine Datei
FirewallRules: [TCP Query User{E25111C1-7711-494F-B618-523AD7D9ADC9}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe => Keine Datei
FirewallRules: [UDP Query User{D25EA8A5-52F3-4712-841D-853D44C542BC}C:\users\**NormalUser**\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\**NormalUser**\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{91158797-E548-4C90-AB76-3DC16877908C}C:\users\**NormalUser**\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\**NormalUser**\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{2C71C24D-DA63-49FE-83B7-5F75CBF8AC79}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe => Keine Datei
FirewallRules: [TCP Query User{45B40E81-D673-4217-9483-A24314C01B9C}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe => Keine Datei
FirewallRules: [UDP Query User{8193C757-1E42-4D6B-8753-5EA9C62111BB}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe (KNX Association) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{733E7B53-0882-44BA-A112-C9EC67A6414F}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe (KNX Association) [Datei ist nicht signiert]
FirewallRules: [{CF9DE28F-E34F-46AE-9C91-93BB85D156F5}] => (Block) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [{7AD17824-30E0-445B-B423-F2DBA8A7BA5D}] => (Block) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [UDP Query User{5608F1D4-10E5-4576-A918-B90D1E5E7DF8}C:\program files (x86)\qnap\qsync\qsync.exe] => (Allow) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [TCP Query User{CDA62F1D-1081-484B-9417-BCC2E95F0616}C:\program files (x86)\qnap\qsync\qsync.exe] => (Allow) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [UDP Query User{10AACF7E-2248-437E-83E3-E110DE5F395F}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe => Keine Datei
FirewallRules: [TCP Query User{210E53B7-D273-4A1A-9663-82D832177391}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe => Keine Datei
FirewallRules: [UDP Query User{A520744B-3141-4773-A8EB-5DC3973FCE7D}C:\program files (x86)\smartcontrolcenter\sccd.exe] => (Allow) C:\program files (x86)\smartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [TCP Query User{09137EA0-772B-48E1-A085-34F9BF1E7F99}C:\program files (x86)\smartcontrolcenter\sccd.exe] => (Allow) C:\program files (x86)\smartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [{F2017C1F-EE21-4999-BA99-80F4CA521711}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6B261B47-BBB3-4D07-A667-5454244CE091}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
FirewallRules: [{9AC230B9-993D-43F1-8C62-85BC2750CDD9}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
FirewallRules: [{A14FD695-5904-4F6C-B0F6-0D787C0FF388}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{76582FC6-945D-4F4C-99AE-90D7AED2CFDE}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{544C5DAF-F49E-443A-A767-294EBCD2C0EA}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{6211DBE4-35A4-4800-8B32-0C25CA8FDB5A}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{71F7A69A-2CF5-4B00-B03E-D23642DB5EE7}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{00192F63-78F0-4CAA-B5F9-3847D47B70D7}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{FE1B676F-6271-4B64-B70D-B25F4908C494}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe () [Datei ist nicht signiert]
FirewallRules: [{1ED8560A-D924-40F7-A3A0-2BA68E512CD2}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe () [Datei ist nicht signiert]
FirewallRules: [{293C3A3F-CC31-44F8-89E3-09726E7019D7}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{8ED666DA-874C-4BCA-B9E8-422E04278655}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{FDE02139-845A-48F8-8C5A-53B1934567C6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A5D049BA-BBA3-4383-811A-1EA82079C9D9}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{35D12C64-B698-40AF-AFB1-8A4CFB3A2075}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{9801DDED-F8CF-4791-92D0-DA63EDA62F7C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{D33882D9-F441-4E02-80FD-D09F5F2DCA52}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{607E6385-A942-4CB4-B935-E21350F3B0C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B9924A9C-A71D-4960-A0BF-56AF9550D83F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BFE2834C-B6A7-4412-88AE-C2E4C54EA6DF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe => Keine Datei
FirewallRules: [{29708248-1DD4-4106-817E-2B3C39088F09}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B31A7716-E042-44CD-8166-CCD64416C811}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7F586656-3AA3-4BF3-B20A-0D8E1210E869}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{71098D98-7DB3-40D8-AB1E-6BEA218BFB74}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BF465933-7C5A-478C-9EE7-A657635AA354}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3E5467F0-BE7D-4BB0-AFC0-03D5632D219B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A941ACCC-3C10-4FE0-BE8E-D900CC715F2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{30B7FFF9-4CC2-4803-AA06-9FF0A39B4535}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{33C2DEC9-2A47-4A0B-B956-5AB136846016}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{15D6ADD1-14C4-4A0F-9824-E560C537ADF7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{E0CB0B60-8EC2-4740-845A-42ECCC12B4F8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{1D5340BD-FEB8-4DDD-AE85-FF500D560FCA}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe => Keine Datei
FirewallRules: [UDP Query User{49EF06E3-3A5D-4EF4-A4AD-ABD999C7A302}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe => Keine Datei
FirewallRules: [TCP Query User{991529A3-3C21-496B-B78F-8254CE269E44}C:\program files (x86)\smartcontrolcenter\sccd.exe] => (Allow) C:\program files (x86)\smartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [UDP Query User{81BDA2EF-C623-4644-93BB-65CA7813139F}C:\program files (x86)\smartcontrolcenter\sccd.exe] => (Allow) C:\program files (x86)\smartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [TCP Query User{F1044954-FA92-438F-A0C1-E49EA9808D38}C:\program files\aquila technology\wakeonlan\wakeonlan.exe] => (Allow) C:\program files\aquila technology\wakeonlan\wakeonlan.exe (Open Source Developer, Philip Sterling Tull -> Aquila Technology)
FirewallRules: [UDP Query User{69A807A3-0D85-4A31-99BD-1E3D7BC65F52}C:\program files\aquila technology\wakeonlan\wakeonlan.exe] => (Allow) C:\program files\aquila technology\wakeonlan\wakeonlan.exe (Open Source Developer, Philip Sterling Tull -> Aquila Technology)
FirewallRules: [TCP Query User{4F3D4B02-E808-4C63-9A04-9FD5B8D8876E}D:\programme\kodi\kodi.exe] => (Allow) D:\programme\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{37AB47B5-DB9E-4A7E-A5EB-027F8BB297C6}D:\programme\kodi\kodi.exe] => (Allow) D:\programme\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{BD72522E-D3F0-471B-BC20-1EF3EF8BBB81}D:\arbeit\zprogramming\local_prj\openhab-webui\bundles\org.openhab.ui.paper\node\node.exe] => (Allow) D:\arbeit\zprogramming\local_prj\openhab-webui\bundles\org.openhab.ui.paper\node\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{C2B29C38-BD5E-4D3F-ADF0-BA00E709383E}D:\arbeit\zprogramming\local_prj\openhab-webui\bundles\org.openhab.ui.paper\node\node.exe] => (Allow) D:\arbeit\zprogramming\local_prj\openhab-webui\bundles\org.openhab.ui.paper\node\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [TCP Query User{31BF38B8-6B6F-416D-B1F8-3E41A8CA53F7}D:\arbeit\zprogramming\eclipseinstall\eclipse\eclipse.exe] => (Allow) D:\arbeit\zprogramming\eclipseinstall\eclipse\eclipse.exe => Keine Datei
FirewallRules: [UDP Query User{1444B872-0370-4564-AE87-C7C0D1E4342F}D:\arbeit\zprogramming\eclipseinstall\eclipse\eclipse.exe] => (Allow) D:\arbeit\zprogramming\eclipseinstall\eclipse\eclipse.exe => Keine Datei
FirewallRules: [TCP Query User{AD4354FD-86BE-4E48-83CA-881E10E51432}D:\programme\java64\jdk-14.0.1\bin\javaw.exe] => (Allow) D:\programme\java64\jdk-14.0.1\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{134D0F37-58F5-4703-ACE6-0A577B165589}D:\programme\java64\jdk-14.0.1\bin\javaw.exe] => (Allow) D:\programme\java64\jdk-14.0.1\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{1D5858FD-CC35-42D9-A9C1-0952B8CBB580}D:\programme\java32\jre1.8.0_251\bin\javaw.exe] => (Allow) D:\programme\java32\jre1.8.0_251\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{4610251D-866B-4E80-A369-AC4CF8F39B0A}D:\programme\java32\jre1.8.0_251\bin\javaw.exe] => (Allow) D:\programme\java32\jre1.8.0_251\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{681EC9A7-6758-4025-8577-772A60F74721}D:\programme\java32\jdk1.8.0_251\jre\bin\java.exe] => (Block) D:\programme\java32\jdk1.8.0_251\jre\bin\java.exe => Keine Datei
FirewallRules: [UDP Query User{1F9B85CD-2C36-424C-BA10-BF51EED21E0D}D:\programme\java32\jdk1.8.0_251\jre\bin\java.exe] => (Block) D:\programme\java32\jdk1.8.0_251\jre\bin\java.exe => Keine Datei
FirewallRules: [TCP Query User{FDD574AE-0D5E-4F0B-B935-5C8C36F1FCB4}D:\arbeit\zprogramming\eclipseinstall\eclipse.exe] => (Allow) D:\arbeit\zprogramming\eclipseinstall\eclipse.exe (Eclipse.org Foundation, Inc. -> )
FirewallRules: [UDP Query User{58B8DBE3-CB61-490C-B2EF-D6976042B024}D:\arbeit\zprogramming\eclipseinstall\eclipse.exe] => (Allow) D:\arbeit\zprogramming\eclipseinstall\eclipse.exe (Eclipse.org Foundation, Inc. -> )
FirewallRules: [{3D888DFE-358D-405E-AE16-8F5FC6CA8DBF}] => (Allow) D:\Programme\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6E94679A-33BC-46DC-9D60-575877EE3254}] => (Allow) D:\Programme\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7A6D5A25-AB5D-4BE5-ABBC-66D586617491}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4428D5A8-C1CF-47B6-86A5-120049103E3A}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7F03D273-5C7F-4085-8005-AC639B39DA4F}] => (Allow) D:\Programme\Steam\steamapps\common\Through The Darkest of Times\TtDoT.exe () [Datei ist nicht signiert]
FirewallRules: [{AECDF6E5-D80E-483C-AE92-5E6FE51F5ACC}] => (Allow) D:\Programme\Steam\steamapps\common\Through The Darkest of Times\TtDoT.exe () [Datei ist nicht signiert]
FirewallRules: [{8FE50CFC-2D1A-4C85-BBB8-05A630B11C70}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5861AC50-231B-405D-805B-CDDD086AA72C}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{B14A8D68-FB07-42B5-9602-ED92E6342A37}C:\program files\microsoft vs code\code.exe] => (Allow) C:\program files\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{27F195C0-FB49-4796-ACCE-FBE526D1AC91}C:\program files\microsoft vs code\code.exe] => (Allow) C:\program files\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{489C0631-7A15-4846-A135-CD4558094B62}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [UDP Query User{59CFC5A4-5C52-4D56-912C-7CF7CAAF5EA3}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [TCP Query User{F88DD973-F9FD-4B37-9AE2-212D0FD74390}C:\users\**NormalUser**\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\**NormalUser**\appdata\local\temp\_istmp1.dir\_ins5576._mp => Keine Datei
FirewallRules: [UDP Query User{5AA5DD39-FB8C-4924-A581-C199316228EF}C:\users\**NormalUser**\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\**NormalUser**\appdata\local\temp\_istmp1.dir\_ins5576._mp => Keine Datei
FirewallRules: [TCP Query User{90E4F7CD-C926-4970-B5B5-35C4A669559A}D:\programme\fritzsetup\frifax32.exe] => (Allow) D:\programme\fritzsetup\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [UDP Query User{11A667B3-6004-40BC-ABAB-1AA322917874}D:\programme\fritzsetup\frifax32.exe] => (Allow) D:\programme\fritzsetup\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [TCP Query User{F883E9F6-5812-4B40-8135-1F9D2CE62290}D:\programme\virtualbox\virtualboxvm.exe] => (Allow) D:\programme\virtualbox\virtualboxvm.exe (Oracle Corporation -> Oracle Corporation)
FirewallRules: [UDP Query User{9E1BC818-7C3E-4A5F-A7EC-8DEA4928C3CE}D:\programme\virtualbox\virtualboxvm.exe] => (Allow) D:\programme\virtualbox\virtualboxvm.exe (Oracle Corporation -> Oracle Corporation)
FirewallRules: [{76D1DA8B-B8B4-434E-B921-D79681979111}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EFA3388C-9C89-4B65-91ED-6BF5D6F5708E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A04427A0-C235-422E-A820-5C6E8BD4D9E3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{883EA02A-5470-49B0-A08D-E9744ADE659E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E99B2705-6CAD-4EF7-A008-43D34B8F1045}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5485C3ED-A9E2-4F2E-A033-FF70AB640A98}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CBECDA05-6BF9-48FA-83C4-6B9D599C0C7B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DCA14C84-9DE9-4700-89A5-77EC1CD5BEDD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{E4E0C981-FE59-4FCE-9582-E270B881D925}D:\programme\fahclient\fahclient.exe] => (Allow) D:\programme\fahclient\fahclient.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B846B07B-1BFC-4DEA-98EB-21F4B9395189}D:\programme\fahclient\fahclient.exe] => (Allow) D:\programme\fahclient\fahclient.exe () [Datei ist nicht signiert]
FirewallRules: [{E10E5D72-67AD-4594-8253-89D2AA75CA53}] => (Allow) C:\Users\**NormalUser**\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AA55D8F9-7E86-4823-84B8-0377A6C3470E}] => (Allow) C:\Users\**NormalUser**\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{F4B01B55-CD43-425F-8707-98DC85F7AA5E}] => (Allow) C:\Users\**NormalUser**\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{96C547BE-0DA8-481E-BCB0-62C34C4454E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B8BCE890-12D3-459F-AD3B-B11AEE4DF09E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{19FCEC40-A349-4878-A0EE-3F6A7CB615B5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{54F1E365-202A-4024-92FB-A631D9049467}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D91115BD-BFCF-45D1-8B97-128B15663AB4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA8161E0-D8AA-42C4-B8B2-6AC881A36933}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0CAEAACC-CF6F-4587-9569-622C4EF4DAB1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FB9B2462-472B-41E7-B311-7DDCF93FA54D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6FACAE49-9B72-49E3-8054-BEF3EE288346}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F577038D-A41E-4538-A8E0-15F330703322}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{6313B1B5-49A7-4802-A112-BB07C049993E}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{2C9BA7F4-3FB0-48D9-AF55-D68790066712}] => (Allow) D:\Programme\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) D:\Programme\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [TCP Query User{6F376C40-8079-4DED-A3E2-1E8B29A09BDD}D:\programme\netgearsmartcontrolcenter\sccd.exe] => (Allow) D:\programme\netgearsmartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [UDP Query User{F33A69EF-F871-4BF2-ABF1-A6A427B38CEA}D:\programme\netgearsmartcontrolcenter\sccd.exe] => (Allow) D:\programme\netgearsmartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [{F45D070B-4287-4526-852F-FCDE24BCA96F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C66003C-0331-47D4-BEF3-A38E2A463646}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8F366E92-E76E-4A8C-9C1D-3EAA9D829C7D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0EE0BA19-B1E9-46AE-BD8E-78C7C993656E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
==================== Wiederherstellungspunkte =========================
14-01-2021 23:26:21 Installed DB Browser for SQLite
15-01-2021 23:34:50 Removed IIS 10.0 Express
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (01/16/2021 10:33:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8784,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/16/2021 10:08:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18992,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/16/2021 06:37:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (748,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/16/2021 06:09:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17360,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/16/2021 05:05:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16240,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/16/2021 04:57:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Elements Auto Creations 2021.exe, Version: 19.0.0.0, Zeitstempel: 0x5f45741a
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.18362.1110, Zeitstempel: 0xb4cacc38
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000006dace
ID des fehlerhaften Prozesses: 0x1ac0
Startzeit der fehlerhaften Anwendung: 0x01d6ebfb07480777
Pfad der fehlerhaften Anwendung: D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: 8e6eed44-c86a-43f5-a523-9d8963d810ab
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/16/2021 01:42:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15120,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/16/2021 01:09:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5876,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Systemfehler:
=============
Error: (01/16/2021 12:30:18 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Der Treiber hat einen internen Treiberfehler auf \Device\VBoxNetLwf gefunden.
Error: (01/16/2021 12:29:28 PM) (Source: DCOM) (EventID: 10010) (User: **Computername**)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/16/2021 12:29:28 PM) (Source: DCOM) (EventID: 10010) (User: **Computername**)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/16/2021 12:29:28 PM) (Source: DCOM) (EventID: 10010) (User: **Computername**)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/16/2021 12:29:28 PM) (Source: DCOM) (EventID: 10010) (User: **Computername**)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/16/2021 12:29:28 PM) (Source: DCOM) (EventID: 10010) (User: **Computername**)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/16/2021 12:29:28 PM) (Source: DCOM) (EventID: 10010) (User: **Computername**)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/16/2021 12:29:28 PM) (Source: DCOM) (EventID: 10010) (User: **Computername**)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
===================================
Date: 2021-01-16 22:20:43.385
Description:
D:\Programme\SumatraPDF\SumatraPDF.exe wurde durch den überwachten Ordnerzugriff daran gehindert, D:\Dokumente\KorrespondenzEtc\2021\ zu ändern.
Erkennungszeit: 2021-01-16T21:20:43.383Z
Benutzer: **Computername**\**NormalUser**
Pfad: D:\Dokumente\KorrespondenzEtc\2021\
Prozessname: D:\Programme\SumatraPDF\SumatraPDF.exe
Sicherheitsversion: 1.329.2302.0
Modulversion: 1.1.17700.4
Produktversion: 4.18.2011.6
Date: 2021-01-16 08:19:27.849
Description:
D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe wurde durch den überwachten Ordnerzugriff daran gehindert, D:\Dokumente\Adobe zu ändern.
Erkennungszeit: 2021-01-16T07:19:27.849Z
Benutzer: **Computername**\**NormalUser**
Pfad: D:\Dokumente\Adobe
Prozessname: D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe
Sicherheitsversion: 1.329.2251.0
Modulversion: 1.1.17700.4
Produktversion: 4.18.2011.6
Date: 2021-01-16 01:38:03.213
Description:
C:\Users\**NormalUser**\AppData\Local\Temp\is-HOADO.tmp\HeidiSQL_11.1.0.6116_Setup_Hash+VTChecked.tmp wurde durch den überwachten Ordnerzugriff daran gehindert, D:\Dokumente\HeidiSQL zu ändern.
Erkennungszeit: 2021-01-16T00:38:03.212Z
Benutzer: **Computername**\**NormalUser**
Pfad: D:\Dokumente\HeidiSQL
Prozessname: C:\Users\**NormalUser**\AppData\Local\Temp\is-HOADO.tmp\HeidiSQL_11.1.0.6116_Setup_Hash+VTChecked.tmp
Sicherheitsversion: 1.329.2251.0
Modulversion: 1.1.17700.4
Produktversion: 4.18.2011.6
Date: 2021-01-16 01:35:01.768
Description:
Der überwachte Ordnerzugriff hat C:\Windows\System32\svchost.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2021-01-16T00:35:01.768Z
Benutzer: NT-AUTORITÄT\SYSTEM
Pfad: \Device\HarddiskVolume1
Name des Prozesses: C:\Windows\System32\svchost.exe
Sicherheitsversion: 1.329.2251.0
Modulversion: 1.1.17700.4
Produktversion: 4.18.2011.6
Date: 2021-01-16 01:24:23.063
Description:
D:\Programme\Tipard PDF Converter Platinum\Tipard PDF Converter Platinum.exe wurde durch den überwachten Ordnerzugriff daran gehindert, D:\Dokumente\Tipard Studio zu ändern.
Erkennungszeit: 2021-01-16T00:24:23.062Z
Benutzer: **Computername**\**NormalUser**
Pfad: D:\Dokumente\Tipard Studio
Prozessname: D:\Programme\Tipard PDF Converter Platinum\Tipard PDF Converter Platinum.exe
Sicherheitsversion: 1.329.2251.0
Modulversion: 1.1.17700.4
Produktversion: 4.18.2011.6
CodeIntegrity:
===================================
Date: 2021-01-16 12:32:33.539
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Programme\Malwarebytes\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-16 12:32:33.042
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Programme\Malwarebytes\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-16 08:20:47.708
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Programme\Malwarebytes\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-16 08:20:45.974
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Programme\Malwarebytes\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-13 22:35:50.941
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-13 22:35:50.937
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-13 22:35:44.405
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-13 22:35:44.402
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 1102 11/16/2015
Hauptplatine: ASUSTeK COMPUTER INC. Z170 PRO GAMING
Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 24500.32 MB
Verfügbarer physikalischer RAM: 13544.19 MB
Summe virtueller Speicher: 28084.32 MB
Verfügbarer virtueller Speicher: 11933.44 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.3 GB) (Free:63.26 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:844.57 GB) NTFS
Drive z: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
\\?\Volume{297e7a1d-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{297e7a1d-0000-0000-0000-40193a000000}\ () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{e8fcc8a4-3997-11eb-86f6-f832e4bc5f9c}\ (Tresorit Drive) (Removable) (Total:505 GB) (Free:356.64 GB) exFAT
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 297E7A1D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=502 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 85A40634)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
|
|
17.01.2021, 14:40
| #3 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | Vermeintliche Infektion mit "murofetweekly" Die Liste der installierten Programme umfasst satte 250 Zeilen. Das sieht für mich nach ziemlich planloser Zumüllung des Systems aus.
__________________Zitat:
Was hat denn sowas auf einem Windows 10 Home zu suchen? Gewerbliche Nutzung? Zitat:
2. Wenn ein Benutzerkonto mit normalen Rechten betroffen ist, muss man diesem Adminrechte geben und dann die FRST-Logs erstellen, es macht wenig bis keinen Sinn dafür irgendeinen Adminuser zu verwenden, der keinen Müll in seinen Profilen hat.
__________________ |
|
17.01.2021, 20:28
| #4 | |||
| | Vermeintliche Infektion mit "murofetweekly" Hallo Cosinus, vielen Dank für die schnelle Reaktion! Zuerst bzgl. Deiner Anmerkung zur evtl. gewerblichen Nutzung. Zitat:
Konkret zu den von Dir genannten Programmen:
Zitat:
Und vielleicht hilft's ja: Ich habe beim Pseudonymisieren darauf geachtet, dass ich nicht verschiedene Sachen durch das Gleiche ersetzt habe. Sollte also direkt möglich sein, das via Suchen-Ersetzen rückgängig zu machen.  Zitat:
Vielleicht nehmt Ihr das explizit noch mit in Eure Checkliste ("Für alle Hilfesuchenden! Was muss ich ...") mit auf. Ich bin naiv davon ausgegangen, dass eine Ausführung mit Admin-Rechten tendenziell mehr sieht und wenn ein Rechner befallen ist, man tendenziell alle Accounts checken wollen würde. Aber dann müsste Farbar ja die ganzen RegFiles der Nutzer öffnen - was es wohl nicht tut. Merci! Guten Wochenstart Morgen! Grüße, Alex FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-01-2021
durchgeführt von **User** (Administrator) auf HAL (17-01-2021 19:30:01)
Gestartet von C:\Users\**User**\Desktop
Geladene Profile: **User**
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\FahCore_22.exe
() [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit-avx-256\a7-0.0.19\Core_a7.fah\FahCore_a7.exe
() [Datei ist nicht signiert] D:\Programme\FAHClient\FAHClient.exe
() [Datei ist nicht signiert] D:\Programme\FAHClient\FAHCoreWrapper.exe <2>
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Inc. -> Adobe) D:\Programme\AdobePSE2021\Elements 2021 Organizer\dynamiclinkmanager.exe
(Adobe Inc. -> Adobe) D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe
(CyberLink Corp. -> cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG) D:\Programme\AusweisApp2\AusweisApp2.exe
(Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(QNAP Systems, Inc. -> QNAP Systems, Inc.) C:\Program Files (x86)\QNAP\Qsync\Qsync.exe
(QNAP Systems, Inc. -> QNAP) C:\Program Files\QNAP\QVR Pro Client\QVRProAgent.exe
(Simon Tatham) [Datei ist nicht signiert] C:\Program Files (x86)\PuTTY\pageant.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Tresorit Kft. -> Tresorit) C:\Users\**User**\AppData\Local\Tresorit\v0.8\Tresorit.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [571192 2014-08-14] (Acronis International GmbH -> Acronis)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8495320 2015-06-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobePSE19AutoAnalyzer] => D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe [2653808 2020-08-27] (Adobe Inc. -> Adobe)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (CyberLink Corp. -> cyberlink)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5356288 2015-07-24] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [693336 2015-07-20] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [612304 2019-11-18] (NIKON CORPORATION -> Nikon Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3137728 2021-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [404200 2019-10-01] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Qsync] => C:\Program Files (x86)\QNAP\Qsync\Qsync.exe [76201784 2020-10-26] (QNAP Systems, Inc. -> QNAP Systems, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-12-14] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-12-14] (Adobe Inc. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [Tresorit] => C:\Users\**User**\AppData\Local\Tresorit\v0.8\Tresorit.exe [32839824 2021-01-15] (Tresorit Kft. -> Tresorit)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [Fences] => c:\program files (x86)\stardock\fences\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [KeePass Password Safe 2] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3137728 2021-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [AusweisApp2] => D:\Programme\AusweisApp2\AusweisApp2.exe [2405504 2020-11-30] (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [Steam] => D:\Programme\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [38400 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\Windows\System32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series XPS: C:\Windows\System32\CNMXLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\FRITZ!fax Color Port Monitor: C:\Windows\System32\FritzColorPort64.dll [20480 2006-02-23] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\FRITZ!fax Port Monitor: C:\Windows\System32\FritzPort64.dll [20480 2006-02-22] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\IppMon: C:\Windows\System32\IPPMon.dll [251392 2018-04-12] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\KM Language Monitor: C:\Windows\System32\KMPJL64.DLL [80384 2013-04-08] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Finanzmanager 2020 Zahlungserinnerung.lnk [2020-06-27]
ShortcutTarget: Finanzmanager 2020 Zahlungserinnerung.lnk -> C:\Windows\Installer\{5B16F1F5-E232-4189-ABF1-3F7555CAE778}\billmind.exe (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk [2020-12-06]
ShortcutTarget: Folding@home.lnk -> D:\Programme\FAHClient\HideConsole.exe () [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-12-29]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) [Datei ist nicht signiert]
Startup: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2019-02-03]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pageant.lnk [2015-12-30]
ShortcutTarget: Pageant.lnk -> (Keine Datei)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05346278-5C82-475D-9773-BAE8A9165931} - System32\Tasks\ASUS\ASUS Media Streamer DMR => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe [304952 2015-05-12] (ASUSTeK Computer Inc. -> )
Task: {0A04C4C3-ED2E-4E33-BF28-9F6064BB0C02} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0DE025B9-51D6-4C5A-BF59-164D08A75841} - System32\Tasks\Finanzmanager\Umsatzabruf Finanzmanager für Datei 4c6e2c38-0044d3b4-2a34-439a-6f9b-abcd => D:\Programme\Finanzmanager2020\QW.EXE [26283240 2020-04-09] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) -> "D:\Programme\LW_FinanzMgr2020\QDATA.QDF" /S /X
Task: {0FE28C34-90D4-44EE-BDDA-0373A389084F} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {12F64776-F064-42DB-ACEE-1B2DED1BF87F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {136EAEC8-241D-4A5E-B25E-F5A785C535D8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {18CC0F66-3D34-4A64-9213-DF3ED8A80ED3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E9F70CC-B510-487F-BB45-57123CDA127A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {2824463D-5024-40F1-B7A2-ACF4EE3262F6} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1459152 2015-09-10] (ASUSTeK Computer Inc. -> )
Task: {284C5087-4CC7-4A07-AF43-F82DD9CA44CE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2A07D1C0-F4A9-4B8E-AB1B-A30C26C0546C} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4331288 2015-06-04] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {2DF20549-A11F-4B35-81BC-04BD64FEB16C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30C7D8C8-BE82-4CA2-B573-5D04DFAB3EB6} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe [139932 2020-10-04] (The Git Development Community) [Datei ist nicht signiert]
Task: {544431D7-276F-482C-9C54-D9B95FB0A98F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56B262BE-C7BD-4DC2-B0C7-420FF8105C7E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5FC874A9-0954-4B1B-8FD0-88072DB2FF60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60FC2054-E42F-4698-B528-4CB9064BB1FD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {672E100C-1B3D-4406-8C58-14E81CDB6DE9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {69493FB9-621A-466F-A50A-C3FAC16728CA} - System32\Tasks\AdobeAAMUpdater-1.0-HAL-**User** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6D7C8B84-90E4-4037-BCAE-8333B18CA176} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7290A6B1-F870-49DF-B216-CC21A730A390} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8C0129A7-6B52-4D9D-9422-3071AE12CD3E} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [3646264 2014-05-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {8EC87098-A10D-4EEB-8A7A-98F184363181} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-19] (Google Inc -> Google Inc.)
Task: {A26E7D5A-70B3-46B9-96FA-D372738F5F39} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {BA878AF4-CA9A-4D99-B836-8BF1F38A06E8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C799DA39-1508-465C-B30C-2BEE4CC88D9A} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1871800 2015-08-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {C856EB2C-BE2D-4B8A-BDD7-B8E2C0D8DBB7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8807819-C01C-48B9-86E9-55BAFAED1561} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-19] (Google Inc -> Google Inc.)
Task: {D528A7E4-0238-4C8E-AD4A-CF8E37CDCF39} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1275672 2015-06-30] (ASUSTeK Computer Inc. -> )
Task: {DC6D2540-17FA-47E6-ABA1-8974BFB97CBE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEA4B3DC-E851-4FF6-BBA2-E72652F79AA9} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {DFBDBE55-3B43-4915-9787-A851924F664D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {E17D15C7-BFBD-4C81-BB36-96E4DBFA33A8} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "https://www.roboform.com/uninstall.html?aaa=KICMMMLJOMOMJJLJNJKMCNMJJMJMJMCNLMOMPMIMCNGMOJHMMJCNKJIMJJJJOJNJKJKMLMLMJMLJJNJICMHMCNKMCNMMFMOMOMCNMMLMKMCNOMIMOMMMLMFMPMCNPMCNOMIMOMMMLMCNNMJNPICMOMFMFMNMJMGMPMJNHICMMJBJKJLIMJJNBJCMNLKJHJNIGJBJIJMIJNKJCMJNNICMJNDJCMLJKJJNMJCMPMFMPMFMPMJNFICMNIJJIIGJPIKJAJKILIBNKJHIKJ"
Task: {F40045BA-4AFC-4662-AB57-84DF336C882C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8CF59B1-E464-450E-9525-79ABE2764E40} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 127.0.0.1 drive.tresorit.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.13
Tcpip\..\Interfaces\{9ded46ae-805c-434a-9125-0bcc662dc150}: [DhcpNameServer] 192.168.178.13
Edge:
=======
DownloadDir: C:\Users\**User**\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2974319683-333524289-2430525430-1001 -> hxxps://www.rollende-gemuesekiste.de/
Edge DefaultProfile: Default
Edge Profile: C:\Users\**User**\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-16]
Edge DownloadDir: C:\Users\**User**\Downloads
Edge HomePage: Default -> hxxps://www.rollende-gemuesekiste.de/
FireFox:
========
FF DefaultProfile: qmo1pr9p.default
FF ProfilePath: C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default [2021-01-17]
FF NewTab: Mozilla\Firefox\Profiles\qmo1pr9p.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\qmo1pr9p.default -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\qmo1pr9p.default -> hxxps://web.threema.ch; hxxps://community.openhab.org; hxxps://login.schulmanager-online.de; hxxps://www.roboter-forum.com
FF Extension: (ADB Helper) - C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\Extensions\adbhelper@mozilla.org.xpi [2018-08-08] []
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-01-11]
FF Extension: (Kee - Password Manager) - C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\Extensions\keefox@chris.tomlinson.xpi [2020-11-24]
FF Extension: (Firefox Carbon) - C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\Extensions\{155bf27e-5389-49ee-bda7-b7a91631b899}.xpi [2019-05-13]
FF Extension: (rss.html) - C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\Extensions\{332b9ecd-d35a-41b4-b633-d19adfaec462}.xpi [2020-03-28]
FF Extension: (Ein neues Skript erstellen) - C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\Extensions\{aecec67f-0d10-4fa7-b7c7-609a2db280cf}.xpi [2020-12-15]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-12-14] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-12-14] (Adobe Inc. -> Adobe Systems)
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264472 2014-08-14] (Acronis International GmbH -> Acronis)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-12-14] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4029432 2015-12-29] (Acronis International GmbH -> Acronis)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-05-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe [397592 2015-07-02] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960904 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink Corp. -> CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [66280 2019-10-02] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
S3 MBAMService; D:\Programme\Malwarebytes\MBAMService.exe [7456464 2021-01-13] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$KNXETS4; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 QvrProAgent; C:\Program Files\QNAP\QVR Pro Client\QVRProAgent.exe [220472 2019-12-10] (QNAP Systems, Inc. -> QNAP)
S4 SQLAgent$KNXETS4; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [6857752 2014-09-13] (Acronis International GmbH -> Acronis)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; D:\Programme\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [43064 2015-06-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R1 cbfs20; C:\WINDOWS\System32\drivers\cbfs20.sys [419872 2020-09-08] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2015-12-29] (Disc Soft Ltd -> Disc Soft Ltd)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [296736 2015-12-29] (Acronis International GmbH -> Acronis International GmbH)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] (Giga-Byte Technology -> )
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-13] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsla0529ce4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{48A1A593-C089-443E-A77E-B5C8E2959068}\MpKslDrv.sys [91376 2021-01-17] (Microsoft Windows -> Microsoft Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [1058632 2015-12-29] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [248648 2015-12-29] (Acronis International GmbH -> Acronis International GmbH)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174536 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [829320 2018-12-28] (IDRIX -> IDRIX)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-17 19:30 - 2021-01-17 19:31 - 000038183 _____ C:\Users\**User**\Desktop\FRST.txt
2021-01-17 19:27 - 2021-01-17 19:27 - 000000000 ____D C:\Users\**User**\Desktop\FRST-OlderVersion
2021-01-17 19:23 - 2021-01-17 19:23 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Apple Computer
2021-01-17 19:23 - 2021-01-17 19:23 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Apple Computer
2021-01-16 12:16 - 2021-01-16 12:29 - 000000000 ____D C:\AdwCleaner
2021-01-16 11:16 - 2021-01-16 11:16 - 000000000 ____D C:\Users\**Admin**\AppData\LocalLow\Oracle
2021-01-16 11:14 - 2021-01-16 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-01-16 11:14 - 2021-01-16 11:14 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Sun
2021-01-16 11:13 - 2021-01-16 11:13 - 000000000 ____D C:\Users\**Admin**\AppData\LocalLow\Sun
2021-01-16 11:11 - 2021-01-16 11:11 - 000000840 _____ C:\Users\**Admin**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JOSM.lnk
2021-01-16 11:11 - 2021-01-16 11:11 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\JOSM
2021-01-16 11:10 - 2021-01-16 11:14 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-01-16 01:38 - 2021-01-16 01:38 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HeidiSQL
2021-01-16 01:36 - 2021-01-16 01:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Basic
2021-01-16 01:36 - 2021-01-16 01:36 - 000000000 ____D C:\Program Files\PDFsam Basic
2021-01-16 01:22 - 2021-01-16 01:22 - 000000802 _____ C:\Users\**Admin**\Desktop\SumatraPDF.lnk
2021-01-16 01:22 - 2021-01-16 01:22 - 000000802 _____ C:\Users\**Admin**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2021-01-16 01:22 - 2021-01-16 01:22 - 000000802 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2021-01-16 01:22 - 2021-01-16 01:22 - 000000000 ____D C:\Users\**User**\AppData\Local\SumatraPDF
2021-01-16 01:11 - 2021-01-16 01:11 - 000004088 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 00:59 - 2021-01-16 01:29 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Visual Studio Setup
2021-01-16 00:59 - 2021-01-16 00:59 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\vstelemetry
2021-01-16 00:59 - 2021-01-16 00:59 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Microsoft Visual Studio
2021-01-16 00:59 - 2021-01-16 00:59 - 000000000 ____D C:\Users\**Admin**\AppData\Local\ServiceHub
2021-01-16 00:56 - 2021-01-16 00:56 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Microsoft_Corporation
2021-01-16 00:13 - 2021-01-16 00:13 - 000000000 ____D C:\Users\**User**\AppData\Roaming\SmartControlCenter.B3C165F3B13910B3FE57B6A8F7FCD1A5FFD8D5C2.1
2021-01-16 00:10 - 2021-01-16 00:10 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Downloaded Installations
2021-01-15 23:41 - 2021-01-15 23:41 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\IrfanView
2021-01-15 23:41 - 2021-01-15 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2021-01-15 23:27 - 2021-01-15 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind
2021-01-15 23:15 - 2021-01-15 23:15 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\EAC
2021-01-15 23:15 - 2021-01-15 23:15 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\AccurateRip
2021-01-15 23:10 - 2021-01-15 23:10 - 000000392 _____ C:\Users\**Admin**\Desktop\DiskInternals Research.lnk
2021-01-15 23:10 - 2021-01-15 23:10 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2021-01-15 12:30 - 2021-01-17 19:23 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\KeePass
2021-01-15 12:24 - 2021-01-17 19:23 - 000000000 ____D C:\Users\**Admin**\AppData\Local\KeePass
2021-01-15 12:12 - 2021-01-15 12:12 - 000000708 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-01-15 12:08 - 2021-01-15 12:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2021-01-15 12:06 - 2021-01-15 12:06 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Aiseesoft Studio
2021-01-15 11:57 - 2021-01-15 11:57 - 000000040 ____H C:\CFDBF1C16CA3
2021-01-14 23:26 - 2021-01-14 23:26 - 000001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DB Browser (SQLCipher).lnk
2021-01-14 23:26 - 2021-01-14 23:26 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DB Browser (SQLite).lnk
2021-01-13 23:43 - 2021-01-13 23:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-13 23:29 - 2021-01-17 19:22 - 000000000 ____D C:\z.Notes
2021-01-13 22:18 - 2021-01-13 23:03 - 000000000 ____D C:\Users\**Admin**\AppData\Local\TortoiseGit
2021-01-13 22:17 - 2021-01-13 22:18 - 241147480 _____ (The GIMP Team ) C:\Users\**Admin**\Downloads\gimp-2.10.22-setup.exe
2021-01-13 22:14 - 2021-01-13 22:14 - 000000000 ____D C:\Users\**Admin**\AppData\Local\mbam
2021-01-13 22:10 - 2021-01-17 19:30 - 000000000 ____D C:\FRST
2021-01-13 21:42 - 2021-01-13 21:42 - 000000000 ____D C:\Users\**Admin**\AppData\LocalLow\Adobe
2021-01-13 21:38 - 2021-01-13 22:11 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Notepad++
2021-01-13 21:38 - 2021-01-13 21:38 - 000000000 ____D C:\Users\**Admin**\AppData\Local\PlaceholderTileLogoFolder
2021-01-13 21:32 - 2021-01-13 21:32 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2974319683-333524289-2430525430-1007
2021-01-13 21:32 - 2021-01-13 21:32 - 000000000 ___RD C:\Users\**Admin**\OneDrive
2021-01-13 21:32 - 2021-01-13 21:32 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Comms
2021-01-13 21:30 - 2021-01-13 21:30 - 000002099 _____ C:\Users\**Admin**\Desktop\Anpassen Fences.lnk
2021-01-13 21:30 - 2021-01-13 21:30 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Stardock
2021-01-13 21:30 - 2021-01-13 21:30 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Stardock
2021-01-13 21:22 - 2021-01-13 21:22 - 000000782 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-13 21:22 - 2021-01-13 21:22 - 000000000 ____D C:\Users\**User**\AppData\Local\mbam
2021-01-13 21:21 - 2021-01-13 21:21 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-13 21:21 - 2021-01-13 21:21 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-13 21:21 - 2021-01-13 21:21 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-13 21:21 - 2021-01-13 21:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-13 21:20 - 2021-01-13 21:22 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-13 21:20 - 2020-10-05 14:05 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-13 21:20 - 2020-10-05 14:05 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-13 21:20 - 2020-10-05 14:05 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-13 21:20 - 2020-10-05 14:05 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-13 21:20 - 2020-10-05 14:05 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-13 21:20 - 2020-10-05 14:05 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-13 21:20 - 2020-10-05 14:05 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-13 21:20 - 2020-10-05 14:05 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 001507224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 001161112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000673520 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000555248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000047424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 007707544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 006860184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 002098072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445671.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445671.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 000657304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-13 21:18 - 2021-01-15 11:59 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Adobe
2021-01-13 21:18 - 2021-01-13 21:33 - 000000000 ____D C:\Users\**Admin**\AppData\Local\D3DSCache
2021-01-13 21:18 - 2021-01-13 21:18 - 000001010 _____ C:\Users\**Admin**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elements Creations Notification 2021.lnk
2021-01-13 21:18 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Lexware
2021-01-13 21:18 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Greenshot
2021-01-13 21:18 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**Admin**\AppData\Local\QNAP
2021-01-13 21:18 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Greenshot
2021-01-13 21:17 - 2021-01-13 21:17 - 000000000 ____D C:\Users\**Admin**\AppData\Local\CEF
2021-01-13 21:16 - 2021-01-17 19:23 - 000000000 ____D C:\Users\**Admin**\AppData\Local\TSVNCache
2021-01-13 21:16 - 2021-01-16 00:12 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Adobe
2021-01-13 21:16 - 2021-01-13 22:15 - 000000000 ____D C:\Users\**Admin**\AppData\Local\NVIDIA
2021-01-13 21:16 - 2021-01-13 21:42 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Packages
2021-01-13 21:16 - 2021-01-13 21:32 - 000002394 _____ C:\Users\**Admin**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-13 21:16 - 2021-01-13 21:32 - 000000000 ____D C:\Users\**Admin**
2021-01-13 21:16 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**Admin**\AppData\Local\NVIDIA Corporation
2021-01-13 21:16 - 2021-01-13 21:16 - 000000020 ___SH C:\Users\**Admin**\ntuser.ini
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ___RD C:\Users\**Admin**\3D Objects
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\TeamViewer
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Subversion
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Local\VirtualStore
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Local\TeamViewer
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Publishers
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Local\ConnectedDevicesPlatform
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Local\AO Link
2021-01-13 21:16 - 2018-09-15 13:21 - 000002247 _____ C:\Users\**Admin**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive (1).lnk
2021-01-13 21:16 - 2016-09-24 20:14 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Macromedia
2021-01-13 21:09 - 2021-01-17 19:27 - 002295296 _____ (Farbar) C:\Users\**User**\Desktop\FRST64_210113.exe
2021-01-13 20:12 - 2021-01-13 20:12 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-13 20:12 - 2021-01-13 20:12 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-13 20:12 - 2021-01-13 20:12 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-13 20:12 - 2021-01-13 20:12 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-13 20:12 - 2021-01-13 20:12 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-13 20:12 - 2021-01-13 20:12 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-13 20:12 - 2021-01-13 20:12 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-13 20:12 - 2021-01-13 20:12 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-13 20:12 - 2021-01-13 20:12 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-13 20:12 - 2021-01-13 20:12 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-13 20:12 - 2021-01-13 20:12 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-13 20:12 - 2021-01-13 20:12 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-13 20:12 - 2021-01-13 20:12 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-13 20:12 - 2021-01-13 20:12 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-13 20:12 - 2021-01-13 20:12 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-13 20:12 - 2021-01-13 20:12 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-13 20:12 - 2021-01-13 20:12 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-13 20:12 - 2021-01-13 20:12 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-13 20:11 - 2021-01-13 20:11 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-13 20:11 - 2021-01-13 20:11 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-13 20:11 - 2021-01-13 20:11 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-13 20:11 - 2021-01-13 20:11 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-13 20:11 - 2021-01-13 20:11 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-13 20:11 - 2021-01-13 20:11 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-13 20:11 - 2021-01-13 20:11 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-13 20:11 - 2021-01-13 20:11 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-13 20:11 - 2021-01-13 20:11 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-13 20:11 - 2021-01-13 20:11 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-13 20:10 - 2021-01-13 20:10 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-13 20:10 - 2021-01-13 20:10 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-12 19:05 - 2021-01-12 19:05 - 003453874 _____ C:\Users\**User**\Downloads\Beispiel-Leserolle.pdf
2021-01-12 19:04 - 2021-01-12 19:04 - 002280455 _____ C:\Users\**User**\Downloads\Auftragskarten Leserolle.pdf
2021-01-10 09:34 - 2021-01-10 09:34 - 000655499 _____ C:\Users\**User**\Downloads\Wochenplanarbeit für die Woche vom 11.01. - 15.01.2021.pdf
2021-01-08 08:35 - 2021-01-16 08:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-01-08 08:33 - 2010-12-31 16:00 - 005594977 _____ C:\Users\**User**\Desktop\210108_Behandlungsvertraege.pdf
2021-01-07 15:39 - 2021-01-07 15:39 - 000552031 _____ C:\Users\**User**\Downloads\Weihnachtsgruß.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-17 19:32 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-17 19:28 - 2015-12-30 23:57 - 000000000 ____D C:\Program Files\Adobe
2021-01-17 19:26 - 2015-12-30 00:11 - 000000000 ____D C:\ProgramData\Adobe
2021-01-17 19:24 - 2020-12-14 06:19 - 000000000 ___RD C:\Users\**User**\Creative Cloud Files
2021-01-17 19:24 - 2017-06-06 22:38 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-17 19:24 - 2015-12-30 00:23 - 000000000 ____D C:\Users\**User**\AppData\Local\TSVNCache
2021-01-17 19:23 - 2020-12-03 21:35 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Evernote
2021-01-17 19:23 - 2019-11-23 23:45 - 000000000 ____D C:\Users\**User**\AppData\Local\TortoiseGit
2021-01-17 19:23 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-17 19:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-17 19:22 - 2016-11-26 20:22 - 000000000 ____D C:\Users\**User**\AppData\LocalLow\Mozilla
2021-01-17 19:14 - 2018-07-27 23:16 - 000000000 ____D C:\Users\**User**\AppData\Roaming\KeePass
2021-01-17 19:09 - 2020-03-12 21:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-16 16:57 - 2015-12-29 23:13 - 000000000 ____D C:\Users\**User**\AppData\Local\CrashDumps
2021-01-16 13:34 - 2019-02-10 10:27 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-16 12:38 - 2020-03-12 21:27 - 001834628 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-16 12:38 - 2019-03-19 13:16 - 000785736 _____ C:\WINDOWS\system32\perfh007.dat
2021-01-16 12:38 - 2019-03-19 13:16 - 000167752 _____ C:\WINDOWS\system32\perfc007.dat
2021-01-16 12:38 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-16 12:30 - 2020-03-12 21:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-16 12:30 - 2018-03-01 21:45 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-16 12:30 - 2017-08-21 07:34 - 000147656 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
2021-01-16 12:29 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-16 12:29 - 2015-12-30 17:39 - 000000000 ____D C:\Users\**User**\AppData\Local\Downloaded Installations
2021-01-16 08:18 - 2020-12-15 23:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-01-16 08:18 - 2018-03-26 20:18 - 000000000 ____D C:\Users\**User**\AppData\Local\Greenshot
2021-01-16 08:18 - 2017-06-06 22:38 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-16 08:18 - 2015-12-30 00:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-16 01:48 - 2018-07-28 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2017.2.0f3 (64-bit)
2021-01-16 01:45 - 2017-11-18 00:33 - 000000000 ____D C:\Users\**User**\AppData\Local\Packages
2021-01-16 01:41 - 2015-12-30 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge
2021-01-16 01:29 - 2019-08-08 21:21 - 000000000 ____D C:\Users\**User**\AppData\Roaming\VidCoder
2021-01-16 01:29 - 2018-07-28 23:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2021-01-16 01:29 - 2016-04-25 21:13 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2021-01-16 01:26 - 2020-03-12 20:59 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-01-16 01:26 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-16 01:25 - 2016-01-06 22:24 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-01-16 01:23 - 2015-12-31 00:49 - 000000000 ____D C:\Users\**User**\AppData\Roaming\TS3Client
2021-01-16 01:20 - 2016-04-25 21:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2021-01-16 01:20 - 2015-12-29 08:57 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-16 01:19 - 2016-08-01 21:49 - 000000000 ____D C:\Program Files\qemu
2021-01-16 01:15 - 2016-01-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2021-01-16 01:15 - 2016-01-06 22:24 - 000000000 ____D C:\WINDOWS\system32\1033
2021-01-16 01:11 - 2020-03-12 21:25 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2020-03-12 21:25 - 000004000 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2020-03-12 21:25 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2020-03-12 21:25 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2020-03-12 21:25 - 000003866 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2020-03-12 21:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2020-03-12 21:25 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-16 01:11 - 2017-06-06 22:38 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-01-16 01:11 - 2017-06-06 22:38 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-16 01:09 - 2016-01-24 22:18 - 000000000 ____D C:\Program Files (x86)\MySQL
2021-01-16 01:08 - 2016-01-24 22:14 - 000000000 ____D C:\ProgramData\MySQL
2021-01-16 01:03 - 2015-12-30 23:46 - 000000000 ____D C:\ProgramData\tmp
2021-01-16 01:03 - 2015-12-30 23:44 - 000000000 ____D C:\Program Files\dm
2021-01-16 00:49 - 2015-12-30 00:11 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-01-16 00:46 - 2017-05-25 09:35 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Audacity
2021-01-15 23:48 - 2015-12-30 00:09 - 000000000 ____D C:\ProgramData\Oracle
2021-01-15 23:44 - 2017-06-03 23:58 - 000000000 ____D C:\Users\**User**\AppData\Roaming\vlc
2021-01-15 23:35 - 2016-04-25 21:21 - 000000000 ____D C:\Program Files (x86)\IIS Express
2021-01-15 23:30 - 2019-09-14 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-01-15 23:30 - 2019-09-14 18:36 - 000000000 ____D C:\Program Files (x86)\Garmin
2021-01-15 23:28 - 2019-09-14 18:37 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Garmin
2021-01-15 23:27 - 2018-04-03 21:25 - 000000000 ____D C:\Users\**User**\.freemind
2021-01-15 23:17 - 2016-01-05 00:11 - 000000000 ____D C:\Program Files (x86)\EXIF Date Changer
2021-01-15 23:10 - 2018-09-28 21:45 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2021-01-15 22:56 - 2016-01-02 00:12 - 000000000 ___HD C:\ProgramData\CanonIJScan
2021-01-15 22:56 - 2016-01-02 00:12 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Canon
2021-01-15 22:56 - 2016-01-01 22:46 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2021-01-15 22:56 - 2016-01-01 22:46 - 000000000 ___HD C:\Program Files\CanonBJ
2021-01-15 22:53 - 2020-03-27 23:15 - 000000000 ____D C:\Users\**User**\AppData\Roaming\balena-etcher
2021-01-15 22:52 - 2015-12-30 00:14 - 000000000 ____D C:\Program Files (x86)\Areca
2021-01-15 17:06 - 2018-07-09 20:19 - 000000000 ____D C:\Users\**User**\AppData\Local\D3DSCache
2021-01-15 12:42 - 2020-04-27 19:55 - 000000826 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk
2021-01-15 12:38 - 2016-04-18 22:19 - 000000000 ____D C:\Users\**User**\.android
2021-01-15 12:36 - 2016-04-18 22:17 - 000000000 ____D C:\Program Files\Android
2021-01-15 12:24 - 2018-07-27 23:11 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2021-01-15 12:24 - 2018-07-27 23:11 - 000000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2021-01-15 12:07 - 2020-01-18 13:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
2021-01-15 12:01 - 2015-12-30 17:45 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-01-15 11:57 - 2015-12-30 23:58 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-01-15 11:57 - 2015-12-30 23:57 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-01-13 23:29 - 2015-12-29 00:05 - 000000000 ____D C:\Temp
2021-01-13 22:11 - 2018-07-10 18:52 - 000000716 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-01-13 21:21 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-13 21:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-13 21:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Help
2021-01-13 21:16 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-13 21:16 - 2015-12-29 08:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-13 21:15 - 2020-03-12 21:17 - 000533960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-13 21:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-13 21:15 - 2017-11-18 09:59 - 000000000 ___RD C:\Users\**User**\3D Objects
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-13 21:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-13 21:13 - 2019-03-19 13:18 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-13 21:13 - 2019-03-19 13:18 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-13 21:13 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-13 20:22 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-13 20:20 - 2015-12-29 22:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 20:15 - 2015-12-29 22:17 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-13 20:10 - 2020-03-12 21:17 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-12 08:31 - 2020-06-14 12:37 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-12 08:31 - 2020-06-14 12:37 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-11 21:19 - 2020-07-09 06:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-11 21:19 - 2018-04-25 20:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-11 20:24 - 2015-12-31 00:22 - 000000600 _____ C:\Users\**User**\AppData\Local\PUTTY.RND
2021-01-11 20:02 - 2015-12-30 17:44 - 000000128 _____ C:\Users\**User**\AppData\Roaming\winscp.rnd
2021-01-09 20:46 - 2020-06-14 12:37 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-09 01:39 - 2017-11-20 20:53 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Code
2021-01-05 21:44 - 2015-12-30 17:21 - 000000000 ____D C:\ProgramData\Lexware
2021-01-04 20:00 - 2015-12-31 00:03 - 000450334 _____ C:\ProgramData\StreamingMediaTechnologyLog.txt
2020-12-22 11:02 - 2020-04-13 21:08 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Kodi
2020-12-22 00:19 - 2017-11-20 20:52 - 000000000 ____D C:\Program Files\Microsoft VS Code
2020-12-21 23:41 - 2017-11-20 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2020-12-21 17:01 - 2018-02-26 21:54 - 000000000 ____D C:\Users\**User**\AppData\Roaming\MusicBrainz
2020-12-18 23:53 - 2020-12-03 21:35 - 000000000 ____D C:\Users\**User**\AppData\Local\evernote-client-updater
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-01-18 16:53 - 2020-04-27 22:10 - 000000004 _____ () C:\ProgramData\hscanpdfdata.dat
2016-09-11 22:23 - 2020-06-22 22:00 - 000000003 _____ () C:\Users\**User**\AppData\Roaming\.ptbt0
2015-12-30 17:58 - 2018-08-06 21:15 - 000000268 ___RH () C:\Users\**User**\AppData\Roaming\Piano Hard
2015-12-30 17:58 - 2018-08-06 21:15 - 000000268 ___RH () C:\Users\**User**\AppData\Roaming\Pianos and Keyboards
2015-12-30 17:44 - 2021-01-11 20:02 - 000000128 _____ () C:\Users\**User**\AppData\Roaming\winscp.rnd
2016-04-06 08:48 - 2020-12-08 21:55 - 000056832 _____ () C:\Users\**User**\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-28 18:38 - 2018-09-28 18:38 - 000000000 _____ () C:\Users\**User**\AppData\Local\oobelibMkey.log
2015-12-31 00:22 - 2021-01-11 20:24 - 000000600 _____ () C:\Users\**User**\AppData\Local\PUTTY.RND
2020-11-26 21:31 - 2020-11-26 21:31 - 000001581 _____ () C:\Users\**User**\AppData\Local\recently-used.xbel
2016-09-26 12:52 - 2019-09-14 23:14 - 000007643 _____ () C:\Users\**User**\AppData\Local\Resmon.ResmonCfg
2019-08-16 19:37 - 2019-08-16 19:37 - 000000000 _____ () C:\Users\**User**\AppData\Local\{65C4EF8C-5E9D-430F-BF5F-7A1BA5D322C3}
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
17.01.2021, 20:29
| #5 |
| | Vermeintliche Infektion mit "murofetweekly" Und die neue Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-01-2021
durchgeführt von **User** (17-01-2021 19:33:19)
Gestartet von C:\Users\**User**\Desktop
Windows 10 Home Version 1909 18363.1316 (X64) (2020-03-12 20:26:01)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2974319683-333524289-2430525430-500 - Administrator - Disabled)
**User** (S-1-5-21-2974319683-333524289-2430525430-1001 - Administrator - Enabled) => C:\Users\**User**
DefaultAccount (S-1-5-21-2974319683-333524289-2430525430-503 - Limited - Disabled)
**Admin** (S-1-5-21-2974319683-333524289-2430525430-1007 - Administrator - Enabled) => C:\Users\**Admin**
Gast (S-1-5-21-2974319683-333524289-2430525430-501 - Limited - Disabled)
**OtherUser** (S-1-5-21-2974319683-333524289-2430525430-1006 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2974319683-333524289-2430525430-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Acronis True Image 2015 (HKLM-x32\...\{12889D0E-B7E0-4504-9F6C-7B4F1FC03CE5}) (Version: 18.0.4061 - Acronis)
Active Directory Authentication Library for SQL Server (HKLM\...\{E646D196-A17B-4F14-BE7B-F774527FE5E0}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{44DC843A-C591-4064-BE1F-2BDC177AF50C}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.1.470 - Adobe Inc.)
Adobe Photoshop Elements 2021 (HKLM-x32\...\PSE_19_0) (Version: 19.0 - Adobe Inc.)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.26 - ASUSTeK Computer Inc.)
Aiseesoft Blu-ray Player 6.7.6 (HKLM-x32\...\{3E1A13C3-E458-4995-BEA6-4B9BE279D502}_is1) (Version: 6.7.6 - Aiseesoft Studio)
Amazon Kindle (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Amazon Kindle) (Version: 1.17.0.44170 - Amazon)
Android Studio (HKLM\...\Android Studio) (Version: 4.1 - Google LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
Asus Sonic Suite Plugins (HKLM-x32\...\{3843fc8e-e352-4238-be32-74ca38dd57a0}) (Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
AusweisApp2 (HKLM-x32\...\{F3E22721-7F7E-472F-BBBA-6B5572E15A58}) (Version: 1.22.0 - Governikus GmbH & Co. KG)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin)
balenaEtcher 1.5.101 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.101 - Balena Inc.)
balenaEtcher 1.5.80 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\{d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b}) (Version: 1.5.80 - Balena Inc.)
Behaviors SDK (Windows) for Visual Studio 2013 (HKLM-x32\...\{B2429EA1-767E-4947-A458-F2204A2AA1BB}) (Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{7DF6313D-1090-4964-8EB4-632DFA704CF8}) (Version: 5.6.0 - Kovid Goyal)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
CEWE Fotowelt (HKLM-x32\...\CEWE Fotowelt) (Version: 7.1.1 - CEWE Stiftung u Co. KGaA)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DB Browser for SQLite (HKLM\...\{EBC2E51F-67BE-4839-8215-2D3C1AD19D1A}) (Version: 3.12.0 - DB Browser for SQLite Team)
DDBAC (HKLM-x32\...\{686F2AC2-CC20-48E6-8CBC-7CE405F4E688}) (Version: 5.6.17.0 - B+S Banksysteme Aktiengesellschaft)
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 4.7 - DiskInternals Research)
easyHDR 2 (HKLM-x32\...\easyHDR_2) (Version: 2.30.6 - BRTKSOFT Bartlomiej Okonek)
Evernote 10.5.7 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.5.7 - Evernote Corporation)
Exact Audio Copy 1.6 (HKLM-x32\...\Exact Audio Copy) (Version: 1.6 - Andre Wiethoff)
ffdshow v1.3.4531 [2014-06-28] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4531.0 - )
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Folding@home (HKLM-x32\...\FAHClient) (Version: 7.6.21 - Folding@home.org)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
Garmin BaseCamp (HKLM-x32\...\{9b6e1420-2b69-4974-a25f-ba67399695fd}) (Version: 4.7.3.0 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{F71A87C2-FEF5-450A-A601-DCC1A9E23DAF}) (Version: 4.7.3.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{4e365b8d-ed6f-4316-a1b8-f8762eaed5a0}) (Version: 2.5.8 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{9644C9A2-DB70-40B2-9CD3-E025F9CD867D}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Hidden
GDR 4042 für SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
GeoSetter 3.5.3 (HKLM-x32\...\GeoSetter_is1) (Version: - Friedemann Schmidt)
GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.90.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.90.0000 - GIGABYTE Technology Co.,Ltd.)
Git version 2.28.0 (HKLM\...\Git_is1) (Version: 2.28.0 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\GitHubDesktop) (Version: 2.5.0 - GitHub, Inc.)
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.2.23 - The GnuPG Project)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GoToMeeting 10.15.0.19228 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\GoToMeeting) (Version: 10.15.0.19228 - LogMeIn, Inc.)
Gpg4win (3.1.13) (HKLM-x32\...\Gpg4win) (Version: 3.1.13 - The Gpg4win Project)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HashCheck Shell Extension (HKLM\...\HashCheck Shell Extension) (Version: 2.4.0.55 - )
HashTab 6.0.0.34 (HKLM\...\HashTab) (Version: 6.0.0.34 - Implbits Software)
HeidiSQL 11.1.0.6116 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\HeidiSQL_is1) (Version: 11.1 - Ansgar Becker)
Horland's Scan2Pdf (HKLM-x32\...\Horlands Scan2Pdf 6_is1) (Version: 6.7.0.1 - Horland Software)
Hugin 2016.0.0 (HKLM-x32\...\Hugin) (Version: 2016.0.0 hg_3b4e2790cb90 - The Hugin Development Team)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6230EE50-BD4E-4B39-904D-3E7600053E08}) (Version: 6.2.1 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IrfanView 4.57 (64-bit) (HKLM\...\IrfanView64) (Version: 4.57 - Irfan Skiljan)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
JOSM 17428 (HKLM-x32\...\JOSM) (Version: 17428 - OpenStreetMap JOSM team)
KeePass Password Safe 2.47 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.47 - Dominik Reichl)
KNX eteC Falcon Runtime v2.1 (HKLM-x32\...\{9543BDC2-B910-4ED8-AD92-B8B92040245D}) (Version: 2.1.5431.49892 - KNX Association cvba) Hidden
KNX ETS4 (HKLM-x32\...\{A9F2E6BA-6756-4D8D-808E-671F4862EF2B}) (Version: 4.2.3884.50021 - KNX Association cvba) Hidden
KNX ETS4 (HKLM-x32\...\KNX ETS4) (Version: 4.2.3884.50021 - KNX Association cvba)
KNX ETS4 Additional Runtime (HKLM-x32\...\{B9681EB8-76E5-4022-AE84-F6B7CE464554}) (Version: 4.0.0.0 - KNX Association cvba) Hidden
Kodi (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Kodi) (Version: - XBMC Foundation)
Leawo Blu-ray Player Version 2.0.2.0 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 2.0.2.0 - Leawo Software)
Lexware buchhalter 2020 (HKLM-x32\...\{C82189A3-82A2-4C14-A477-A8E9CA16CACE}) (Version: 25.05.00.0382 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware EasyArchive 2020 (HKLM-x32\...\{6214A8D2-D034-4C64-891B-8B252DAE7EAF}) (Version: 4.00.00.0205 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Einnahmen-Überschuss-Rechner 2020 (HKLM-x32\...\{d74e6c1c-243b-43d6-ae85-a4092670274a}) (Version: 25.5.0.287 - Haufe-Lexware GmbH & Co. KG)
Lexware Elster 2020 (HKLM-x32\...\{03DE7F6B-41FF-43D2-91BB-2A1895388866}) (Version: 20.04.00.0376 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2020 (HKLM-x32\...\{9502e0b1-83d1-4d72-8a61-3f50175bce11}) (Version: 20.4.0.275 - Haufe-Lexware GmbH & Co. KG)
Lexware Finanzmanager 2020 (HKLM-x32\...\{4f7a16a4-aaad-448e-8bda-b3509a128728}) (Version: 27.39.0.181 - Haufe-Lexware GmbH & Co.KG)
Lexware finanzmanager 2020 (HKLM-x32\...\{5B16F1F5-E232-4189-ABF1-3F7555CAE778}) (Version: 27.39.00.0267 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Finanzmanager Import Export Server 2020 (HKLM-x32\...\{B434B636-B83B-4A90-8DF8-6A25456A0D21}) (Version: 27.05.00.0190 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware FolderPermission 2019 (HKLM-x32\...\{1E662826-FBAB-43A8-A43F-09F0DD5FFF26}) (Version: 2.00.00.0131 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Info Service 2020 (HKLM-x32\...\{CB8E2157-1AD1-45DF-9B8E-3B215EF0F9AE}) (Version: 20.00.00.0121 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst 2020 (HKLM-x32\...\{5D1CF90A-BC7A-40B3-8A15-4802F1BF5B73}) (Version: 9.00.00.0111 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking 2020 (HKLM-x32\...\{C7AD95C7-7974-4674-81F4-B89E62FB97D1}) (Version: 27.00.00.0166 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5.5 (HKLM-x32\...\{851F57CD-8A05-4995-9BC7-3DF1BDABB38C}) (Version: 5.52.00.0226 - Haufe-Lexware GmbH & Co.KG) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Media Streamer (HKLM-x32\...\{B457E718-00CA-45C8-9F75-45D66F8DAFF6}) (Version: 3.00.13 - ASUSTeK Computer Inc.)
Microsoft .NET Core SDK - 2.1.202 (x64) (HKLM-x32\...\{06b884b0-4947-4439-859f-098e431012d6}) (Version: 2.1.202 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.65 - )
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB RC0 (HKLM\...\{9CED5D08-5664-4668-A927-CD6C60C4175D}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects RC0 (HKLM-x32\...\{948B5F49-A57E-46B4-9F1E-145D7A9E66D7}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects RC0 (x64) (HKLM\...\{F6F8053F-D328-4ACA-93A1-A49E495899F2}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service RC0 (HKLM-x32\...\{1852BD30-570B-4E47-8752-461448E8E250}) (Version: 13.0.12000.52 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom RC0 (HKLM\...\{D9F55D00-A8AB-4518-A56E-D9D5E615542A}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60311.1) (HKLM-x32\...\{28292CA9-8D65-4E37-95A3-753EEB38F122}) (Version: 14.0.60311.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM\...\{495CC0B4-D4C3-4D87-8317-F66BA48C5552}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM-x32\...\{3A87F9F2-D65D-4BA9-8459-E5BBE31EA64D}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ Compiler Package for Python 2.7 (HKLM-x32\...\{692514A8-5484-45FC-B0AE-BE2DF7A75891}) (Version: 9.0.1.30729 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.52.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 de) (HKLM\...\Mozilla Firefox 84.0.2 (x64 de)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
Mozilla Thunderbird 78.6.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 78.6.1 (x86 de)) (Version: 78.6.1 - Mozilla)
Müller Foto (HKLM-x32\...\Müller Foto) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 2.5.1 - MusicBrainz)
NahimicSettingsConfigurator (HKLM\...\{81B881EA-2E90-4E70-8022-BA48D358586A}) (Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.4.1 - Nikon Corporation)
Nikon Transfer 2 (HKLM-x32\...\{757DBE04-3DC8-4741-B10B-4628745E96FE}) (Version: 2.13.5 - Nikon Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Grafiktreiber 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.16 (HKLM\...\{6BC7BBCE-9202-4698-B866-F02AACB838C7}) (Version: 6.1.16 - Oracle Corporation)
OSM generic routable (new style) (HKLM-x32\...\OSM generic routable (new style)) (Version: - )
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PDFsam Basic (HKLM\...\{5F69C3E1-65F3-4B53-99A1-AABF8E9FFBA6}) (Version: 4.2.1.0 - Sober Lemur S.a.s. di Vacondio Andrea)
Picture Control Utility 2 (HKLM\...\{C03DA72C-DE1F-4628-9CA0-53AFAE96C05F}) (Version: 2.4.5 - Nikon Corporation)
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT RC0 (HKLM-x32\...\{AB72EB1C-9CF4-4274-984D-5EDA8BF37A08}) (Version: 13.0.1100.286 - Microsoft Corporation)
PuTTY release 0.66 (HKLM-x32\...\PuTTY_is1) (Version: 0.66 - Simon Tatham)
Python 2.7.15 (HKLM-x32\...\{16CD92A4-0152-4CB7-8FD6-9788D3363616}) (Version: 2.7.15150 - Python Software Foundation)
QNAP Qsync Client (HKLM-x32\...\Qsync) (Version: 4.5.1.1026 - QNAP Systems, Inc.)
QNAP QVR Pro Client (HKLM-x32\...\QNAPQVR Pro ClientX64) (Version: 1.3.0.19345 - QNAP Systems, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (HKLM-x32\...\{263EF873-F5D0-3134-A962-356C21A3510F}) (Version: 14.0.25126 - Microsoft Corporation) Hidden
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Sonic Studio Plugin (HKLM\...\{F55B1B94-3BFA-49D4-AE45-2ECE776BA815}) (Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
SourceTree (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\SourceTree) (Version: 3.3.8 - Atlassian)
Spotify (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Spotify) (Version: 1.1.44.538.g8057de92 - Spotify AB)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stardock Fences 3 (HKLM-x32\...\Stardock Fences 3) (Version: 3.09 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk)
TAXMAN 2020 (HKLM-x32\...\{1342F8EA-0E9F-4CCB-81E8-74638BC0C757}) (Version: 25.38.89 - Haufe-Lexware GmbH & Co.KG)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
tiptoi® Manager 4.2 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.2 - Ravensburger AG)
TortoiseGit 2.11.0.0 (64 bit) (HKLM\...\{BC4EEE50-1DEA-4CED-A29E-078B39247EFA}) (Version: 2.11.0.0 - TortoiseGit)
TortoiseSVN 1.13.1.28686 (64 bit) (HKLM\...\{F7080EF1-BD21-483B-ACAE-E19FAA2DF458}) (Version: 1.13.28686 - TortoiseSVN)
Tresorit (HKLM-x32\...\{F91B7DAB-1466-4473-AADC-B95F6197E5F9}) (Version: 3.5.2528.1420 - Tresorit)
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{DD51688B-194A-4A10-83D8-40AD1D9954A1}) (Version: 1.8.30.0 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.23-Hotfix-2 - IDRIX)
ViewNX-i (HKLM\...\{C02E1F40-7EB2-4084-991B-EBFC7F586E26}) (Version: 1.4.2 - Nikon Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WakeOnLAN Version 2.12.2.0 (HKLM\...\{05DF342B-3E1A-4862-9E67-8E7E9839D3EC}_is1) (Version: 2.12.2.0 - Aquila Technology)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinMerge 2.16.8.0 x64 (HKLM\...\WinMerge_is1) (Version: 2.16.8.0 - Thingamahoochie Software)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinSCP 5.17.6 (HKLM-x32\...\winscp3_is1) (Version: 5.17.6 - Martin Prikryl)
Zoom (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-12-14] (Adobe Systems Incorporated)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-06] (Canon Inc.)
Diagnostic Data Viewer -> C:\Program Files\WindowsApps\Microsoft.DiagnosticDataViewer_3.1904.13013.0_x64__8wekyb3d8bbwe [2020-10-30] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-20] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-13] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BAD45F}\localserver32 -> "C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe" -toastactivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32 -> D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2021}\localserver32 -> D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E0F5B1336BD1} -> [Creative Cloud Files] => C:\Users\**User**\Creative Cloud Files [2020-12-14 06:19]
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{1B8DEAA1-E192-429B-89A7-89BD19183A67} -> [Tresorit Drive] => W:\0
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{57D0E8CF-2552-4B76-A5C4-B1E9D413FD14} -> [Qsync] => C:\Users\**User**\AppData\Local\QNAP\Qsync\Quick Access [2017-11-15 22:41]
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\**User**\AppData\Local\GoToMeeting\12023\G2MOutlookAddin64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{D6EB3938-8CBE-4CC5-8CFA-C89750619193} -> [Synchronisierte Tresore] => %USERPROFILE%\.tresorit\Tresors0
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
SSODL: CallbackTechMountNotificator-cbfs20 - {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99} - C:\WINDOWS\system32\cbfsShellHelper20.dll (Callback Technologies, Inc. -> Callback Technologies, Inc. - www.callback.com)
SSODL-x32: CallbackTechMountNotificator-cbfs20 - {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99} - C:\WINDOWS\SysWOW64\cbfsShellHelper20.dll (Callback Technologies, Inc. -> Callback Technologies, Inc. - www.callback.com)
ShellServiceObjects: Virtual Storage Mount Notification -> {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99} => C:\WINDOWS\system32\cbfsShellHelper20.dll [2020-09-08] (Callback Technologies, Inc. -> Callback Technologies, Inc. - www.callback.com)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99} => C:\WINDOWS\SysWOW64\cbfsShellHelper20.dll [2020-09-08] (Callback Technologies, Inc. -> Callback Technologies, Inc. - www.callback.com)
ShellIconOverlayIdentifiers: [ QsyncEx_Icon1] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ QsyncEx_Icon2] -> {E3FEB4FC-4836-4DC7-B6E6-200229DE3748} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ QsyncEx_Icon3] -> {5931A2EF-1745-4325-9AC8-2E569E0C7CF0} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ QsyncEx_Icon4] -> {9968E808-7FD7-43D3-9D03-724F975A6173} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Programme\Notepad++\NppShell_06.dll [2020-09-24] (Notepad++ -> )
ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers1-x32: [GeoSetterShellExt] -> {7506374C-A693-427B-8DDD-99DAFB79433D} => D:\Programme\GeoSetter\GeoSetterShellExt.dll [2019-10-29] (Friedemann Schmidt) [Datei ist nicht signiert]
ContextMenuHandlers1: [GeoSetterShellExt64] -> {A50BD5C6-4B18-44F3-8D6D-62DE89A969E9} => D:\Programme\GeoSetter\GeoSetterShellExt64.dll [2019-10-29] (Friedemann Schmidt) [Datei ist nicht signiert]
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => D:\Programme\Gpg4win\bin_64\gpgex.dll [2020-09-04] (g10 Code GmbH) [Datei ist nicht signiert]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ContextMenuHandlers1: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers1: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\Programme\WinMerge\ShellExtensionX64.dll [2020-07-20] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers2: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\Programme\WinMerge\ShellExtensionX64.dll [2020-07-20] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programme\Malwarebytes\mbshlext.dll [2021-01-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => D:\Programme\Gpg4win\bin_64\gpgex.dll [2020-09-04] (g10 Code GmbH) [Datei ist nicht signiert]
ContextMenuHandlers4: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ContextMenuHandlers4: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers4: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\Programme\WinMerge\ShellExtensionX64.dll [2020-07-20] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ContextMenuHandlers5: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers5: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\Programme\WinMerge\ShellExtensionX64.dll [2020-07-20] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programme\7-Zip\7-zip32.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers6-x32: [GeoSetterShellExt] -> {7506374C-A693-427B-8DDD-99DAFB79433D} => D:\Programme\GeoSetter\GeoSetterShellExt.dll [2019-10-29] (Friedemann Schmidt) [Datei ist nicht signiert]
ContextMenuHandlers6: [GeoSetterShellExt64] -> {A50BD5C6-4B18-44F3-8D6D-62DE89A969E9} => D:\Programme\GeoSetter\GeoSetterShellExt64.dll [2019-10-29] (Friedemann Schmidt) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programme\Malwarebytes\mbshlext.dll [2021-01-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ContextMenuHandlers6: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers6: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-06-28] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin\Enblend Droplet 360.lnk -> C:\Program Files (x86)\Hugin\bin\enblend_droplet_360.bat ()
Shortcut: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin\Enblend Droplet.lnk -> C:\Program Files (x86)\Hugin\bin\enblend_droplet.bat ()
Shortcut: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin\Enfuse Align Droplet.lnk -> C:\Program Files (x86)\Hugin\bin\enfuse_align_droplet.bat ()
Shortcut: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin\Enfuse Auto Droplet.lnk -> C:\Program Files (x86)\Hugin\bin\enfuse_auto_droplet.bat ()
Shortcut: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin\Enfuse Droplet 360.lnk -> C:\Program Files (x86)\Hugin\bin\enfuse_droplet_360.bat ()
Shortcut: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin\Enfuse Droplet.lnk -> C:\Program Files (x86)\Hugin\bin\enfuse_droplet.bat ()
ShortcutWithArgument: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 32-bit Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\**User**\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" x86"
ShortcutWithArgument: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 64-bit Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\**User**\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" amd64"
ShortcutWithArgument: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 64-bit Cross Tools Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\**User**\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" x86_amd64"
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-12-29 09:24 - 2015-05-08 07:26 - 000662016 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-12-29 09:25 - 2015-02-09 17:53 - 000872960 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 000147456 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-12-29 09:25 - 2015-07-02 23:20 - 004662272 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000507392 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\AsKeyboardFocusHooker.dll
2015-12-29 09:25 - 2015-06-24 23:16 - 000236544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000712192 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-12-29 09:25 - 2015-06-30 22:22 - 000863744 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000803840 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-12-29 09:25 - 2015-07-01 16:33 - 000815104 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000091648 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-12-29 09:25 - 2015-06-29 12:35 - 000383488 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\SystemCleaner.dll
2015-12-29 09:25 - 2015-05-21 21:57 - 001141248 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2015-12-29 09:25 - 2015-09-10 15:06 - 000237568 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2015-12-29 09:25 - 2014-02-24 16:49 - 000208896 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2015-12-29 09:25 - 2015-06-26 13:50 - 000906240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\LED Control\LEDControl.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 000091648 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-12-29 09:26 - 2015-06-23 10:17 - 001338368 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\MoboConnect.dll
2015-12-29 09:26 - 2013-11-20 10:10 - 000662016 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2015-12-29 09:26 - 2013-07-02 10:40 - 000253952 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2015-12-29 08:57 - 2014-07-23 02:59 - 000104448 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-12-29 09:25 - 2014-09-08 07:26 - 000053248 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-12-29 09:25 - 2014-09-26 14:40 - 000278528 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2020-07-22 10:14 - 2020-07-22 10:14 - 000272384 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\IOTCAPIs.dll
2020-07-22 10:14 - 2020-07-22 10:14 - 000105984 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\P2PTunnelAPIs.dll
2020-06-01 09:18 - 2020-06-01 09:18 - 000166400 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\RdiffDll.dll
2020-07-22 10:14 - 2020-07-22 10:14 - 000103936 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\RDTAPIs.dll
2019-10-19 00:02 - 2019-10-19 00:02 - 000056320 _____ () [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\QtSolutions_Service-head.dll
2016-01-02 00:50 - 2006-02-23 11:35 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzColorPort64.dll
2016-01-02 00:50 - 2006-02-22 10:39 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzPort64.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 003213312 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\nvrtc-builtins64_92.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 003277824 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMM.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 000804864 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMMCPU.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 002045440 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMMCUDA.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 000281600 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMMCudaCompiler.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 002169344 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMMOpenCL.dll
2020-12-06 21:12 - 2020-12-06 21:12 - 002772692 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit-avx-256\a7-0.0.19\Core_a7.fah\libfftw3f-3.dll
2020-08-27 03:49 - 2020-08-27 03:49 - 048966144 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\AdobePIE.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 060800000 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\opencv_core410.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 003119104 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\opencv_imgcodecs410.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 045977600 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\opencv_imgproc410.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 000283136 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\PhotoCreations.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 000137728 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\ToastNotification.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 017214464 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\usd_win.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 000446976 _____ (Adobe Systems Incorporated) [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\AdobeSVGAGM.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 002109952 _____ (Apache Software Foundation) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\log4cxx.dll
2020-08-27 03:49 - 2020-08-27 03:49 - 002861568 _____ (Apache Software Foundation) [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\xerces.dll
2015-12-29 09:24 - 2015-05-08 07:26 - 000108544 ____R (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL
2015-12-29 09:24 - 2015-06-03 15:17 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\ASACPI.DLL
2015-12-29 09:25 - 2015-06-04 00:48 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll
2015-12-29 09:25 - 2014-09-08 07:26 - 000108544 ____R (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsAcpi.dll
2015-12-29 08:57 - 2021-01-16 12:30 - 000037160 _____ (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-12-29 09:24 - 2015-05-08 07:26 - 000677376 ____R (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AAHM\1.00.22\asacpiEx.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 000221184 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\asacpiex.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000221184 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiex.dll
2015-12-29 09:26 - 2015-06-22 16:16 - 000114176 _____ (ASUSTek Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\AndroidOpenAccessory.dll
2015-12-29 09:26 - 2013-11-20 10:10 - 000221184 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\AsMultiLang.dll
2015-12-29 09:26 - 2014-07-25 15:46 - 001328128 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotice.dll
2015-12-29 09:26 - 2015-06-18 23:46 - 001087488 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\System Information\SystemInfo.dll
2015-12-29 09:26 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\AsMultiLang.dll
2015-12-29 09:26 - 2015-03-12 14:48 - 000901120 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\Express.dll
2015-12-29 09:25 - 2014-09-08 07:26 - 000676864 ____R (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\asacpiEx.dll
2015-12-29 09:25 - 2014-09-08 07:26 - 000102400 ____R (ASUSTek Computer Inc.,) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\EIO.DLL
2020-08-27 03:49 - 2020-08-27 03:49 - 051178496 _____ (Cognitec Systems GmbH) [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\frsdk-9.4.0.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 001864192 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\platforms\qwindowsd.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 008492544 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Cored.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 009202688 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Guid.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 008172032 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Widgetsd.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 000316928 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Xmld.dll
2021-01-14 07:05 - 2021-01-14 07:05 - 001936896 _____ (Greenshot) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\GreenshotPlugin\95aa56d453495d0bfdb383792c19768d\GreenshotPlugin.ni.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000251392 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\System32\IPPMon.dll
2020-03-12 21:19 - 2020-03-12 21:19 - 001654784 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2020-03-12 21:19 - 2020-03-12 21:19 - 000054272 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80DEU.DLL
2020-04-19 21:08 - 2020-04-19 21:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-04-19 21:08 - 2020-04-19 21:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 087017472 _____ (NVIDIA Corporation) [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\cufft64_92.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 015544832 _____ (NVIDIA Corporation) [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\nvrtc64_92.dll
2020-10-23 03:42 - 2020-10-23 03:42 - 066421248 _____ (QNAP Systems, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\Lang\QsyncDEU.dll
2021-01-14 07:05 - 2021-01-14 07:05 - 000740352 _____ (The Apache Software Foundation) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\log4net\23757deccb0632eb09e5c935a21a9ea3\log4net.ni.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 021529088 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\icudt53.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 001982976 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\icuin53.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 001355264 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\icuuc53.dll
2020-08-27 03:49 - 2020-08-27 03:49 - 027534336 _____ (The ICU Project) [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\icudt64.dll
2020-08-27 03:49 - 2020-08-27 03:49 - 002430976 _____ (The ICU Project) [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\icuuc64.dll
2020-06-01 09:18 - 2020-06-01 09:18 - 002115584 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\libcrypto-1_1.dll
2020-06-01 09:18 - 2020-06-01 09:18 - 000371200 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\libssl-1_1.dll
2019-10-19 00:02 - 2019-10-19 00:02 - 001652224 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\LIBEAY32.dll
2019-10-19 00:03 - 2019-10-19 00:03 - 000345600 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\SSLEAY32.dll
2019-12-10 22:09 - 2019-12-10 22:09 - 006105088 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\Qt5Core.dll
2019-04-09 09:22 - 2019-04-09 09:22 - 001301504 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\Qt5Network.dll
2019-04-10 17:56 - 2019-04-10 17:56 - 000141312 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\Qt5WebSockets.dll
2015-12-29 09:25 - 2014-09-26 14:40 - 000927744 ____R (TODO: <Company name>) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\AsusGpuTweak.dll
2016-01-02 00:50 - 2006-02-23 12:16 - 000047616 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmColorFax.dll
2016-01-02 00:50 - 2006-02-22 10:53 - 000043520 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmFax.dll
2020-08-27 03:49 - 2020-08-27 03:49 - 002957312 _____ (WinSoft S.A.) [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\WRServices.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kein Name -> {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99}' -> Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Kein Name -> {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99}' -> Keine Datei
Toolbar: HKU\S-1-5-21-2974319683-333524289-2430525430-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - Keine Datei
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\localhost -> localhost
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2020-11-22 20:19 - 000000854 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 drive.tresorit.com
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Python27\;C:\Python27\Scripts;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\System32;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files\Microsoft VS Code\bin;C:\Program Files\TortoiseSVN\bin;D:\Programme\GnuPG\bin;C:\Program Files\Git\cmd;D:\Programme\TortoiseGit\bin;D:\Programme\Calibre2\;D:\Programme\FAHClient
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\Control Panel\Desktop\\Wallpaper -> d:\bilder\photos\2016_08_28 tap2016\img_1619.jpg
DNS Servers: 192.168.178.13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
ist aktiviert.
Network Binding:
=============
VirtualBox Host-Only Network #3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network #2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "Finanzmanager 2017 Zahlungserinnerung.lnk"
HKLM\...\StartupApproved\StartupFolder: => "GIGABYTE OC_GURU.lnk"
HKLM\...\StartupApproved\Run: => "Fences"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobePSE17AutoAnalyzer"
HKLM\...\StartupApproved\Run32: => "ASUS AiChargerPlus Execute"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer DMS"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer WSAgent"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer ShareEdit"
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\StartupApproved\Run: => "KeePass Password Safe 2"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{FFD85465-977C-4520-9B73-0CE33FDBB99E}C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm.exe => Keine Datei
FirewallRules: [TCP Query User{8FDC8FF6-B726-4023-B064-AF0D57E36B20}C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm.exe => Keine Datei
FirewallRules: [{F5206E27-BA97-48F4-BCB0-D07B397056FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{17572C71-10E4-4E11-B0F1-1ABD8E9ECEF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{150740DE-9B06-4242-AA93-65C90E8E57A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B5C7CF9E-5D82-4ED7-BF81-BE624DA7636F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{400804DD-6A28-4742-9C9E-092A7CB5D081}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52455608-870B-4DF4-AD26-3E30A4825514}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22D961F1-FB58-492E-992B-86DD59572D86}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42AD79A9-D6C1-4043-AEE8-914756F6C4DB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1DE0F898-186A-433C-92A0-A742811FA57C}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe (KNX Association) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{CFCA897C-657A-49ED-96FA-60C0951FCBF7}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe (KNX Association) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B68597A7-0609-4F25-8097-C7046FD042D0}C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [TCP Query User{ADAB3000-A29D-4F20-B4C6-037102D42D4B}C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [UDP Query User{F8A303EA-99C3-4F2C-B610-7BA96F894CE3}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe => Keine Datei
FirewallRules: [TCP Query User{E25111C1-7711-494F-B618-523AD7D9ADC9}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe => Keine Datei
FirewallRules: [UDP Query User{D25EA8A5-52F3-4712-841D-853D44C542BC}C:\users\**User**\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\**User**\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{91158797-E548-4C90-AB76-3DC16877908C}C:\users\**User**\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\**User**\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{2C71C24D-DA63-49FE-83B7-5F75CBF8AC79}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe => Keine Datei
FirewallRules: [TCP Query User{45B40E81-D673-4217-9483-A24314C01B9C}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe => Keine Datei
FirewallRules: [UDP Query User{8193C757-1E42-4D6B-8753-5EA9C62111BB}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe (KNX Association) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{733E7B53-0882-44BA-A112-C9EC67A6414F}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe (KNX Association) [Datei ist nicht signiert]
FirewallRules: [{CF9DE28F-E34F-46AE-9C91-93BB85D156F5}] => (Block) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [{7AD17824-30E0-445B-B423-F2DBA8A7BA5D}] => (Block) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [UDP Query User{5608F1D4-10E5-4576-A918-B90D1E5E7DF8}C:\program files (x86)\qnap\qsync\qsync.exe] => (Allow) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [TCP Query User{CDA62F1D-1081-484B-9417-BCC2E95F0616}C:\program files (x86)\qnap\qsync\qsync.exe] => (Allow) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [UDP Query User{10AACF7E-2248-437E-83E3-E110DE5F395F}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe => Keine Datei
FirewallRules: [TCP Query User{210E53B7-D273-4A1A-9663-82D832177391}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe => Keine Datei
FirewallRules: [UDP Query User{A520744B-3141-4773-A8EB-5DC3973FCE7D}C:\program files (x86)\smartcontrolcenter\sccd.exe] => (Allow) C:\program files (x86)\smartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [TCP Query User{09137EA0-772B-48E1-A085-34F9BF1E7F99}C:\program files (x86)\smartcontrolcenter\sccd.exe] => (Allow) C:\program files (x86)\smartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [{F2017C1F-EE21-4999-BA99-80F4CA521711}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6B261B47-BBB3-4D07-A667-5454244CE091}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
FirewallRules: [{9AC230B9-993D-43F1-8C62-85BC2750CDD9}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
FirewallRules: [{A14FD695-5904-4F6C-B0F6-0D787C0FF388}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{76582FC6-945D-4F4C-99AE-90D7AED2CFDE}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{544C5DAF-F49E-443A-A767-294EBCD2C0EA}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{6211DBE4-35A4-4800-8B32-0C25CA8FDB5A}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{71F7A69A-2CF5-4B00-B03E-D23642DB5EE7}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{00192F63-78F0-4CAA-B5F9-3847D47B70D7}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{FE1B676F-6271-4B64-B70D-B25F4908C494}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe () [Datei ist nicht signiert]
FirewallRules: [{1ED8560A-D924-40F7-A3A0-2BA68E512CD2}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe () [Datei ist nicht signiert]
FirewallRules: [{293C3A3F-CC31-44F8-89E3-09726E7019D7}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{8ED666DA-874C-4BCA-B9E8-422E04278655}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{FDE02139-845A-48F8-8C5A-53B1934567C6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A5D049BA-BBA3-4383-811A-1EA82079C9D9}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{35D12C64-B698-40AF-AFB1-8A4CFB3A2075}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{9801DDED-F8CF-4791-92D0-DA63EDA62F7C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{D33882D9-F441-4E02-80FD-D09F5F2DCA52}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{607E6385-A942-4CB4-B935-E21350F3B0C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B9924A9C-A71D-4960-A0BF-56AF9550D83F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BFE2834C-B6A7-4412-88AE-C2E4C54EA6DF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe => Keine Datei
FirewallRules: [{29708248-1DD4-4106-817E-2B3C39088F09}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B31A7716-E042-44CD-8166-CCD64416C811}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7F586656-3AA3-4BF3-B20A-0D8E1210E869}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{71098D98-7DB3-40D8-AB1E-6BEA218BFB74}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BF465933-7C5A-478C-9EE7-A657635AA354}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3E5467F0-BE7D-4BB0-AFC0-03D5632D219B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A941ACCC-3C10-4FE0-BE8E-D900CC715F2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{30B7FFF9-4CC2-4803-AA06-9FF0A39B4535}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{33C2DEC9-2A47-4A0B-B956-5AB136846016}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{15D6ADD1-14C4-4A0F-9824-E560C537ADF7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{E0CB0B60-8EC2-4740-845A-42ECCC12B4F8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{1D5340BD-FEB8-4DDD-AE85-FF500D560FCA}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe => Keine Datei
FirewallRules: [UDP Query User{49EF06E3-3A5D-4EF4-A4AD-ABD999C7A302}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe => Keine Datei
FirewallRules: [TCP Query User{991529A3-3C21-496B-B78F-8254CE269E44}C:\program files (x86)\smartcontrolcenter\sccd.exe] => (Allow) C:\program files (x86)\smartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [UDP Query User{81BDA2EF-C623-4644-93BB-65CA7813139F}C:\program files (x86)\smartcontrolcenter\sccd.exe] => (Allow) C:\program files (x86)\smartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [TCP Query User{F1044954-FA92-438F-A0C1-E49EA9808D38}C:\program files\aquila technology\wakeonlan\wakeonlan.exe] => (Allow) C:\program files\aquila technology\wakeonlan\wakeonlan.exe (Open Source Developer, Philip Sterling Tull -> Aquila Technology)
FirewallRules: [UDP Query User{69A807A3-0D85-4A31-99BD-1E3D7BC65F52}C:\program files\aquila technology\wakeonlan\wakeonlan.exe] => (Allow) C:\program files\aquila technology\wakeonlan\wakeonlan.exe (Open Source Developer, Philip Sterling Tull -> Aquila Technology)
FirewallRules: [TCP Query User{4F3D4B02-E808-4C63-9A04-9FD5B8D8876E}D:\programme\kodi\kodi.exe] => (Allow) D:\programme\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{37AB47B5-DB9E-4A7E-A5EB-027F8BB297C6}D:\programme\kodi\kodi.exe] => (Allow) D:\programme\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{BD72522E-D3F0-471B-BC20-1EF3EF8BBB81}D:\arbeit\zprogramming\local_prj\openhab-webui\bundles\org.openhab.ui.paper\node\node.exe] => (Allow) D:\arbeit\zprogramming\local_prj\openhab-webui\bundles\org.openhab.ui.paper\node\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{C2B29C38-BD5E-4D3F-ADF0-BA00E709383E}D:\arbeit\zprogramming\local_prj\openhab-webui\bundles\org.openhab.ui.paper\node\node.exe] => (Allow) D:\arbeit\zprogramming\local_prj\openhab-webui\bundles\org.openhab.ui.paper\node\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [TCP Query User{31BF38B8-6B6F-416D-B1F8-3E41A8CA53F7}D:\arbeit\zprogramming\eclipseinstall\eclipse\eclipse.exe] => (Allow) D:\arbeit\zprogramming\eclipseinstall\eclipse\eclipse.exe => Keine Datei
FirewallRules: [UDP Query User{1444B872-0370-4564-AE87-C7C0D1E4342F}D:\arbeit\zprogramming\eclipseinstall\eclipse\eclipse.exe] => (Allow) D:\arbeit\zprogramming\eclipseinstall\eclipse\eclipse.exe => Keine Datei
FirewallRules: [TCP Query User{AD4354FD-86BE-4E48-83CA-881E10E51432}D:\programme\java64\jdk-14.0.1\bin\javaw.exe] => (Allow) D:\programme\java64\jdk-14.0.1\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{134D0F37-58F5-4703-ACE6-0A577B165589}D:\programme\java64\jdk-14.0.1\bin\javaw.exe] => (Allow) D:\programme\java64\jdk-14.0.1\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{1D5858FD-CC35-42D9-A9C1-0952B8CBB580}D:\programme\java32\jre1.8.0_251\bin\javaw.exe] => (Allow) D:\programme\java32\jre1.8.0_251\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{4610251D-866B-4E80-A369-AC4CF8F39B0A}D:\programme\java32\jre1.8.0_251\bin\javaw.exe] => (Allow) D:\programme\java32\jre1.8.0_251\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{681EC9A7-6758-4025-8577-772A60F74721}D:\programme\java32\jdk1.8.0_251\jre\bin\java.exe] => (Block) D:\programme\java32\jdk1.8.0_251\jre\bin\java.exe => Keine Datei
FirewallRules: [UDP Query User{1F9B85CD-2C36-424C-BA10-BF51EED21E0D}D:\programme\java32\jdk1.8.0_251\jre\bin\java.exe] => (Block) D:\programme\java32\jdk1.8.0_251\jre\bin\java.exe => Keine Datei
FirewallRules: [TCP Query User{FDD574AE-0D5E-4F0B-B935-5C8C36F1FCB4}D:\arbeit\zprogramming\eclipseinstall\eclipse.exe] => (Allow) D:\arbeit\zprogramming\eclipseinstall\eclipse.exe (Eclipse.org Foundation, Inc. -> )
FirewallRules: [UDP Query User{58B8DBE3-CB61-490C-B2EF-D6976042B024}D:\arbeit\zprogramming\eclipseinstall\eclipse.exe] => (Allow) D:\arbeit\zprogramming\eclipseinstall\eclipse.exe (Eclipse.org Foundation, Inc. -> )
FirewallRules: [{3D888DFE-358D-405E-AE16-8F5FC6CA8DBF}] => (Allow) D:\Programme\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6E94679A-33BC-46DC-9D60-575877EE3254}] => (Allow) D:\Programme\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7A6D5A25-AB5D-4BE5-ABBC-66D586617491}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4428D5A8-C1CF-47B6-86A5-120049103E3A}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7F03D273-5C7F-4085-8005-AC639B39DA4F}] => (Allow) D:\Programme\Steam\steamapps\common\Through The Darkest of Times\TtDoT.exe () [Datei ist nicht signiert]
FirewallRules: [{AECDF6E5-D80E-483C-AE92-5E6FE51F5ACC}] => (Allow) D:\Programme\Steam\steamapps\common\Through The Darkest of Times\TtDoT.exe () [Datei ist nicht signiert]
FirewallRules: [{8FE50CFC-2D1A-4C85-BBB8-05A630B11C70}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5861AC50-231B-405D-805B-CDDD086AA72C}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{B14A8D68-FB07-42B5-9602-ED92E6342A37}C:\program files\microsoft vs code\code.exe] => (Allow) C:\program files\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{27F195C0-FB49-4796-ACCE-FBE526D1AC91}C:\program files\microsoft vs code\code.exe] => (Allow) C:\program files\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{489C0631-7A15-4846-A135-CD4558094B62}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [UDP Query User{59CFC5A4-5C52-4D56-912C-7CF7CAAF5EA3}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [TCP Query User{F88DD973-F9FD-4B37-9AE2-212D0FD74390}C:\users\**User**\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\**User**\appdata\local\temp\_istmp1.dir\_ins5576._mp => Keine Datei
FirewallRules: [UDP Query User{5AA5DD39-FB8C-4924-A581-C199316228EF}C:\users\**User**\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\**User**\appdata\local\temp\_istmp1.dir\_ins5576._mp => Keine Datei
FirewallRules: [TCP Query User{90E4F7CD-C926-4970-B5B5-35C4A669559A}D:\programme\fritzsetup\frifax32.exe] => (Allow) D:\programme\fritzsetup\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [UDP Query User{11A667B3-6004-40BC-ABAB-1AA322917874}D:\programme\fritzsetup\frifax32.exe] => (Allow) D:\programme\fritzsetup\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [TCP Query User{F883E9F6-5812-4B40-8135-1F9D2CE62290}D:\programme\virtualbox\virtualboxvm.exe] => (Allow) D:\programme\virtualbox\virtualboxvm.exe (Oracle Corporation -> Oracle Corporation)
FirewallRules: [UDP Query User{9E1BC818-7C3E-4A5F-A7EC-8DEA4928C3CE}D:\programme\virtualbox\virtualboxvm.exe] => (Allow) D:\programme\virtualbox\virtualboxvm.exe (Oracle Corporation -> Oracle Corporation)
FirewallRules: [{76D1DA8B-B8B4-434E-B921-D79681979111}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EFA3388C-9C89-4B65-91ED-6BF5D6F5708E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A04427A0-C235-422E-A820-5C6E8BD4D9E3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{883EA02A-5470-49B0-A08D-E9744ADE659E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E99B2705-6CAD-4EF7-A008-43D34B8F1045}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5485C3ED-A9E2-4F2E-A033-FF70AB640A98}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CBECDA05-6BF9-48FA-83C4-6B9D599C0C7B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DCA14C84-9DE9-4700-89A5-77EC1CD5BEDD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{E4E0C981-FE59-4FCE-9582-E270B881D925}D:\programme\fahclient\fahclient.exe] => (Allow) D:\programme\fahclient\fahclient.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B846B07B-1BFC-4DEA-98EB-21F4B9395189}D:\programme\fahclient\fahclient.exe] => (Allow) D:\programme\fahclient\fahclient.exe () [Datei ist nicht signiert]
FirewallRules: [{E10E5D72-67AD-4594-8253-89D2AA75CA53}] => (Allow) C:\Users\**User**\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AA55D8F9-7E86-4823-84B8-0377A6C3470E}] => (Allow) C:\Users\**User**\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{F4B01B55-CD43-425F-8707-98DC85F7AA5E}] => (Allow) C:\Users\**User**\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{96C547BE-0DA8-481E-BCB0-62C34C4454E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B8BCE890-12D3-459F-AD3B-B11AEE4DF09E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{19FCEC40-A349-4878-A0EE-3F6A7CB615B5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{54F1E365-202A-4024-92FB-A631D9049467}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D91115BD-BFCF-45D1-8B97-128B15663AB4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA8161E0-D8AA-42C4-B8B2-6AC881A36933}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0CAEAACC-CF6F-4587-9569-622C4EF4DAB1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FB9B2462-472B-41E7-B311-7DDCF93FA54D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6FACAE49-9B72-49E3-8054-BEF3EE288346}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C9BA7F4-3FB0-48D9-AF55-D68790066712}] => (Allow) D:\Programme\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) D:\Programme\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [TCP Query User{6F376C40-8079-4DED-A3E2-1E8B29A09BDD}D:\programme\netgearsmartcontrolcenter\sccd.exe] => (Allow) D:\programme\netgearsmartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [UDP Query User{F33A69EF-F871-4BF2-ABF1-A6A427B38CEA}D:\programme\netgearsmartcontrolcenter\sccd.exe] => (Allow) D:\programme\netgearsmartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [{F45D070B-4287-4526-852F-FCDE24BCA96F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C66003C-0331-47D4-BEF3-A38E2A463646}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8F366E92-E76E-4A8C-9C1D-3EAA9D829C7D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0EE0BA19-B1E9-46AE-BD8E-78C7C993656E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C9228793-FD0F-4270-A650-D7586B7ADC2C}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{409F7EEF-F4EE-4453-8092-EECECDC5FA49}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
==================== Wiederherstellungspunkte =========================
14-01-2021 23:26:21 Installed DB Browser for SQLite
15-01-2021 23:34:50 Removed IIS 10.0 Express
17-01-2021 01:13:34 Nach Software-Cleanup
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (01/17/2021 07:33:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6768,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/17/2021 01:43:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12900,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/17/2021 12:36:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15688,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/17/2021 10:49:16 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2908,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/17/2021 10:35:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21008,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/16/2021 10:33:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8784,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/16/2021 10:08:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18992,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/16/2021 06:37:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (748,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Systemfehler:
=============
Error: (01/17/2021 07:23:50 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "Microsoft.YourPhone_1.20122.119.0_x64__8wekyb3d8bbwe!App.AppXsagzrmexa2gweymvpa6me8rrqskf7vhp.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/17/2021 07:23:49 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "Microsoft.OneConnect_5.2011.3081.0_x64__8wekyb3d8bbwe!App.AppXzeahsx5s3cste50xzpwx72qzp2554y8z.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/17/2021 07:23:07 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/17/2021 07:23:07 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/17/2021 07:23:07 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/17/2021 07:23:07 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/16/2021 12:30:18 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Der Treiber hat einen internen Treiberfehler auf \Device\VBoxNetLwf gefunden.
Error: (01/16/2021 12:29:28 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
===================================
Date: 2021-01-16 22:20:43.385
Description:
D:\Programme\SumatraPDF\SumatraPDF.exe wurde durch den überwachten Ordnerzugriff daran gehindert, D:\Dokumente\KorrespondenzEtc\2021\ zu ändern.
Erkennungszeit: 2021-01-16T21:20:43.383Z
Benutzer: HAL\**User**
Pfad: D:\Dokumente\KorrespondenzEtc\2021\
Prozessname: D:\Programme\SumatraPDF\SumatraPDF.exe
Sicherheitsversion: 1.329.2302.0
Modulversion: 1.1.17700.4
Produktversion: 4.18.2011.6
Date: 2021-01-16 08:19:27.849
Description:
D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe wurde durch den überwachten Ordnerzugriff daran gehindert, D:\Dokumente\Adobe zu ändern.
Erkennungszeit: 2021-01-16T07:19:27.849Z
Benutzer: HAL\**User**
Pfad: D:\Dokumente\Adobe
Prozessname: D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe
Sicherheitsversion: 1.329.2251.0
Modulversion: 1.1.17700.4
Produktversion: 4.18.2011.6
Date: 2021-01-16 01:38:03.213
Description:
C:\Users\**User**\AppData\Local\Temp\is-HOADO.tmp\HeidiSQL_11.1.0.6116_Setup_Hash+VTChecked.tmp wurde durch den überwachten Ordnerzugriff daran gehindert, D:\Dokumente\HeidiSQL zu ändern.
Erkennungszeit: 2021-01-16T00:38:03.212Z
Benutzer: HAL\**User**
Pfad: D:\Dokumente\HeidiSQL
Prozessname: C:\Users\**User**\AppData\Local\Temp\is-HOADO.tmp\HeidiSQL_11.1.0.6116_Setup_Hash+VTChecked.tmp
Sicherheitsversion: 1.329.2251.0
Modulversion: 1.1.17700.4
Produktversion: 4.18.2011.6
Date: 2021-01-16 01:35:01.768
Description:
Der überwachte Ordnerzugriff hat C:\Windows\System32\svchost.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2021-01-16T00:35:01.768Z
Benutzer: NT-AUTORITÄT\SYSTEM
Pfad: \Device\HarddiskVolume1
Name des Prozesses: C:\Windows\System32\svchost.exe
Sicherheitsversion: 1.329.2251.0
Modulversion: 1.1.17700.4
Produktversion: 4.18.2011.6
Date: 2021-01-16 01:24:23.063
Description:
D:\Programme\Tipard PDF Converter Platinum\Tipard PDF Converter Platinum.exe wurde durch den überwachten Ordnerzugriff daran gehindert, D:\Dokumente\Tipard Studio zu ändern.
Erkennungszeit: 2021-01-16T00:24:23.062Z
Benutzer: HAL\**User**
Pfad: D:\Dokumente\Tipard Studio
Prozessname: D:\Programme\Tipard PDF Converter Platinum\Tipard PDF Converter Platinum.exe
Sicherheitsversion: 1.329.2251.0
Modulversion: 1.1.17700.4
Produktversion: 4.18.2011.6
CodeIntegrity:
===================================
Date: 2021-01-16 12:32:33.539
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Programme\Malwarebytes\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-16 12:32:33.042
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Programme\Malwarebytes\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-16 08:20:47.708
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Programme\Malwarebytes\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-16 08:20:45.974
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Programme\Malwarebytes\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-13 22:35:50.941
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-13 22:35:50.937
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-13 22:35:44.405
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-13 22:35:44.402
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 1102 11/16/2015
Hauptplatine: ASUSTeK COMPUTER INC. Z170 PRO GAMING
Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 24500.32 MB
Verfügbarer physikalischer RAM: 13604.38 MB
Summe virtueller Speicher: 28084.32 MB
Verfügbarer virtueller Speicher: 16712.05 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.3 GB) (Free:60.26 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:777.21 GB) NTFS
Drive q: () (Network) (Total:3.44 GB) (Free:0.77 GB)
Drive r: () (Network) (Total:3.44 GB) (Free:0.77 GB)
Drive t: (openHAB-share) (Network) (Total:96.74 GB) (Free:73 GB) NTFS
Drive u: (cometvisu) (Network) (Total:96.74 GB) (Free:73 GB) NTFS
Drive v: (Media) (Network) (Total:2015.73 GB) (Free:1632.15 GB) NTFS
Drive x: (Data_XChange) (Network) (Total:96.74 GB) (Free:73 GB) NTFS
Drive z: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
\\?\Volume{297e7a1d-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{297e7a1d-0000-0000-0000-40193a000000}\ () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{e8fcc8a4-3997-11eb-86f6-f832e4bc5f9c}\ () (Removable) (Total:0 GB) (Free:0 GB)
\\?\Volume{7f01132f-585c-11eb-86ff-f832e4bc5f9c}\ (Tresorit Drive) (Removable) (Total:505 GB) (Free:356.57 GB) exFAT
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 297E7A1D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=502 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 85A40634)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
|
|
17.01.2021, 20:46
| #6 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Vermeintliche Infektion mit "murofetweekly"Zitat:
Zitat:
__________________ --> Vermeintliche Infektion mit "murofetweekly" |
|
18.01.2021, 01:33
| #7 | ||
| |  Vermeintliche Infektion mit "murofetweekly" Hallo Cosinus, Zitat:
Das Ding ist "versteckt" - kann von mir in den Programmen und Funktionen gar nicht bearbeitet werden. Screenshot meiner Programme und Funktionen anbei. In Addition.txt. sind diese wohl mit "hidden" markiert: Code:
ATTFilter Lexware buchhalter 2020 (HKLM-x32\...\{C82189A3-82A2-4C14-A477-A8E9CA16CACE}) (Version: 25.05.00.0382 - Haufe-Lexware GmbH & Co.KG) Hidden
 Und falls der Einnahmenüberschuss-Rechner komisch wirkt: der ist auch beim der kleinsten Taxman-Version mit dabei. Aber offiziell: https://www.taxman.de/funktionen.html. Ich habe das Programmverzeichnis gesucht und eine exe gefunden, die was startet. Das gestartete Programm ist ausweislich als Version für Steuerprogramme konzipiert (siehe Screenshot anbei).  Ich hoffe, dass ich nicht schon zu tief in einer Schublade stecke  - der Rechner ist wirklich nicht gewerblich genutzt.Zitat:
Grüße, Alex |
|
18.01.2021, 01:45
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Vermeintliche Infektion mit "murofetweekly" Schon gut, ich hab dich genug gequält  Bitte mal Kontrollscans machen Kontrollscans mit MBAM und RK Wir sind fast fertig. Jetzt ist es an der Zeit für Kontrollscans mit Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
18.01.2021, 22:34
| #9 | |
| | Vermeintliche Infektion mit "murofetweekly"Zitat:
Code:
ATTFilter RogueKiller Anti-Malware V14.8.4.0 (x64) [Jan 13 2021] (Free) von Adlice Software Mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Betriebssystem : Windows 10 (10.0.19042) 64 bits Gestartet in : Normaler Modus Benutzer : **User** [Administrator] Gestartet von : C:\Users\**User**\Desktop\RogueKiller_portable64_VTChecked.exe Signaturen : 20210118_123403, Treiber : Geladen Modus : Standard-Scan, Scannen -- Datum : 2021/01/18 21:20:29 (Dauer : 00:14:26) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Prozesse ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Prozessmodule ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Dienste ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ >>>>>> XX - Software [PUP.Gen1 (Potenziell bösartig)] (X64) HKEY_USERS\.DEFAULT\Software\OCS -- N/A -> Gefunden [PUP.Gen1 (Potenziell bösartig)] (X64) HKEY_USERS\S-1-5-21-2974319683-333524289-2430525430-1001\Software\OCS -- N/A -> Gefunden [PUP.Gen1 (Potenziell bösartig)] (X64) HKEY_USERS\S-1-5-18\Software\OCS -- N/A -> Gefunden >>>>>> O87 - Firewall [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{5AA5DD39-FB8C-4924-A581-C199316228EF}C:\users\**User**\appdata\local\temp\_istmp1.dir\_ins5576._mp -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\**User**\appdata\local\temp\_istmp1.dir\_ins5576._mp|Name=_ins5576._mp|Desc=_ins5576._mp|Defer=User| (C:\users\**User**\appdata\local\temp\_istmp1.dir\_ins5576._mp) (missing) -> Gefunden [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{F88DD973-F9FD-4B37-9AE2-212D0FD74390}C:\users\**User**\appdata\local\temp\_istmp1.dir\_ins5576._mp -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\**User**\appdata\local\temp\_istmp1.dir\_ins5576._mp|Name=_ins5576._mp|Desc=_ins5576._mp|Defer=User| (C:\users\**User**\appdata\local\temp\_istmp1.dir\_ins5576._mp) (missing) -> Gefunden ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts-Datei ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Dateien ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Root.ZeroAccess (Bösartig)] (folder) L -- C:\$Recycle.Bin\S-1-5-21-2974319683-333524289-2430525430-1007\$R6K1PO4\cpan\sources\authors\id\L -> Gefunden ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Webbrowser ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ >>>>>> Firefox Config [PUM.SearchEngine (Potenziell bösartig)] browser.search.selectedEngine (C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\prefs.js) -- Bing® -> Gefunden [PUM.SearchEngine (Potenziell bösartig)] browser.search.defaultenginename (C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\prefs.js) -- Bing® -> Gefunden ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Anti-Rootkit : 0 (Driver: Geladen) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Code:
ATTFilter RogueKiller Anti-Malware V14.8.4.0 (x64) [Jan 13 2021] (Free) von Adlice Software Mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Betriebssystem : Windows 10 (10.0.19042) 64 bits Gestartet in : Normaler Modus Benutzer : **User** [Administrator] Gestartet von : C:\Users\**User**\Desktop\RogueKiller_portable64_VTChecked.exe Signaturen : 20210118_123403, Treiber : Geladen Modus : Standard-Scan, Löschen -- Datum : 2021/01/18 22:28:38 (Dauer : 00:14:26) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Löschen ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\.DEFAULT\Software\OCS -- -> Gelöscht [PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-21-2974319683-333524289-2430525430-1001\Software\OCS -- -> Gelöscht [PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-18\Software\OCS -- -> Gelöscht [Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{5AA5DD39-FB8C-4924-A581-C199316228EF}C:\users\**User**\appdata\local\temp\_istmp1.dir\_ins5576._mp -- [%localappdata%\temp\_istmp1.dir\_ins5576._mp] -> Gelöscht [Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{F88DD973-F9FD-4B37-9AE2-212D0FD74390}C:\users\**User**\appdata\local\temp\_istmp1.dir\_ins5576._mp -- [%localappdata%\temp\_istmp1.dir\_ins5576._mp] -> Gelöscht [Root.ZeroAccess (Bösartig)] L -- %SystemDrive%\$Recycle.Bin\S-1-5-21-2974319683-333524289-2430525430-1007\$R6K1PO4\cpan\sources\authors\id\L -> Gelöscht => CHECKSUMS -- C:\$Recycle.Bin\S-1-5-~3\$R6K1PO4\cpan\sources\authors\id\L\LD\LDS\CHECKS~1 -> Gelöscht => Devel-Cycle-1.12.tar.gz -- C:\$Recycle.Bin\S-1-5-~3\$R6K1PO4\cpan\sources\authors\id\L\LD\LDS\DEVEL-~1.GZ -> Gelöscht => LDS -- C:\$Recycle.Bin\S-1-5-~3\$R6K1PO4\cpan\sources\authors\id\L\LD\LDS -> Gelöscht => LD -- C:\$Recycle.Bin\S-1-5-~3\$R6K1PO4\cpan\sources\authors\id\L\LD -> Gelöscht => CHECKSUMS -- C:\$Recycle.Bin\S-1-5-~3\$R6K1PO4\cpan\sources\authors\id\L\LE\LEONT\CHECKS~1 -> Gelöscht => File-Slurper-0.008.tar.gz -- C:\$Recycle.Bin\S-1-5-~3\$R6K1PO4\cpan\sources\authors\id\L\LE\LEONT\FILE-S~1.GZ -> Gelöscht => LEONT -- C:\$Recycle.Bin\S-1-5-~3\$R6K1PO4\cpan\sources\authors\id\L\LE\LEONT -> Gelöscht => LE -- C:\$Recycle.Bin\S-1-5-~3\$R6K1PO4\cpan\sources\authors\id\L\LE -> Gelöscht [PUM.SearchEngine (Potenziell bösartig)] browser.search.selectedEngine -- Bing® -> Gelöscht [PUM.SearchEngine (Potenziell bösartig)] browser.search.defaultenginename -- Bing® -> Gelöscht Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 18.01.21
Scan-Zeit: 20:53
Protokolldatei: cc69b796-59c6-11eb-85bb-f832e4bc5f9c.json
-Softwaredaten-
Version: 4.3.0.98
Komponentenversion: 1.0.1130
Version des Aktualisierungspakets: 1.0.35929
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19041.746)
CPU: x64
Dateisystem: NTFS
Benutzer: HAL\**User**
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 460413
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 19 Min., 54 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Grüße, Alex |
|
18.01.2021, 22:42
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Vermeintliche Infektion mit "murofetweekly"Zitat:
Ich denke du solltest die Kiste komplett neu installieren. Die ist ja eh zugemüllt ohne Ende.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.01.2021, 00:34
| #11 | ||
| | Vermeintliche Infektion mit "murofetweekly"Zitat:
Zitat:
Ich war mal so frech und habe versucht den Scanner zu überlisten. Denn: er hat zwei tar.gz Archive in Perl CPAN Archiv moniert... Das kam mir komisch vor. Die 2 beanstandeten Dateien habe ich mir mal von cpan runtergeladen.Erster Versuch: im Download Ordner lassen - Scanner nochmal laufen lassen --> Keine Meldung Zweiter Versuch: manuel (mkdir) die gleiche Ordnerstruktur herstellen wie bei der ersten Meldung und dort die beiden Dateien ablegen --> Meldung  Dritter Versuch: RKill --> Keine Meldung Der RogueKiller-Scanner scheint laut Meldung auch eher den Ordner selbst als die Dateien zu monieren (also eher ein Indiz als der Täter?)... Hmmm.... Ich nehme mal an, dass der Scanner Heuristiken nutzt. Und aufgrund des Alters des Schädlings hätte doch entweder Windows Defender oder Malewarebytes den auch finden müssen.... Danke. Grüße, Alex |
|
19.01.2021, 09:00
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Vermeintliche Infektion mit "murofetweekly" Hm. Für ZeroAccess war es aber typisch, dass der sich in %SystemDrive%\$Recycle.Bin eingenistet hat. Bitte neue FRST-Logs posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.01.2021, 19:48
| #13 | |
| | Vermeintliche Infektion mit "murofetweekly"Zitat:
Zu den Logs: ich habe gestern ein paar Programme aktualisiert (u.a. PuTTY, VeraCrypt, WinSCP). Danke. Grüße, Alex FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19-01-2021
durchgeführt von **User** (Administrator) auf HAL (19-01-2021 19:00:55)
Gestartet von C:\Users\**User**\Desktop
Geladene Profile: **User**
Platform: Windows 10 Home Version 20H2 19042.746 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\FahCore_22.exe
() [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit-avx-256\a7-0.0.19\Core_a7.fah\FahCore_a7.exe
() [Datei ist nicht signiert] D:\Programme\FAHClient\FAHClient.exe
() [Datei ist nicht signiert] D:\Programme\FAHClient\FAHCoreWrapper.exe <2>
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Inc. -> Adobe) D:\Programme\AdobePSE2021\Elements 2021 Organizer\dynamiclinkmanager.exe
(Adobe Inc. -> Adobe) D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe
(CyberLink Corp. -> cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG) D:\Programme\AusweisApp2\AusweisApp2.exe
(Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.740_none_e752aa59261f271f\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <13>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/) D:\Programme\TortoiseGit\bin\TGitCache.exe
(QNAP Systems, Inc. -> QNAP Systems, Inc.) C:\Program Files (x86)\QNAP\Qsync\Qsync.exe
(QNAP Systems, Inc. -> QNAP) C:\Program Files\QNAP\QVR Pro Client\QVRProAgent.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Tresorit Kft. -> Tresorit) C:\Users\**User**\AppData\Local\Tresorit\v0.8\Tresorit.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [571192 2014-08-14] (Acronis International GmbH -> Acronis)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8495320 2015-06-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobePSE19AutoAnalyzer] => D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe [2653808 2020-08-27] (Adobe Inc. -> Adobe)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (CyberLink Corp. -> cyberlink)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5356288 2015-07-24] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [693336 2015-07-20] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [612304 2019-11-18] (NIKON CORPORATION -> Nikon Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3137728 2021-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [404200 2019-10-01] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Qsync] => C:\Program Files (x86)\QNAP\Qsync\Qsync.exe [76201784 2020-10-26] (QNAP Systems, Inc. -> QNAP Systems, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-12-14] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-12-14] (Adobe Inc. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [Tresorit] => C:\Users\**User**\AppData\Local\Tresorit\v0.8\Tresorit.exe [32839824 2021-01-15] (Tresorit Kft. -> Tresorit)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [Fences] => c:\program files (x86)\stardock\fences\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [KeePass Password Safe 2] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3137728 2021-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [AusweisApp2] => D:\Programme\AusweisApp2\AusweisApp2.exe [2405504 2020-11-30] (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [Steam] => D:\Programme\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Run: [LexwareTransferManager] => D:\Programme\LexwareBuchhalter2020\LexwareTransferManager.exe [197352 2019-10-01] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series XPS: C:\Windows\System32\CNMXLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\FRITZ!fax Color Port Monitor: C:\Windows\System32\FritzColorPort64.dll [20480 2006-02-23] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\FRITZ!fax Port Monitor: C:\Windows\System32\FritzPort64.dll [20480 2006-02-22] () [Datei ist nicht signiert]
HKLM\...\Print\Monitors\IppMon: C:\Windows\System32\IPPMon.dll [251392 2018-04-12] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\KM Language Monitor: C:\Windows\System32\KMPJL64.DLL [80384 2013-04-08] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Finanzmanager 2020 Zahlungserinnerung.lnk [2021-01-17]
ShortcutTarget: Finanzmanager 2020 Zahlungserinnerung.lnk -> C:\Windows\Installer\{5B16F1F5-E232-4189-ABF1-3F7555CAE778}\billmind.exe (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk [2020-12-06]
ShortcutTarget: Folding@home.lnk -> D:\Programme\FAHClient\HideConsole.exe () [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-12-29]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) [Datei ist nicht signiert]
Startup: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2019-02-03]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pageant.lnk [2015-12-30]
ShortcutTarget: Pageant.lnk -> (Keine Datei)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05346278-5C82-475D-9773-BAE8A9165931} - System32\Tasks\ASUS\ASUS Media Streamer DMR => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe [304952 2015-05-12] (ASUSTeK Computer Inc. -> )
Task: {0DE025B9-51D6-4C5A-BF59-164D08A75841} - System32\Tasks\Finanzmanager\Umsatzabruf Finanzmanager für Datei 4c6e2c38-0044d3b4-2a34-439a-6f9b-abcd => D:\Programme\Finanzmanager2020\QW.EXE [26283240 2020-04-09] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) -> "D:\Programme\LW_FinanzMgr2020\QDATA.QDF" /S /X
Task: {0FE28C34-90D4-44EE-BDDA-0373A389084F} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {12F64776-F064-42DB-ACEE-1B2DED1BF87F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {136EAEC8-241D-4A5E-B25E-F5A785C535D8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {18CC0F66-3D34-4A64-9213-DF3ED8A80ED3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E9F70CC-B510-487F-BB45-57123CDA127A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {2824463D-5024-40F1-B7A2-ACF4EE3262F6} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1459152 2015-09-10] (ASUSTeK Computer Inc. -> )
Task: {284C5087-4CC7-4A07-AF43-F82DD9CA44CE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2A07D1C0-F4A9-4B8E-AB1B-A30C26C0546C} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4331288 2015-06-04] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {2DF20549-A11F-4B35-81BC-04BD64FEB16C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30C7D8C8-BE82-4CA2-B573-5D04DFAB3EB6} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe [139932 2020-10-04] (The Git Development Community) [Datei ist nicht signiert]
Task: {544431D7-276F-482C-9C54-D9B95FB0A98F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56B262BE-C7BD-4DC2-B0C7-420FF8105C7E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {60FC2054-E42F-4698-B528-4CB9064BB1FD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {672E100C-1B3D-4406-8C58-14E81CDB6DE9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {69493FB9-621A-466F-A50A-C3FAC16728CA} - System32\Tasks\AdobeAAMUpdater-1.0-HAL-**User** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7290A6B1-F870-49DF-B216-CC21A730A390} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8041727F-8733-4163-B930-80ED4654C5A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C0129A7-6B52-4D9D-9422-3071AE12CD3E} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [3646264 2014-05-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {8EC87098-A10D-4EEB-8A7A-98F184363181} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-19] (Google Inc -> Google Inc.)
Task: {A26E7D5A-70B3-46B9-96FA-D372738F5F39} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {BCE42211-7A28-4169-AD61-56AD99CEC3C4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF7CEA7C-939F-4009-83CC-07194A98F33C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C799DA39-1508-465C-B30C-2BEE4CC88D9A} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1871800 2015-08-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {C856EB2C-BE2D-4B8A-BDD7-B8E2C0D8DBB7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8807819-C01C-48B9-86E9-55BAFAED1561} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-19] (Google Inc -> Google Inc.)
Task: {D528A7E4-0238-4C8E-AD4A-CF8E37CDCF39} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1275672 2015-06-30] (ASUSTeK Computer Inc. -> )
Task: {DC6D2540-17FA-47E6-ABA1-8974BFB97CBE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEA4B3DC-E851-4FF6-BBA2-E72652F79AA9} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {DFBDBE55-3B43-4915-9787-A851924F664D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {E17D15C7-BFBD-4C81-BB36-96E4DBFA33A8} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "https://www.roboform.com/uninstall.html?aaa=KICMMMLJOMOMJJLJNJKMCNMJJMJMJMCNLMOMPMIMCNGMOJHMMJCNKJIMJJJJOJNJKJKMLMLMJMLJJNJICMHMCNKMCNMMFMOMOMCNMMLMKMCNOMIMOMMMLMFMPMCNPMCNOMIMOMMMLMCNNMJNPICMOMFMFMNMJMGMPMJNHICMMJBJKJLIMJJNBJCMNLKJHJNIGJBJIJMIJNKJCMJNNICMJNDJCMLJKJJNMJCMPMFMPMFMPMJNFICMNIJJIIGJPIKJAJKILIBNKJHIKJ"
Task: {F40045BA-4AFC-4662-AB57-84DF336C882C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8CF59B1-E464-450E-9525-79ABE2764E40} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD1AAE5A-5DEE-488B-B689-23D834FCC4D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 127.0.0.1 drive.tresorit.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.13
Tcpip\..\Interfaces\{9ded46ae-805c-434a-9125-0bcc662dc150}: [DhcpNameServer] 192.168.178.13
Edge:
=======
DownloadDir: C:\Users\**User**\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2974319683-333524289-2430525430-1001 -> hxxps://www.rollende-gemuesekiste.de/
Edge DefaultProfile: Default
Edge Profile: C:\Users\**User**\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-18]
Edge DownloadDir: C:\Users\**User**\Downloads
Edge HomePage: Default -> hxxps://www.rollende-gemuesekiste.de/
FireFox:
========
FF DefaultProfile: qmo1pr9p.default
FF ProfilePath: C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default [2021-01-19]
FF NewTab: Mozilla\Firefox\Profiles\qmo1pr9p.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\qmo1pr9p.default -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\qmo1pr9p.default -> hxxps://web.threema.ch; hxxps://community.openhab.org; hxxps://login.schulmanager-online.de; hxxps://www.roboter-forum.com
FF Extension: (ADB Helper) - C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\Extensions\adbhelper@mozilla.org.xpi [2018-08-08] []
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-01-11]
FF Extension: (Kee - Password Manager) - C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\Extensions\keefox@chris.tomlinson.xpi [2020-11-24]
FF Extension: (uBlock Origin) - C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\Extensions\uBlock0@raymondhill.net.xpi [2021-01-17]
FF Extension: (Firefox Carbon) - C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\Extensions\{155bf27e-5389-49ee-bda7-b7a91631b899}.xpi [2019-05-13]
FF Extension: (rss.html) - C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\Extensions\{332b9ecd-d35a-41b4-b633-d19adfaec462}.xpi [2020-03-28]
FF Extension: (Ein neues Skript erstellen) - C:\Users\**User**\AppData\Roaming\Mozilla\Firefox\Profiles\qmo1pr9p.default\Extensions\{aecec67f-0d10-4fa7-b7c7-609a2db280cf}.xpi [2020-12-15]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-12-14] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-12-14] (Adobe Inc. -> Adobe Systems)
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264472 2014-08-14] (Acronis International GmbH -> Acronis)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-12-14] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4029432 2015-12-29] (Acronis International GmbH -> Acronis)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-05-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe [397592 2015-07-02] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960904 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink Corp. -> CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [66280 2019-10-02] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
S3 MBAMService; D:\Programme\Malwarebytes\MBAMService.exe [7456464 2021-01-13] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$KNXETS4; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 QvrProAgent; C:\Program Files\QNAP\QVR Pro Client\QVRProAgent.exe [220472 2019-12-10] (QNAP Systems, Inc. -> QNAP)
S4 SQLAgent$KNXETS4; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.KNXETS4\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [6857752 2014-09-13] (Acronis International GmbH -> Acronis)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; D:\Programme\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [43064 2015-06-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R1 cbfs20; C:\WINDOWS\System32\drivers\cbfs20.sys [419872 2020-09-08] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2015-12-29] (Disc Soft Ltd -> Disc Soft Ltd)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [296736 2015-12-29] (Acronis International GmbH -> Acronis International GmbH)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] (Giga-Byte Technology -> )
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-13] (Malwarebytes Inc -> Malwarebytes)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [1058632 2015-12-29] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [248648 2015-12-29] (Acronis International GmbH -> Acronis International GmbH)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174536 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [831616 2021-01-18] (IDRIX SARL -> IDRIX)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-19 19:00 - 2021-01-19 19:02 - 000037786 _____ C:\Users\**User**\Desktop\FRST.txt
2021-01-19 19:00 - 2021-01-19 19:00 - 002295808 _____ (Farbar) C:\Users\**User**\Desktop\FRST64_210113.exe
2021-01-19 19:00 - 2021-01-19 19:00 - 000000000 ____D C:\Users\**User**\Desktop\FRST-OlderVersion
2021-01-19 00:29 - 2021-01-19 00:29 - 000001960 _____ C:\Users\**User**\Desktop\Rkill.txt
2021-01-18 22:53 - 2021-01-18 22:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
2021-01-18 22:53 - 2021-01-18 22:53 - 000000000 ____D C:\Program Files\PuTTY
2021-01-18 22:42 - 2021-01-18 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-01-18 21:19 - 2021-01-18 21:34 - 000000000 ____D C:\ProgramData\RogueKiller
2021-01-18 08:07 - 2021-01-18 08:07 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ed1f1e8f762e
2021-01-18 01:37 - 2021-01-18 01:38 - 000000000 ____D C:\Users\**User**\Desktop\Srt
2021-01-18 00:13 - 2021-01-18 00:13 - 000000000 ____D C:\Users\**User**\AppData\Local\LxMobJobs
2021-01-17 23:26 - 2021-01-18 22:54 - 001834288 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-17 23:26 - 2021-01-17 23:26 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-01-17 23:25 - 2021-01-17 23:25 - 000000020 ___SH C:\Users\**User**\ntuser.ini
2021-01-17 23:24 - 2021-01-18 22:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-17 23:24 - 2021-01-18 08:07 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-17 23:24 - 2021-01-17 23:24 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-01-17 23:24 - 2021-01-17 23:24 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-01-17 23:24 - 2021-01-17 23:24 - 000003708 _____ C:\WINDOWS\system32\Tasks\Open URL by RoboForm
2021-01-17 23:24 - 2021-01-17 23:24 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-17 23:24 - 2021-01-17 23:24 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-17 23:24 - 2021-01-17 23:24 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-17 23:24 - 2021-01-17 23:24 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-17 23:24 - 2021-01-17 23:24 - 000003176 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-17 23:24 - 2021-01-17 23:24 - 000003140 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-17 23:24 - 2021-01-17 23:24 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-17 23:24 - 2021-01-17 23:24 - 000002956 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-17 23:24 - 2021-01-17 23:24 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-17 23:24 - 2021-01-17 23:24 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2974319683-333524289-2430525430-1001
2021-01-17 23:24 - 2021-01-17 23:24 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2974319683-333524289-2430525430-1007
2021-01-17 23:24 - 2021-01-17 23:24 - 000002838 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-17 23:24 - 2021-01-17 23:24 - 000002804 _____ C:\WINDOWS\system32\Tasks\Git for Windows Updater
2021-01-17 23:24 - 2021-01-17 23:24 - 000002754 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-HAL-**User**
2021-01-17 23:24 - 2021-01-17 23:24 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-17 23:24 - 2021-01-17 23:24 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-01-17 23:24 - 2021-01-17 23:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-17 23:24 - 2021-01-17 23:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Finanzmanager
2021-01-17 23:24 - 2021-01-17 23:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2021-01-17 23:24 - 2021-01-17 23:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2021-01-17 23:16 - 2021-01-17 23:25 - 000000000 ____D C:\Users\**User**
2021-01-17 23:16 - 2021-01-17 23:19 - 000000000 ____D C:\Users\**Admin**
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**Admin**\Vorlagen
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**Admin**\Startmenü
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**Admin**\Netzwerkumgebung
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**Admin**\Lokale Einstellungen
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**Admin**\Eigene Dateien
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**Admin**\Druckumgebung
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**Admin**\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**Admin**\AppData\Local\Verlauf
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**Admin**\AppData\Local\Anwendungsdaten
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**Admin**\Anwendungsdaten
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**User**\Vorlagen
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**User**\Startmenü
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**User**\Netzwerkumgebung
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**User**\Lokale Einstellungen
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**User**\Eigene Dateien
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**User**\Druckumgebung
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**User**\AppData\Local\Verlauf
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**User**\AppData\Local\Anwendungsdaten
2021-01-17 23:16 - 2021-01-17 23:16 - 000000000 _SHDL C:\Users\**User**\Anwendungsdaten
2021-01-17 23:16 - 2019-12-07 10:10 - 000001105 _____ C:\Users\**Admin**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-17 23:16 - 2019-12-07 10:10 - 000001105 _____ C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-17 23:15 - 2021-01-19 18:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-17 23:15 - 2021-01-18 22:46 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-17 23:15 - 2021-01-17 23:15 - 000530672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-17 23:14 - 2021-01-17 23:25 - 000000000 ____D C:\Windows.old
2021-01-17 23:06 - 2021-01-17 23:14 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-01-17 23:05 - 2021-01-17 23:06 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-01-17 23:05 - 2021-01-17 23:05 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-01-17 23:04 - 2021-01-17 23:04 - 000000000 ____D C:\ProgramData\ssh
2021-01-17 23:02 - 2021-01-17 23:02 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-01-17 23:02 - 2021-01-17 23:02 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-01-17 23:02 - 2021-01-17 23:02 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-17 23:02 - 2021-01-17 23:02 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-17 23:02 - 2021-01-17 23:02 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-17 23:02 - 2021-01-17 23:02 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-17 23:02 - 2021-01-17 23:02 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-17 23:02 - 2021-01-17 23:02 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-17 23:02 - 2021-01-17 23:02 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-17 23:02 - 2021-01-17 23:02 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-01-17 23:02 - 2021-01-17 23:02 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-17 23:02 - 2021-01-17 23:02 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-01-17 23:02 - 2021-01-17 23:02 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-17 23:02 - 2021-01-17 23:02 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-17 23:02 - 2021-01-17 23:02 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-17 23:02 - 2021-01-17 23:02 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-17 23:02 - 2021-01-17 23:02 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-17 23:02 - 2021-01-17 23:02 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-17 23:02 - 2021-01-17 23:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-17 23:02 - 2021-01-17 23:02 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-17 23:02 - 2021-01-17 23:02 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-17 23:02 - 2021-01-17 23:02 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-01-17 23:01 - 2021-01-17 23:01 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-01-17 23:01 - 2021-01-17 23:01 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-01-17 23:01 - 2021-01-17 23:01 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 001309504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-01-17 23:01 - 2021-01-17 23:01 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-17 23:01 - 2021-01-17 23:01 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-17 23:01 - 2021-01-17 23:01 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-17 23:01 - 2021-01-17 23:01 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-17 23:01 - 2021-01-17 23:01 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-17 23:01 - 2021-01-17 23:01 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-01-17 23:01 - 2021-01-17 23:01 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-17 23:01 - 2021-01-17 23:01 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-17 23:01 - 2021-01-17 23:01 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-01-17 23:01 - 2021-01-17 23:01 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-17 23:01 - 2021-01-17 23:01 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-17 23:01 - 2021-01-17 23:01 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-17 23:01 - 2021-01-17 23:01 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-17 23:01 - 2021-01-17 23:01 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-01-17 23:01 - 2021-01-17 23:01 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-01-17 23:01 - 2021-01-17 23:01 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-01-17 23:01 - 2021-01-17 23:01 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-01-17 23:01 - 2021-01-17 23:01 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-01-17 23:01 - 2021-01-17 23:01 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-01-17 23:01 - 2021-01-17 23:01 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-01-17 23:01 - 2021-01-17 23:01 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-01-17 23:01 - 2021-01-17 23:01 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-01-17 23:01 - 2021-01-17 23:01 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-17 23:01 - 2021-01-17 23:01 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-01-17 23:01 - 2021-01-17 23:01 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-01-17 22:58 - 2021-01-17 22:58 - 000417792 _____ C:\WINDOWS\system32\d3dconfig.exe
2021-01-17 22:58 - 2021-01-17 22:58 - 000374784 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe
2021-01-17 22:58 - 2021-01-17 22:58 - 000365056 _____ C:\WINDOWS\SysWOW64\d3dconfig.exe
2021-01-17 22:58 - 2021-01-17 22:58 - 000347136 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe
2021-01-17 22:58 - 2021-01-17 22:58 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-01-17 22:58 - 2021-01-17 22:58 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-01-17 22:56 - 2021-01-17 22:56 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-01-17 22:56 - 2021-01-17 22:56 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-01-17 22:56 - 2021-01-17 22:56 - 000000000 ____D C:\Program Files\MSBuild
2021-01-17 22:56 - 2021-01-17 22:56 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-01-17 22:56 - 2021-01-17 22:56 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-01-17 21:06 - 2021-01-17 21:06 - 000690051 _____ C:\Users\**User**\Downloads\Wochenplanarbeit für die Woche vom 18.01. - 22.01.2021.pdf
2021-01-17 21:05 - 2021-01-17 21:06 - 008960952 _____ C:\Users\**User**\Downloads\Arbeitsmaterial für Montag.pdf
2021-01-17 21:03 - 2021-01-17 21:03 - 000326896 _____ C:\Users\**User**\Downloads\Tagespläne 18.1. bis 22.1.21 groß und bunt.pdf
2021-01-17 20:58 - 2021-01-17 23:25 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-17 20:55 - 2021-01-17 20:55 - 000000000 ___HD C:\$WinREAgent
2021-01-17 19:23 - 2021-01-17 19:23 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Apple Computer
2021-01-17 19:23 - 2021-01-17 19:23 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Apple Computer
2021-01-16 12:16 - 2021-01-16 12:29 - 000000000 ____D C:\AdwCleaner
2021-01-16 11:16 - 2021-01-16 11:16 - 000000000 ____D C:\Users\**Admin**\AppData\LocalLow\Oracle
2021-01-16 11:14 - 2021-01-17 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-01-16 11:14 - 2021-01-16 11:14 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Sun
2021-01-16 11:13 - 2021-01-16 11:13 - 000000000 ____D C:\Users\**Admin**\AppData\LocalLow\Sun
2021-01-16 11:11 - 2021-01-16 11:11 - 000000840 _____ C:\Users\**Admin**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JOSM.lnk
2021-01-16 11:11 - 2021-01-16 11:11 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\JOSM
2021-01-16 11:10 - 2021-01-16 11:14 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-01-16 01:38 - 2021-01-17 23:18 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HeidiSQL
2021-01-16 01:36 - 2021-01-17 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Basic
2021-01-16 01:36 - 2021-01-16 01:36 - 000000000 ____D C:\Program Files\PDFsam Basic
2021-01-16 01:22 - 2021-01-16 01:22 - 000000802 _____ C:\Users\**Admin**\Desktop\SumatraPDF.lnk
2021-01-16 01:22 - 2021-01-16 01:22 - 000000802 _____ C:\Users\**Admin**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2021-01-16 01:22 - 2021-01-16 01:22 - 000000802 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2021-01-16 01:22 - 2021-01-16 01:22 - 000000000 ____D C:\Users\**User**\AppData\Local\SumatraPDF
2021-01-16 01:10 - 2018-03-14 14:05 - 000058816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-01-16 01:10 - 2017-12-15 03:03 - 000059240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2021-01-16 00:59 - 2021-01-16 01:29 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Visual Studio Setup
2021-01-16 00:59 - 2021-01-16 00:59 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\vstelemetry
2021-01-16 00:59 - 2021-01-16 00:59 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Microsoft Visual Studio
2021-01-16 00:59 - 2021-01-16 00:59 - 000000000 ____D C:\Users\**Admin**\AppData\Local\ServiceHub
2021-01-16 00:56 - 2021-01-16 00:56 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Microsoft_Corporation
2021-01-16 00:13 - 2021-01-16 00:13 - 000000000 ____D C:\Users\**User**\AppData\Roaming\SmartControlCenter.B3C165F3B13910B3FE57B6A8F7FCD1A5FFD8D5C2.1
2021-01-16 00:10 - 2021-01-16 00:10 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Downloaded Installations
2021-01-15 23:41 - 2021-01-17 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2021-01-15 23:41 - 2021-01-15 23:41 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\IrfanView
2021-01-15 23:27 - 2021-01-17 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind
2021-01-15 23:15 - 2021-01-15 23:15 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\EAC
2021-01-15 23:15 - 2021-01-15 23:15 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\AccurateRip
2021-01-15 23:10 - 2021-01-17 23:18 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2021-01-15 23:10 - 2021-01-15 23:10 - 000000392 _____ C:\Users\**Admin**\Desktop\DiskInternals Research.lnk
2021-01-15 12:30 - 2021-01-17 19:23 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\KeePass
2021-01-15 12:24 - 2021-01-17 19:23 - 000000000 ____D C:\Users\**Admin**\AppData\Local\KeePass
2021-01-15 12:12 - 2021-01-15 12:12 - 000000708 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-01-15 12:08 - 2021-01-17 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2021-01-15 12:06 - 2021-01-15 12:06 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Aiseesoft Studio
2021-01-15 11:57 - 2021-01-15 11:57 - 000000040 ____H C:\CFDBF1C16CA3
2021-01-14 23:26 - 2021-01-14 23:26 - 000001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DB Browser (SQLCipher).lnk
2021-01-14 23:26 - 2021-01-14 23:26 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DB Browser (SQLite).lnk
2021-01-13 22:18 - 2021-01-13 23:03 - 000000000 ____D C:\Users\**Admin**\AppData\Local\TortoiseGit
2021-01-13 22:17 - 2021-01-13 22:18 - 241147480 _____ (The GIMP Team ) C:\Users\**Admin**\Downloads\gimp-2.10.22-setup.exe
2021-01-13 22:14 - 2021-01-13 22:14 - 000000000 ____D C:\Users\**Admin**\AppData\Local\mbam
2021-01-13 22:10 - 2021-01-19 19:01 - 000000000 ____D C:\FRST
2021-01-13 21:42 - 2021-01-13 21:42 - 000000000 ____D C:\Users\**Admin**\AppData\LocalLow\Adobe
2021-01-13 21:38 - 2021-01-13 22:11 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Notepad++
2021-01-13 21:38 - 2021-01-13 21:38 - 000000000 ____D C:\Users\**Admin**\AppData\Local\PlaceholderTileLogoFolder
2021-01-13 21:32 - 2021-01-13 21:32 - 000000000 ___RD C:\Users\**Admin**\OneDrive
2021-01-13 21:32 - 2021-01-13 21:32 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Comms
2021-01-13 21:30 - 2021-01-13 21:30 - 000002099 _____ C:\Users\**Admin**\Desktop\Anpassen Fences.lnk
2021-01-13 21:30 - 2021-01-13 21:30 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Stardock
2021-01-13 21:30 - 2021-01-13 21:30 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Stardock
2021-01-13 21:22 - 2021-01-13 21:22 - 000000782 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-13 21:22 - 2021-01-13 21:22 - 000000000 ____D C:\Users\**User**\AppData\Local\mbam
2021-01-13 21:21 - 2021-01-13 21:21 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-13 21:21 - 2021-01-13 21:21 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-13 21:21 - 2021-01-13 21:21 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-13 21:21 - 2021-01-13 21:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-13 21:20 - 2020-10-05 14:05 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-13 21:20 - 2020-10-05 14:05 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-13 21:20 - 2020-10-05 14:05 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-13 21:20 - 2020-10-05 14:05 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-13 21:20 - 2020-10-05 14:05 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-13 21:20 - 2020-10-05 14:05 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-13 21:20 - 2020-10-05 14:05 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-13 21:20 - 2020-10-05 14:05 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-13 21:20 - 2020-10-05 14:05 - 000455408 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-13 21:20 - 2020-10-05 14:05 - 000351128 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 001690976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 001507224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 001161112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000673520 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000555248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-13 21:20 - 2020-10-05 14:03 - 000230720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-01-13 21:20 - 2020-10-05 14:03 - 000047424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 007707544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 006860184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 004174064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 002508528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 002098072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445671.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445671.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-13 21:20 - 2020-10-05 14:02 - 000657304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-13 21:20 - 2020-10-05 14:00 - 007001536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-13 21:20 - 2020-10-05 14:00 - 005972824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-13 21:20 - 2020-10-05 13:42 - 000058620 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-13 21:18 - 2021-01-15 11:59 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Adobe
2021-01-13 21:18 - 2021-01-13 21:33 - 000000000 ____D C:\Users\**Admin**\AppData\Local\D3DSCache
2021-01-13 21:18 - 2021-01-13 21:18 - 000001010 _____ C:\Users\**Admin**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elements Creations Notification 2021.lnk
2021-01-13 21:18 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Lexware
2021-01-13 21:18 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Greenshot
2021-01-13 21:18 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**Admin**\AppData\Local\QNAP
2021-01-13 21:18 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Greenshot
2021-01-13 21:17 - 2021-01-13 21:17 - 000000000 ____D C:\Users\**Admin**\AppData\Local\CEF
2021-01-13 21:16 - 2021-01-17 23:16 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Packages
2021-01-13 21:16 - 2021-01-17 19:23 - 000000000 ____D C:\Users\**Admin**\AppData\Local\TSVNCache
2021-01-13 21:16 - 2021-01-16 00:12 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Adobe
2021-01-13 21:16 - 2021-01-13 22:15 - 000000000 ____D C:\Users\**Admin**\AppData\Local\NVIDIA
2021-01-13 21:16 - 2021-01-13 21:18 - 000000000 ____D C:\Users\**Admin**\AppData\Local\NVIDIA Corporation
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ___RD C:\Users\**Admin**\3D Objects
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\TeamViewer
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Subversion
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Local\VirtualStore
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Local\TeamViewer
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Local\Publishers
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Local\ConnectedDevicesPlatform
2021-01-13 21:16 - 2021-01-13 21:16 - 000000000 ____D C:\Users\**Admin**\AppData\Local\AO Link
2021-01-13 21:16 - 2018-09-15 13:21 - 000002247 _____ C:\Users\**Admin**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive (1).lnk
2021-01-13 21:16 - 2016-09-24 20:14 - 000000000 ____D C:\Users\**Admin**\AppData\Roaming\Macromedia
2021-01-12 19:05 - 2021-01-12 19:05 - 003453874 _____ C:\Users\**User**\Downloads\Beispiel-Leserolle.pdf
2021-01-12 19:04 - 2021-01-12 19:04 - 002280455 _____ C:\Users\**User**\Downloads\Auftragskarten Leserolle.pdf
2021-01-10 09:34 - 2021-01-10 09:34 - 000655499 _____ C:\Users\**User**\Downloads\Wochenplanarbeit für die Woche vom 11.01. - 15.01.2021.pdf
2021-01-08 08:35 - 2021-01-16 08:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-01-08 08:33 - 2010-12-31 16:00 - 005594977 _____ C:\Users\**User**\Desktop\210108_Behandlungsvertraege-Kiefer-Juliane.pdf
2021-01-07 15:39 - 2021-01-07 15:39 - 000552031 _____ C:\Users\**User**\Downloads\Weihnachtsgruß.pdf
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-01-19 19:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-19 19:02 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-19 19:02 - 2017-06-06 22:38 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-19 19:01 - 2016-11-26 20:22 - 000000000 ____D C:\Users\**User**\AppData\LocalLow\Mozilla
2021-01-18 23:10 - 2015-12-29 23:13 - 000000000 ____D C:\Users\**User**\AppData\Local\CrashDumps
2021-01-18 22:59 - 2018-12-28 23:38 - 000000000 ____D C:\Users\**User**\AppData\Roaming\VeraCrypt
2021-01-18 22:59 - 2018-12-28 23:37 - 000831616 _____ (IDRIX) C:\WINDOWS\system32\Drivers\veracrypt.sys
2021-01-18 22:59 - 2018-12-28 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt
2021-01-18 22:56 - 2015-12-30 17:44 - 000001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2021-01-18 22:56 - 2015-12-30 17:44 - 000000128 _____ C:\Users\**User**\AppData\Roaming\winscp.rnd
2021-01-18 22:56 - 2015-12-30 17:44 - 000000000 ____D C:\Program Files (x86)\WinSCP
2021-01-18 22:55 - 2019-02-10 10:27 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-18 22:54 - 2019-12-07 15:50 - 000785596 _____ C:\WINDOWS\system32\perfh007.dat
2021-01-18 22:54 - 2019-12-07 15:50 - 000167710 _____ C:\WINDOWS\system32\perfc007.dat
2021-01-18 22:54 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-18 22:54 - 2015-12-31 00:22 - 000000128 _____ C:\Users\**User**\AppData\Local\PUTTY.RND
2021-01-18 22:52 - 2019-11-23 23:45 - 000000000 ____D C:\Users\**User**\AppData\Local\TortoiseGit
2021-01-18 22:47 - 2020-12-14 06:19 - 000000000 ___RD C:\Users\**User**\Creative Cloud Files
2021-01-18 22:47 - 2015-12-30 00:23 - 000000000 ____D C:\Users\**User**\AppData\Local\TSVNCache
2021-01-18 22:46 - 2018-03-01 21:45 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-18 22:46 - 2017-08-21 07:34 - 000147656 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
2021-01-18 22:45 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-18 22:40 - 2018-07-10 18:52 - 000000716 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-01-18 22:40 - 2015-12-30 00:04 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Notepad++
2021-01-18 20:13 - 2018-07-27 23:16 - 000000000 ____D C:\Users\**User**\AppData\Roaming\KeePass
2021-01-18 09:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-18 08:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-01-18 08:06 - 2017-12-23 23:17 - 000000000 ____D C:\Users\**User**\AppData\Local\PlaceholderTileLogoFolder
2021-01-18 01:42 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-18 01:40 - 2015-12-31 00:03 - 000459276 _____ C:\ProgramData\StreamingMediaTechnologyLog.txt
2021-01-18 00:21 - 2015-12-30 17:21 - 000000000 ____D C:\ProgramData\Lexware
2021-01-18 00:18 - 2015-12-30 17:19 - 000000000 ____D C:\Users\**User**\AppData\Local\Lexware
2021-01-18 00:06 - 2015-12-30 23:55 - 000000000 ____D C:\Users\**User**\AppData\Local\Adobe
2021-01-17 23:54 - 2015-12-29 08:57 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-17 23:53 - 2018-07-09 20:19 - 000000000 ____D C:\Users\**User**\AppData\Local\D3DSCache
2021-01-17 23:51 - 2018-02-10 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2021-01-17 23:41 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-17 23:41 - 2017-11-18 00:33 - 000000000 ____D C:\Users\**User**\AppData\Local\Packages
2021-01-17 23:25 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-17 23:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-17 23:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2021-01-17 23:25 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-01-17 23:25 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-17 23:25 - 2019-10-05 16:41 - 000000306 __RSH C:\ProgramData\ntuser.pol
2021-01-17 23:25 - 2018-06-25 21:40 - 000000000 ____D C:\ProgramData\Packages
2021-01-17 23:25 - 2017-11-18 09:59 - 000000000 ___RD C:\Users\**User**\3D Objects
2021-01-17 23:25 - 2015-12-29 08:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-17 23:24 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2021-01-17 23:24 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-17 23:24 - 2016-09-24 20:16 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-01-17 23:22 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2021-01-17 23:21 - 2020-06-14 12:37 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-17 23:18 - 2020-12-12 10:11 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-01-17 23:18 - 2020-05-28 21:05 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-17 23:18 - 2020-01-18 23:57 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\easyHDR 2
2021-01-17 23:18 - 2018-09-28 21:45 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2021-01-17 23:18 - 2018-05-09 23:44 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7
2021-01-17 23:18 - 2016-09-11 22:16 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin
2021-01-17 23:18 - 2016-08-01 21:49 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QEMU
2021-01-17 23:18 - 2015-12-30 00:05 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-17 23:16 - 2020-12-07 22:40 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2021-01-17 23:16 - 2017-06-06 22:38 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-01-17 23:16 - 2015-12-30 00:14 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Areca
2021-01-17 23:16 - 2015-12-30 00:05 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tresorit
2021-01-17 23:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-17 23:15 - 2017-06-06 22:38 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-17 23:14 - 2020-12-06 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folding@home
2021-01-17 23:14 - 2020-11-16 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEWE Fotowelt
2021-01-17 23:14 - 2020-10-24 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2021-01-17 23:14 - 2020-10-24 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2021-01-17 23:14 - 2020-10-04 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2021-01-17 23:14 - 2020-08-28 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Control Utility 2
2021-01-17 23:14 - 2020-08-28 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Transfer 2
2021-01-17 23:14 - 2020-08-28 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon
2021-01-17 23:14 - 2020-07-09 06:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-17 23:14 - 2020-05-28 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-17 23:14 - 2020-03-02 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2021-01-17 23:14 - 2020-01-18 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Horland Scan2Pdf 6
2021-01-17 23:14 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2021-01-17 23:14 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-01-17 23:14 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-01-17 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-17 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-01-17 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-17 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-01-17 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-01-17 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-17 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-01-17 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-17 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Help
2021-01-17 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-17 23:14 - 2019-11-23 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseGit
2021-01-17 23:14 - 2019-11-02 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
2021-01-17 23:14 - 2019-10-05 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2021-01-17 23:14 - 2019-09-14 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-01-17 23:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-01-17 23:14 - 2018-12-18 23:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aquila Technology
2021-01-17 23:14 - 2018-09-16 08:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoSetter
2021-01-17 23:14 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-01-17 23:14 - 2018-08-06 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX-i
2021-01-17 23:14 - 2018-08-02 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-01-17 23:14 - 2018-07-28 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2017.2.0f3 (64-bit)
2021-01-17 23:14 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2021-01-17 23:14 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2021-01-17 23:14 - 2018-03-26 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2021-01-17 23:14 - 2017-11-20 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2021-01-17 23:14 - 2017-11-15 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2021-01-17 23:14 - 2017-11-04 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-01-17 23:14 - 2017-10-11 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series
2021-01-17 23:14 - 2017-09-29 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2021-01-17 23:14 - 2017-07-31 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2021-01-17 23:14 - 2017-05-31 20:56 - 000000000 ____D C:\Program Files\UNP
2021-01-17 23:14 - 2016-11-30 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Müller Foto
2021-01-17 23:14 - 2016-11-05 22:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2021-01-17 23:14 - 2016-04-25 21:21 - 000000000 ____D C:\Program Files\IIS
2021-01-17 23:14 - 2016-04-18 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2021-01-17 23:14 - 2016-01-06 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNX
2021-01-17 23:14 - 2016-01-06 22:25 - 000000000 ____D C:\WINDOWS\SysWOW64\prompting
2021-01-17 23:14 - 2016-01-06 22:25 - 000000000 ____D C:\WINDOWS\SysWOW64\js
2021-01-17 23:14 - 2016-01-06 22:25 - 000000000 ____D C:\WINDOWS\SysWOW64\images
2021-01-17 23:14 - 2016-01-06 22:25 - 000000000 ____D C:\WINDOWS\SysWOW64\html
2021-01-17 23:14 - 2016-01-06 22:25 - 000000000 ____D C:\WINDOWS\SysWOW64\css
2021-01-17 23:14 - 2016-01-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2021-01-17 23:14 - 2016-01-06 22:24 - 000000000 ____D C:\WINDOWS\system32\1033
2021-01-17 23:14 - 2016-01-06 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2
2021-01-17 23:14 - 2016-01-02 00:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!
2021-01-17 23:14 - 2016-01-01 22:46 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2021-01-17 23:14 - 2015-12-30 23:58 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-01-17 23:14 - 2015-12-30 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge
2021-01-17 23:14 - 2015-12-30 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2
2021-01-17 23:14 - 2015-12-30 00:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2021-01-17 23:14 - 2015-12-30 00:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-17 23:14 - 2015-12-30 00:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2021-01-17 23:14 - 2015-12-29 10:17 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2021-01-17 23:14 - 2015-12-29 08:57 - 000000000 ____D C:\Program Files\Intel
2021-01-17 23:14 - 2015-10-30 08:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-01-17 23:06 - 2020-01-18 13:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
2021-01-17 23:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Resources
2021-01-17 23:06 - 2019-09-26 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
2021-01-17 23:06 - 2018-08-09 07:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QNAP
2021-01-17 23:06 - 2018-07-28 23:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2021-01-17 23:06 - 2018-06-02 12:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-01-17 23:06 - 2017-06-06 22:38 - 000000000 ____D C:\Program Files\Realtek
2021-01-17 23:06 - 2016-04-25 21:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2021-01-17 23:06 - 2016-01-06 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2021-01-17 23:06 - 2016-01-02 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2021-01-17 23:06 - 2015-12-29 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2021-01-17 23:06 - 2015-12-29 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2021-01-17 23:06 - 2015-12-29 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-01-17 23:04 - 2019-12-07 15:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-01-17 23:04 - 2019-12-07 15:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-01-17 23:04 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-17 23:04 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-01-17 23:04 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-17 23:04 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-01-17 22:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-01-17 22:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-01-17 22:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-01-17 22:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-01-17 22:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-01-17 22:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-01-17 22:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-01-17 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-01-17 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-01-17 22:53 - 2020-12-03 21:35 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Evernote
2021-01-17 19:28 - 2015-12-30 23:57 - 000000000 ____D C:\Program Files\Adobe
2021-01-17 19:26 - 2015-12-30 00:11 - 000000000 ____D C:\ProgramData\Adobe
2021-01-16 12:29 - 2015-12-30 17:39 - 000000000 ____D C:\Users\**User**\AppData\Local\Downloaded Installations
2021-01-16 08:18 - 2020-12-15 23:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-01-16 08:18 - 2018-03-26 20:18 - 000000000 ____D C:\Users\**User**\AppData\Local\Greenshot
2021-01-16 08:18 - 2017-06-06 22:38 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-16 08:18 - 2015-12-30 00:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-16 01:29 - 2019-08-08 21:21 - 000000000 ____D C:\Users\**User**\AppData\Roaming\VidCoder
2021-01-16 01:29 - 2018-07-28 23:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2021-01-16 01:29 - 2016-04-25 21:13 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2021-01-16 01:25 - 2016-01-06 22:24 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-01-16 01:23 - 2015-12-31 00:49 - 000000000 ____D C:\Users\**User**\AppData\Roaming\TS3Client
2021-01-16 01:19 - 2016-08-01 21:49 - 000000000 ____D C:\Program Files\qemu
2021-01-16 01:11 - 2017-06-06 22:38 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-01-16 01:09 - 2016-01-24 22:18 - 000000000 ____D C:\Program Files (x86)\MySQL
2021-01-16 01:08 - 2016-01-24 22:14 - 000000000 ____D C:\ProgramData\MySQL
2021-01-16 01:03 - 2015-12-30 23:46 - 000000000 ____D C:\ProgramData\tmp
2021-01-16 01:03 - 2015-12-30 23:44 - 000000000 ____D C:\Program Files\dm
2021-01-16 00:49 - 2015-12-30 00:11 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-01-16 00:46 - 2017-05-25 09:35 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Audacity
2021-01-15 23:48 - 2015-12-30 00:09 - 000000000 ____D C:\ProgramData\Oracle
2021-01-15 23:44 - 2017-06-03 23:58 - 000000000 ____D C:\Users\**User**\AppData\Roaming\vlc
2021-01-15 23:35 - 2016-04-25 21:21 - 000000000 ____D C:\Program Files (x86)\IIS Express
2021-01-15 23:30 - 2019-09-14 18:36 - 000000000 ____D C:\Program Files (x86)\Garmin
2021-01-15 23:28 - 2019-09-14 18:37 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Garmin
2021-01-15 23:27 - 2018-04-03 21:25 - 000000000 ____D C:\Users\**User**\.freemind
2021-01-15 23:17 - 2016-01-05 00:11 - 000000000 ____D C:\Program Files (x86)\EXIF Date Changer
2021-01-15 22:56 - 2016-01-02 00:12 - 000000000 ___HD C:\ProgramData\CanonIJScan
2021-01-15 22:56 - 2016-01-02 00:12 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Canon
2021-01-15 22:56 - 2016-01-01 22:46 - 000000000 ___HD C:\Program Files\CanonBJ
2021-01-15 22:53 - 2020-03-27 23:15 - 000000000 ____D C:\Users\**User**\AppData\Roaming\balena-etcher
2021-01-15 22:52 - 2015-12-30 00:14 - 000000000 ____D C:\Program Files (x86)\Areca
2021-01-15 12:42 - 2020-04-27 19:55 - 000000826 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk
2021-01-15 12:38 - 2016-04-18 22:19 - 000000000 ____D C:\Users\**User**\.android
2021-01-15 12:36 - 2016-04-18 22:17 - 000000000 ____D C:\Program Files\Android
2021-01-15 12:24 - 2018-07-27 23:11 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2021-01-15 12:24 - 2018-07-27 23:11 - 000000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2021-01-15 12:01 - 2015-12-30 17:45 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-01-15 11:57 - 2015-12-30 23:57 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-01-13 23:29 - 2015-12-29 00:05 - 000000000 ____D C:\Temp
2021-01-13 20:20 - 2015-12-29 22:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 20:15 - 2015-12-29 22:17 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-11 21:19 - 2018-04-25 20:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-09 01:39 - 2017-11-20 20:53 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Code
2020-12-22 11:02 - 2020-04-13 21:08 - 000000000 ____D C:\Users\**User**\AppData\Roaming\Kodi
2020-12-22 00:19 - 2017-11-20 20:52 - 000000000 ____D C:\Program Files\Microsoft VS Code
2020-12-21 17:01 - 2018-02-26 21:54 - 000000000 ____D C:\Users\**User**\AppData\Roaming\MusicBrainz
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-01-18 16:53 - 2020-04-27 22:10 - 000000004 _____ () C:\ProgramData\hscanpdfdata.dat
2016-09-11 22:23 - 2020-06-22 22:00 - 000000003 _____ () C:\Users\**User**\AppData\Roaming\.ptbt0
2015-12-30 17:58 - 2018-08-06 21:15 - 000000268 ___RH () C:\Users\**User**\AppData\Roaming\Piano Hard
2015-12-30 17:58 - 2018-08-06 21:15 - 000000268 ___RH () C:\Users\**User**\AppData\Roaming\Pianos and Keyboards
2015-12-30 17:44 - 2021-01-18 22:56 - 000000128 _____ () C:\Users\**User**\AppData\Roaming\winscp.rnd
2016-04-06 08:48 - 2020-12-08 21:55 - 000056832 _____ () C:\Users\**User**\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-28 18:38 - 2018-09-28 18:38 - 000000000 _____ () C:\Users\**User**\AppData\Local\oobelibMkey.log
2015-12-31 00:22 - 2021-01-18 22:54 - 000000128 _____ () C:\Users\**User**\AppData\Local\PUTTY.RND
2020-11-26 21:31 - 2020-11-26 21:31 - 000001581 _____ () C:\Users\**User**\AppData\Local\recently-used.xbel
2016-09-26 12:52 - 2019-09-14 23:14 - 000007643 _____ () C:\Users\**User**\AppData\Local\Resmon.ResmonCfg
2019-08-16 19:37 - 2019-08-16 19:37 - 000000000 _____ () C:\Users\**User**\AppData\Local\{65C4EF8C-5E9D-430F-BF5F-7A1BA5D322C3}
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
19.01.2021, 19:51
| #14 |
| | Vermeintliche Infektion mit "murofetweekly" Und Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19-01-2021
durchgeführt von **User** (19-01-2021 19:05:00)
Gestartet von C:\Users\**User**\Desktop
Windows 10 Home Version 20H2 19042.746 (X64) (2021-01-17 22:25:01)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2974319683-333524289-2430525430-500 - Administrator - Disabled)
**User** (S-1-5-21-2974319683-333524289-2430525430-1001 - Administrator - Enabled) => C:\Users\**User**
DefaultAccount (S-1-5-21-2974319683-333524289-2430525430-503 - Limited - Disabled)
**Admin** (S-1-5-21-2974319683-333524289-2430525430-1007 - Administrator - Enabled) => C:\Users\**Admin**
Gast (S-1-5-21-2974319683-333524289-2430525430-501 - Limited - Disabled)
**OtherUser** (S-1-5-21-2974319683-333524289-2430525430-1006 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2974319683-333524289-2430525430-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Acronis True Image 2015 (HKLM-x32\...\{12889D0E-B7E0-4504-9F6C-7B4F1FC03CE5}) (Version: 18.0.4061 - Acronis)
Active Directory Authentication Library for SQL Server (HKLM\...\{E646D196-A17B-4F14-BE7B-F774527FE5E0}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{44DC843A-C591-4064-BE1F-2BDC177AF50C}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.1.470 - Adobe Inc.)
Adobe Photoshop Elements 2021 (HKLM-x32\...\PSE_19_0) (Version: 19.0 - Adobe Inc.)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.26 - ASUSTeK Computer Inc.)
Aiseesoft Blu-ray Player 6.7.6 (HKLM-x32\...\{3E1A13C3-E458-4995-BEA6-4B9BE279D502}_is1) (Version: 6.7.6 - Aiseesoft Studio)
Amazon Kindle (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Amazon Kindle) (Version: 1.17.0.44170 - Amazon)
Android Studio (HKLM\...\Android Studio) (Version: 4.1 - Google LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
Asus Sonic Suite Plugins (HKLM-x32\...\{3843fc8e-e352-4238-be32-74ca38dd57a0}) (Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
AusweisApp2 (HKLM-x32\...\{F3E22721-7F7E-472F-BBBA-6B5572E15A58}) (Version: 1.22.0 - Governikus GmbH & Co. KG)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin)
balenaEtcher 1.5.101 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.101 - Balena Inc.)
balenaEtcher 1.5.80 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\{d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b}) (Version: 1.5.80 - Balena Inc.)
Behaviors SDK (Windows) for Visual Studio 2013 (HKLM-x32\...\{B2429EA1-767E-4947-A458-F2204A2AA1BB}) (Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{7DF6313D-1090-4964-8EB4-632DFA704CF8}) (Version: 5.6.0 - Kovid Goyal)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
CEWE Fotowelt (HKLM-x32\...\CEWE Fotowelt) (Version: 7.1.1 - CEWE Stiftung u Co. KGaA)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DB Browser for SQLite (HKLM\...\{EBC2E51F-67BE-4839-8215-2D3C1AD19D1A}) (Version: 3.12.0 - DB Browser for SQLite Team)
DDBAC (HKLM-x32\...\{686F2AC2-CC20-48E6-8CBC-7CE405F4E688}) (Version: 5.6.17.0 - B+S Banksysteme Aktiengesellschaft)
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 4.7 - DiskInternals Research)
easyHDR 2 (HKLM-x32\...\easyHDR_2) (Version: 2.30.6 - BRTKSOFT Bartlomiej Okonek)
Evernote 10.5.7 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.5.7 - Evernote Corporation)
Exact Audio Copy 1.6 (HKLM-x32\...\Exact Audio Copy) (Version: 1.6 - Andre Wiethoff)
ffdshow v1.3.4531 [2014-06-28] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4531.0 - )
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Folding@home (HKLM-x32\...\FAHClient) (Version: 7.6.21 - Folding@home.org)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
Garmin BaseCamp (HKLM-x32\...\{9b6e1420-2b69-4974-a25f-ba67399695fd}) (Version: 4.7.3.0 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{F71A87C2-FEF5-450A-A601-DCC1A9E23DAF}) (Version: 4.7.3.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{4e365b8d-ed6f-4316-a1b8-f8762eaed5a0}) (Version: 2.5.8 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{9644C9A2-DB70-40B2-9CD3-E025F9CD867D}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Hidden
GDR 4042 für SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
GeoSetter 3.5.3 (HKLM-x32\...\GeoSetter_is1) (Version: - Friedemann Schmidt)
GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.90.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.90.0000 - GIGABYTE Technology Co.,Ltd.)
Git version 2.28.0 (HKLM\...\Git_is1) (Version: 2.28.0 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\GitHubDesktop) (Version: 2.5.0 - GitHub, Inc.)
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.2.23 - The GnuPG Project)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GoToMeeting 10.15.0.19228 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\GoToMeeting) (Version: 10.15.0.19228 - LogMeIn, Inc.)
Gpg4win (3.1.13) (HKLM-x32\...\Gpg4win) (Version: 3.1.13 - The Gpg4win Project)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HashCheck Shell Extension (HKLM\...\HashCheck Shell Extension) (Version: 2.4.0.55 - )
HashTab 6.0.0.34 (HKLM\...\HashTab) (Version: 6.0.0.34 - Implbits Software)
HeidiSQL 11.1.0.6116 (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\HeidiSQL_is1) (Version: 11.1 - Ansgar Becker)
Horland's Scan2Pdf (HKLM-x32\...\Horlands Scan2Pdf 6_is1) (Version: 6.7.0.1 - Horland Software)
Hugin 2016.0.0 (HKLM-x32\...\Hugin) (Version: 2016.0.0 hg_3b4e2790cb90 - The Hugin Development Team)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6230EE50-BD4E-4B39-904D-3E7600053E08}) (Version: 6.2.1 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IrfanView 4.57 (64-bit) (HKLM\...\IrfanView64) (Version: 4.57 - Irfan Skiljan)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
JOSM 17428 (HKLM-x32\...\JOSM) (Version: 17428 - OpenStreetMap JOSM team)
KeePass Password Safe 2.47 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.47 - Dominik Reichl)
KNX eteC Falcon Runtime v2.1 (HKLM-x32\...\{9543BDC2-B910-4ED8-AD92-B8B92040245D}) (Version: 2.1.5431.49892 - KNX Association cvba) Hidden
KNX ETS4 (HKLM-x32\...\{A9F2E6BA-6756-4D8D-808E-671F4862EF2B}) (Version: 4.2.3884.50021 - KNX Association cvba) Hidden
KNX ETS4 (HKLM-x32\...\KNX ETS4) (Version: 4.2.3884.50021 - KNX Association cvba)
KNX ETS4 Additional Runtime (HKLM-x32\...\{B9681EB8-76E5-4022-AE84-F6B7CE464554}) (Version: 4.0.0.0 - KNX Association cvba) Hidden
Kodi (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Kodi) (Version: - XBMC Foundation)
Leawo Blu-ray Player Version 2.0.2.0 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 2.0.2.0 - Leawo Software)
Lexware buchhalter 2020 (HKLM-x32\...\{C82189A3-82A2-4C14-A477-A8E9CA16CACE}) (Version: 25.09.00.0434 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware EasyArchive 2020 (HKLM-x32\...\{6214A8D2-D034-4C64-891B-8B252DAE7EAF}) (Version: 4.00.00.0205 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Einnahmen-Überschuss-Rechner 2020 (HKLM-x32\...\{9ca1890b-4a01-46e4-b1b5-fd1d0aad4ebb}) (Version: 25.9.0.346 - Haufe-Lexware GmbH & Co. KG)
Lexware Elster 2020 (HKLM-x32\...\{03DE7F6B-41FF-43D2-91BB-2A1895388866}) (Version: 20.04.00.0376 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2020 (HKLM-x32\...\{9502e0b1-83d1-4d72-8a61-3f50175bce11}) (Version: 20.4.0.275 - Haufe-Lexware GmbH & Co. KG)
Lexware finanzmanager 2020 (HKLM-x32\...\{5B16F1F5-E232-4189-ABF1-3F7555CAE778}) (Version: 27.46.00.0278 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Finanzmanager 2020 (HKLM-x32\...\{a8542a34-6f29-4aa6-8a5b-e13878c06073}) (Version: 27.46.0.198 - Haufe-Lexware GmbH & Co.KG)
Lexware Finanzmanager Import Export Server 2020 (HKLM-x32\...\{B434B636-B83B-4A90-8DF8-6A25456A0D21}) (Version: 27.05.00.0190 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware FolderPermission 2019 (HKLM-x32\...\{1E662826-FBAB-43A8-A43F-09F0DD5FFF26}) (Version: 2.00.00.0131 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Info Service 2020 (HKLM-x32\...\{CB8E2157-1AD1-45DF-9B8E-3B215EF0F9AE}) (Version: 20.00.00.0121 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst 2020 (HKLM-x32\...\{5D1CF90A-BC7A-40B3-8A15-4802F1BF5B73}) (Version: 9.00.00.0111 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking 2020 (HKLM-x32\...\{C7AD95C7-7974-4674-81F4-B89E62FB97D1}) (Version: 27.00.00.0166 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5.5 (HKLM-x32\...\{851F57CD-8A05-4995-9BC7-3DF1BDABB38C}) (Version: 5.52.00.0226 - Haufe-Lexware GmbH & Co.KG) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Media Streamer (HKLM-x32\...\{B457E718-00CA-45C8-9F75-45D66F8DAFF6}) (Version: 3.00.13 - ASUSTeK Computer Inc.)
Microsoft .NET Core SDK - 2.1.202 (x64) (HKLM-x32\...\{06b884b0-4947-4439-859f-098e431012d6}) (Version: 2.1.202 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB RC0 (HKLM\...\{9CED5D08-5664-4668-A927-CD6C60C4175D}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects RC0 (HKLM-x32\...\{948B5F49-A57E-46B4-9F1E-145D7A9E66D7}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects RC0 (x64) (HKLM\...\{F6F8053F-D328-4ACA-93A1-A49E495899F2}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service RC0 (HKLM-x32\...\{1852BD30-570B-4E47-8752-461448E8E250}) (Version: 13.0.12000.52 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom RC0 (HKLM\...\{D9F55D00-A8AB-4518-A56E-D9D5E615542A}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60311.1) (HKLM-x32\...\{28292CA9-8D65-4E37-95A3-753EEB38F122}) (Version: 14.0.60311.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM\...\{495CC0B4-D4C3-4D87-8317-F66BA48C5552}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM-x32\...\{3A87F9F2-D65D-4BA9-8459-E5BBE31EA64D}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ Compiler Package for Python 2.7 (HKLM-x32\...\{692514A8-5484-45FC-B0AE-BE2DF7A75891}) (Version: 9.0.1.30729 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.52.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 de) (HKLM\...\Mozilla Firefox 84.0.2 (x64 de)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
Mozilla Thunderbird 78.6.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 78.6.1 (x86 de)) (Version: 78.6.1 - Mozilla)
Müller Foto (HKLM-x32\...\Müller Foto) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 2.5.1 - MusicBrainz)
NahimicSettingsConfigurator (HKLM\...\{81B881EA-2E90-4E70-8022-BA48D358586A}) (Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.4.1 - Nikon Corporation)
Nikon Transfer 2 (HKLM-x32\...\{757DBE04-3DC8-4741-B10B-4628745E96FE}) (Version: 2.13.5 - Nikon Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.16 (HKLM\...\{6BC7BBCE-9202-4698-B866-F02AACB838C7}) (Version: 6.1.16 - Oracle Corporation)
OSM generic routable (new style) (HKLM-x32\...\OSM generic routable (new style)) (Version: - )
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PDFsam Basic (HKLM\...\{5F69C3E1-65F3-4B53-99A1-AABF8E9FFBA6}) (Version: 4.2.1.0 - Sober Lemur S.a.s. di Vacondio Andrea)
Picture Control Utility 2 (HKLM\...\{C03DA72C-DE1F-4628-9CA0-53AFAE96C05F}) (Version: 2.4.5 - Nikon Corporation)
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT RC0 (HKLM-x32\...\{AB72EB1C-9CF4-4274-984D-5EDA8BF37A08}) (Version: 13.0.1100.286 - Microsoft Corporation)
PuTTY release 0.74 (64-bit) (HKLM\...\{127B996B-5308-4012-865B-9446451EA326}) (Version: 0.74.0.0 - Simon Tatham)
QNAP Qsync Client (HKLM-x32\...\Qsync) (Version: 4.5.1.1026 - QNAP Systems, Inc.)
QNAP QVR Pro Client (HKLM-x32\...\QNAPQVR Pro ClientX64) (Version: 1.3.0.19345 - QNAP Systems, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (HKLM-x32\...\{263EF873-F5D0-3134-A962-356C21A3510F}) (Version: 14.0.25126 - Microsoft Corporation) Hidden
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Sonic Studio Plugin (HKLM\...\{F55B1B94-3BFA-49D4-AE45-2ECE776BA815}) (Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
SourceTree (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\SourceTree) (Version: 3.3.8 - Atlassian)
Spotify (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\Spotify) (Version: 1.1.44.538.g8057de92 - Spotify AB)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stardock Fences 3 (HKLM-x32\...\Stardock Fences 3) (Version: 3.09 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk)
TAXMAN 2020 (HKLM-x32\...\{1342F8EA-0E9F-4CCB-81E8-74638BC0C757}) (Version: 25.38.89 - Haufe-Lexware GmbH & Co.KG)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
tiptoi® Manager 4.2 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.2 - Ravensburger AG)
TortoiseGit 2.11.0.0 (64 bit) (HKLM\...\{BC4EEE50-1DEA-4CED-A29E-078B39247EFA}) (Version: 2.11.0.0 - TortoiseGit)
TortoiseSVN 1.13.1.28686 (64 bit) (HKLM\...\{F7080EF1-BD21-483B-ACAE-E19FAA2DF458}) (Version: 1.13.28686 - TortoiseSVN)
Tresorit (HKLM-x32\...\{F91B7DAB-1466-4473-AADC-B95F6197E5F9}) (Version: 3.5.2528.1420 - Tresorit)
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{DD51688B-194A-4A10-83D8-40AD1D9954A1}) (Version: 1.8.30.0 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.24-Update7 - IDRIX)
ViewNX-i (HKLM\...\{C02E1F40-7EB2-4084-991B-EBFC7F586E26}) (Version: 1.4.2 - Nikon Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WakeOnLAN Version 2.12.2.0 (HKLM\...\{05DF342B-3E1A-4862-9E67-8E7E9839D3EC}_is1) (Version: 2.12.2.0 - Aquila Technology)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinMerge 2.16.8.0 x64 (HKLM\...\WinMerge_is1) (Version: 2.16.8.0 - Thingamahoochie Software)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinSCP 5.17 (HKLM-x32\...\winscp3_is1) (Version: 5.17 - Martin Prikryl)
Zoom (HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-12-14] (Adobe Systems Incorporated)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-06] (Canon Inc.)
Diagnostic Data Viewer -> C:\Program Files\WindowsApps\Microsoft.DiagnosticDataViewer_4.2007.3014.0_x64__8wekyb3d8bbwe [2021-01-18] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-20] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-17] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BAD45F}\localserver32 -> "C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe" -toastactivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32 -> D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2021}\localserver32 -> D:\Programme\AdobePSE2021\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E0F5B1336BD1} -> [Creative Cloud Files] => C:\Users\**User**\Creative Cloud Files [2020-12-14 06:19]
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{1B8DEAA1-E192-429B-89A7-89BD19183A67} -> [Tresorit Drive] => W:\0
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{57D0E8CF-2552-4B76-A5C4-B1E9D413FD14} -> [Qsync] => C:\Users\**User**\AppData\Local\QNAP\Qsync\Quick Access [2017-11-15 22:41]
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\**User**\AppData\Local\GoToMeeting\12023\G2MOutlookAddin64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{D6EB3938-8CBE-4CC5-8CFA-C89750619193} -> [Synchronisierte Tresore] => %USERPROFILE%\.tresorit\Tresors0
CustomCLSID: HKU\S-1-5-21-2974319683-333524289-2430525430-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
SSODL: CallbackTechMountNotificator-cbfs20 - {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99} - C:\WINDOWS\system32\cbfsShellHelper20.dll (Callback Technologies, Inc. -> Callback Technologies, Inc. - www.callback.com)
SSODL-x32: CallbackTechMountNotificator-cbfs20 - {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99} - C:\WINDOWS\SysWOW64\cbfsShellHelper20.dll (Callback Technologies, Inc. -> Callback Technologies, Inc. - www.callback.com)
ShellServiceObjects: Virtual Storage Mount Notification -> {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99} => C:\WINDOWS\system32\cbfsShellHelper20.dll [2020-09-08] (Callback Technologies, Inc. -> Callback Technologies, Inc. - www.callback.com)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99} => C:\WINDOWS\SysWOW64\cbfsShellHelper20.dll [2020-09-08] (Callback Technologies, Inc. -> Callback Technologies, Inc. - www.callback.com)
ShellIconOverlayIdentifiers: [ QsyncEx_Icon1] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ QsyncEx_Icon2] -> {E3FEB4FC-4836-4DC7-B6E6-200229DE3748} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ QsyncEx_Icon3] -> {5931A2EF-1745-4325-9AC8-2E569E0C7CF0} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ QsyncEx_Icon4] -> {9968E808-7FD7-43D3-9D03-724F975A6173} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programme\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Programme\Notepad++\NppShell_06.dll [2020-09-24] (Notepad++ -> )
ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers1-x32: [GeoSetterShellExt] -> {7506374C-A693-427B-8DDD-99DAFB79433D} => D:\Programme\GeoSetter\GeoSetterShellExt.dll [2019-10-29] (Friedemann Schmidt) [Datei ist nicht signiert]
ContextMenuHandlers1: [GeoSetterShellExt64] -> {A50BD5C6-4B18-44F3-8D6D-62DE89A969E9} => D:\Programme\GeoSetter\GeoSetterShellExt64.dll [2019-10-29] (Friedemann Schmidt) [Datei ist nicht signiert]
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => D:\Programme\Gpg4win\bin_64\gpgex.dll [2020-09-04] (g10 Code GmbH) [Datei ist nicht signiert]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ContextMenuHandlers1: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers1: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\Programme\WinMerge\ShellExtensionX64.dll [2020-07-20] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers2: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\Programme\WinMerge\ShellExtensionX64.dll [2020-07-20] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programme\Malwarebytes\mbshlext.dll [2021-01-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programme\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => D:\Programme\Gpg4win\bin_64\gpgex.dll [2020-09-04] (g10 Code GmbH) [Datei ist nicht signiert]
ContextMenuHandlers4: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ContextMenuHandlers4: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers4: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\Programme\WinMerge\ShellExtensionX64.dll [2020-07-20] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ContextMenuHandlers5: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers5: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => D:\Programme\WinMerge\ShellExtensionX64.dll [2020-07-20] (hxxp://winmerge.org) [Datei ist nicht signiert]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programme\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-14] (Adobe Inc. -> )
ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers6-x32: [GeoSetterShellExt] -> {7506374C-A693-427B-8DDD-99DAFB79433D} => D:\Programme\GeoSetter\GeoSetterShellExt.dll [2019-10-29] (Friedemann Schmidt) [Datei ist nicht signiert]
ContextMenuHandlers6: [GeoSetterShellExt64] -> {A50BD5C6-4B18-44F3-8D6D-62DE89A969E9} => D:\Programme\GeoSetter\GeoSetterShellExt64.dll [2019-10-29] (Friedemann Schmidt) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programme\Malwarebytes\mbshlext.dll [2021-01-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [QsyncExt] -> {17affcaf-2e65-4b1b-98a1-a7b3b4d8ad36} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll [2017-09-15] (QNAP Systems, Inc. -> )
ContextMenuHandlers6: [TortoiseGit] -> {10A0FDD2-B0C0-4CD4-A7AE-E594CE3B91C8} => D:\Programme\TortoiseGit\bin\TortoiseGitStub.dll [2020-10-10] (Open Source Developer, Sven Strickroth -> hxxps://tortoisegit.org/)
ContextMenuHandlers6: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2014-09-09] (Acronis International GmbH -> Acronis)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-06-28] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin\Enblend Droplet 360.lnk -> C:\Program Files (x86)\Hugin\bin\enblend_droplet_360.bat ()
Shortcut: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin\Enblend Droplet.lnk -> C:\Program Files (x86)\Hugin\bin\enblend_droplet.bat ()
Shortcut: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin\Enfuse Align Droplet.lnk -> C:\Program Files (x86)\Hugin\bin\enfuse_align_droplet.bat ()
Shortcut: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin\Enfuse Auto Droplet.lnk -> C:\Program Files (x86)\Hugin\bin\enfuse_auto_droplet.bat ()
Shortcut: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin\Enfuse Droplet 360.lnk -> C:\Program Files (x86)\Hugin\bin\enfuse_droplet_360.bat ()
Shortcut: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin\Enfuse Droplet.lnk -> C:\Program Files (x86)\Hugin\bin\enfuse_droplet.bat ()
ShortcutWithArgument: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 32-bit Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\**User**\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" x86"
ShortcutWithArgument: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 64-bit Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\**User**\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" amd64"
ShortcutWithArgument: C:\Users\**User**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 64-bit Cross Tools Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\**User**\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" x86_amd64"
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-12-29 09:24 - 2015-05-08 07:26 - 000662016 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-12-29 09:25 - 2015-02-09 17:53 - 000872960 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 000147456 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-12-29 09:25 - 2015-07-02 23:20 - 004662272 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000507392 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\AsKeyboardFocusHooker.dll
2015-12-29 09:25 - 2015-06-24 23:16 - 000236544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000712192 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-12-29 09:25 - 2015-06-30 22:22 - 000863744 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000803840 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-12-29 09:25 - 2015-07-01 16:33 - 000815104 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000091648 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-12-29 09:25 - 2015-06-29 12:35 - 000383488 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\SystemCleaner.dll
2015-12-29 09:25 - 2015-05-21 21:57 - 001141248 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2015-12-29 09:25 - 2015-09-10 15:06 - 000237568 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2015-12-29 09:25 - 2014-02-24 16:49 - 000208896 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2015-12-29 09:25 - 2015-06-26 13:50 - 000906240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\LED Control\LEDControl.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 000091648 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-12-29 09:26 - 2015-06-23 10:17 - 001338368 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\MoboConnect.dll
2015-12-29 09:26 - 2013-11-20 10:10 - 000662016 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2015-12-29 09:26 - 2013-07-02 10:40 - 000253952 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2015-12-29 08:57 - 2014-07-23 02:59 - 000104448 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-12-29 09:25 - 2014-09-08 07:26 - 000053248 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-12-29 09:25 - 2014-09-26 14:40 - 000278528 ____R () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2020-07-22 10:14 - 2020-07-22 10:14 - 000272384 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\IOTCAPIs.dll
2020-07-22 10:14 - 2020-07-22 10:14 - 000105984 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\P2PTunnelAPIs.dll
2020-06-01 09:18 - 2020-06-01 09:18 - 000166400 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\RdiffDll.dll
2020-07-22 10:14 - 2020-07-22 10:14 - 000103936 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\RDTAPIs.dll
2019-10-19 00:02 - 2019-10-19 00:02 - 000056320 _____ () [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\QtSolutions_Service-head.dll
2016-01-02 00:50 - 2006-02-23 11:35 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzColorPort64.dll
2016-01-02 00:50 - 2006-02-22 10:39 - 000020480 _____ () [Datei ist nicht signiert] C:\WINDOWS\System32\FritzPort64.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 003277824 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMM.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 000804864 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMMCPU.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 002045440 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMMCUDA.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 000281600 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMMCudaCompiler.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 002169344 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\OpenMMOpenCL.dll
2020-12-06 21:12 - 2020-12-06 21:12 - 002772692 _____ () [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit-avx-256\a7-0.0.19\Core_a7.fah\libfftw3f-3.dll
2020-08-27 03:49 - 2020-08-27 03:49 - 048966144 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\AdobePIE.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 060800000 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\opencv_core410.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 003119104 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\opencv_imgcodecs410.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 045977600 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\opencv_imgproc410.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 000283136 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\PhotoCreations.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 000137728 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\ToastNotification.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 017214464 _____ () [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\usd_win.dll
2021-01-16 01:22 - 2021-01-16 01:22 - 000245248 _____ () [Datei ist nicht signiert] D:\Programme\SumatraPDF\PdfFilter.dll
2020-08-25 21:05 - 2020-08-25 21:05 - 000446976 _____ (Adobe Systems Incorporated) [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\AdobeSVGAGM.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 002109952 _____ (Apache Software Foundation) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\log4cxx.dll
2020-08-27 03:49 - 2020-08-27 03:49 - 002861568 _____ (Apache Software Foundation) [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\xerces.dll
2021-01-16 01:22 - 2021-01-16 01:22 - 011137536 _____ (Artifex Software et al.) [Datei ist nicht signiert] D:\Programme\SumatraPDF\libmupdf.dll
2015-12-29 09:24 - 2015-05-08 07:26 - 000108544 ____R (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL
2015-12-29 09:24 - 2015-06-03 15:17 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\ASACPI.DLL
2015-12-29 09:25 - 2015-06-04 00:48 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll
2015-12-29 09:25 - 2014-09-08 07:26 - 000108544 ____R (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsAcpi.dll
2015-12-29 08:57 - 2021-01-18 22:46 - 000037160 _____ (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-12-29 09:24 - 2015-05-08 07:26 - 000677376 ____R (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AAHM\1.00.22\asacpiEx.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 000221184 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\asacpiex.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000221184 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2015-12-29 09:25 - 2015-06-04 00:48 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiex.dll
2015-12-29 09:26 - 2015-06-22 16:16 - 000114176 _____ (ASUSTek Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\AndroidOpenAccessory.dll
2015-12-29 09:26 - 2013-11-20 10:10 - 000221184 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\AsMultiLang.dll
2015-12-29 09:26 - 2014-07-25 15:46 - 001328128 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotice.dll
2015-12-29 09:26 - 2015-06-18 23:46 - 001087488 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\System Information\SystemInfo.dll
2015-12-29 09:26 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\AsMultiLang.dll
2015-12-29 09:26 - 2015-03-12 14:48 - 000901120 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\Express.dll
2015-12-29 09:25 - 2014-09-08 07:26 - 000676864 ____R (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\asacpiEx.dll
2015-12-29 09:25 - 2014-09-08 07:26 - 000102400 ____R (ASUSTek Computer Inc.,) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\EIO.DLL
2020-08-27 03:49 - 2020-08-27 03:49 - 051178496 _____ (Cognitec Systems GmbH) [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\frsdk-9.4.0.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 001864192 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\platforms\qwindowsd.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 008492544 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Cored.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 009202688 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Guid.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 008172032 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Widgetsd.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 000316928 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Xmld.dll
2020-11-03 11:58 - 2019-10-29 22:47 - 000750900 _____ (Friedemann Schmidt) [Datei ist nicht signiert] D:\Programme\GeoSetter\GeoSetterShellExt64.dll
2020-09-04 14:53 - 2020-09-04 14:53 - 000449024 _____ (g10 Code GmbH) [Datei ist nicht signiert] D:\Programme\Gpg4win\bin_64\gpgex.dll
2021-01-16 01:41 - 2020-07-20 19:01 - 000203264 _____ (hxxp://winmerge.org) [Datei ist nicht signiert] D:\Programme\WinMerge\ShellExtensionX64.dll
2021-01-15 11:55 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [Datei ist nicht signiert] D:\Programme\7-Zip\7-zip.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000251392 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\System32\IPPMon.dll
2021-01-17 23:18 - 2021-01-17 23:18 - 001654784 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2021-01-17 23:18 - 2021-01-17 23:18 - 000054272 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80DEU.DLL
2020-04-19 21:08 - 2020-04-19 21:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-04-19 21:08 - 2020-04-19 21:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 087017472 _____ (NVIDIA Corporation) [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\cufft64_92.dll
2020-12-06 21:13 - 2020-12-06 21:13 - 015544832 _____ (NVIDIA Corporation) [Datei ist nicht signiert] D:\ProgramData\FAHClient\cores\cores.foldingathome.org\win\64bit\22-0.0.13\Core_22.fah\nvrtc64_92.dll
2020-10-23 03:42 - 2020-10-23 03:42 - 066421248 _____ (QNAP Systems, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\Lang\QsyncDEU.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 021529088 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\icudt53.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 001982976 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\icuin53.dll
2015-12-29 09:24 - 2015-06-03 15:17 - 001355264 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\icuuc53.dll
2020-08-27 03:49 - 2020-08-27 03:49 - 027534336 _____ (The ICU Project) [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\icudt64.dll
2020-08-27 03:49 - 2020-08-27 03:49 - 002430976 _____ (The ICU Project) [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\icuuc64.dll
2020-06-01 09:18 - 2020-06-01 09:18 - 002115584 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\libcrypto-1_1.dll
2020-06-01 09:18 - 2020-06-01 09:18 - 000371200 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\QNAP\Qsync\libssl-1_1.dll
2019-10-19 00:02 - 2019-10-19 00:02 - 001652224 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\LIBEAY32.dll
2019-10-19 00:03 - 2019-10-19 00:03 - 000345600 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\SSLEAY32.dll
2019-12-10 22:09 - 2019-12-10 22:09 - 006105088 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\Qt5Core.dll
2019-04-09 09:22 - 2019-04-09 09:22 - 001301504 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\Qt5Network.dll
2019-04-10 17:56 - 2019-04-10 17:56 - 000141312 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\QNAP\QVR Pro Client\Qt5WebSockets.dll
2015-12-29 09:25 - 2014-09-26 14:40 - 000927744 ____R (TODO: <Company name>) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\AsusGpuTweak.dll
2016-01-02 00:50 - 2006-02-23 12:16 - 000047616 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmColorFax.dll
2016-01-02 00:50 - 2006-02-22 10:53 - 000043520 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\WINDOWS\System32\AvmFax.dll
2020-08-27 03:49 - 2020-08-27 03:49 - 002957312 _____ (WinSoft S.A.) [Datei ist nicht signiert] D:\Programme\AdobePSE2021\Elements 2021 Organizer\WRServices.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kein Name -> {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99}' -> Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Kein Name -> {BAB8368D-BB1D-44BC-AF8F-CE04F698EC99}' -> Keine Datei
Toolbar: HKU\S-1-5-21-2974319683-333524289-2430525430-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - Keine Datei
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\localhost -> localhost
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2020-11-22 20:19 - 000000854 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 drive.tresorit.com
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\System32;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files\Microsoft VS Code\bin;C:\Program Files\TortoiseSVN\bin;D:\Programme\GnuPG\bin;C:\Program Files\Git\cmd;D:\Programme\TortoiseGit\bin;D:\Programme\Calibre2\;D:\Programme\FAHClient;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\PuTTY\
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\Control Panel\Desktop\\Wallpaper -> d:\bilder\photos\2016_08_28 tap2016\img_1619.jpg
DNS Servers: 192.168.178.13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
ist aktiviert.
Network Binding:
=============
VirtualBox Host-Only Network #3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network #2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "Finanzmanager 2017 Zahlungserinnerung.lnk"
HKLM\...\StartupApproved\StartupFolder: => "GIGABYTE OC_GURU.lnk"
HKLM\...\StartupApproved\Run: => "Fences"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobePSE17AutoAnalyzer"
HKLM\...\StartupApproved\Run32: => "ASUS AiChargerPlus Execute"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer DMS"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer WSAgent"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer ShareEdit"
HKU\S-1-5-21-2974319683-333524289-2430525430-1001\...\StartupApproved\Run: => "KeePass Password Safe 2"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{0EE0BA19-B1E9-46AE-BD8E-78C7C993656E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8F366E92-E76E-4A8C-9C1D-3EAA9D829C7D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C66003C-0331-47D4-BEF3-A38E2A463646}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F45D070B-4287-4526-852F-FCDE24BCA96F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{F33A69EF-F871-4BF2-ABF1-A6A427B38CEA}D:\programme\netgearsmartcontrolcenter\sccd.exe] => (Allow) D:\programme\netgearsmartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [TCP Query User{6F376C40-8079-4DED-A3E2-1E8B29A09BDD}D:\programme\netgearsmartcontrolcenter\sccd.exe] => (Allow) D:\programme\netgearsmartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) D:\Programme\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [{2C9BA7F4-3FB0-48D9-AF55-D68790066712}] => (Allow) D:\Programme\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [{6FACAE49-9B72-49E3-8054-BEF3EE288346}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FB9B2462-472B-41E7-B311-7DDCF93FA54D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0CAEAACC-CF6F-4587-9569-622C4EF4DAB1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA8161E0-D8AA-42C4-B8B2-6AC881A36933}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D91115BD-BFCF-45D1-8B97-128B15663AB4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{54F1E365-202A-4024-92FB-A631D9049467}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{19FCEC40-A349-4878-A0EE-3F6A7CB615B5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B8BCE890-12D3-459F-AD3B-B11AEE4DF09E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{96C547BE-0DA8-481E-BCB0-62C34C4454E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F4B01B55-CD43-425F-8707-98DC85F7AA5E}] => (Allow) C:\Users\**User**\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{AA55D8F9-7E86-4823-84B8-0377A6C3470E}] => (Allow) C:\Users\**User**\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{E10E5D72-67AD-4594-8253-89D2AA75CA53}] => (Allow) C:\Users\**User**\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{B846B07B-1BFC-4DEA-98EB-21F4B9395189}D:\programme\fahclient\fahclient.exe] => (Allow) D:\programme\fahclient\fahclient.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{E4E0C981-FE59-4FCE-9582-E270B881D925}D:\programme\fahclient\fahclient.exe] => (Allow) D:\programme\fahclient\fahclient.exe () [Datei ist nicht signiert]
FirewallRules: [{DCA14C84-9DE9-4700-89A5-77EC1CD5BEDD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CBECDA05-6BF9-48FA-83C4-6B9D599C0C7B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5485C3ED-A9E2-4F2E-A033-FF70AB640A98}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E99B2705-6CAD-4EF7-A008-43D34B8F1045}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{883EA02A-5470-49B0-A08D-E9744ADE659E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A04427A0-C235-422E-A820-5C6E8BD4D9E3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EFA3388C-9C89-4B65-91ED-6BF5D6F5708E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{76D1DA8B-B8B4-434E-B921-D79681979111}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{9E1BC818-7C3E-4A5F-A7EC-8DEA4928C3CE}D:\programme\virtualbox\virtualboxvm.exe] => (Allow) D:\programme\virtualbox\virtualboxvm.exe (Oracle Corporation -> Oracle Corporation)
FirewallRules: [TCP Query User{F883E9F6-5812-4B40-8135-1F9D2CE62290}D:\programme\virtualbox\virtualboxvm.exe] => (Allow) D:\programme\virtualbox\virtualboxvm.exe (Oracle Corporation -> Oracle Corporation)
FirewallRules: [UDP Query User{11A667B3-6004-40BC-ABAB-1AA322917874}D:\programme\fritzsetup\frifax32.exe] => (Allow) D:\programme\fritzsetup\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [TCP Query User{90E4F7CD-C926-4970-B5B5-35C4A669559A}D:\programme\fritzsetup\frifax32.exe] => (Allow) D:\programme\fritzsetup\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [UDP Query User{59CFC5A4-5C52-4D56-912C-7CF7CAAF5EA3}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [TCP Query User{489C0631-7A15-4846-A135-CD4558094B62}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
FirewallRules: [UDP Query User{27F195C0-FB49-4796-ACCE-FBE526D1AC91}C:\program files\microsoft vs code\code.exe] => (Allow) C:\program files\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B14A8D68-FB07-42B5-9602-ED92E6342A37}C:\program files\microsoft vs code\code.exe] => (Allow) C:\program files\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5861AC50-231B-405D-805B-CDDD086AA72C}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8FE50CFC-2D1A-4C85-BBB8-05A630B11C70}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AECDF6E5-D80E-483C-AE92-5E6FE51F5ACC}] => (Allow) D:\Programme\Steam\steamapps\common\Through The Darkest of Times\TtDoT.exe () [Datei ist nicht signiert]
FirewallRules: [{7F03D273-5C7F-4085-8005-AC639B39DA4F}] => (Allow) D:\Programme\Steam\steamapps\common\Through The Darkest of Times\TtDoT.exe () [Datei ist nicht signiert]
FirewallRules: [{4428D5A8-C1CF-47B6-86A5-120049103E3A}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7A6D5A25-AB5D-4BE5-ABBC-66D586617491}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6E94679A-33BC-46DC-9D60-575877EE3254}] => (Allow) D:\Programme\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3D888DFE-358D-405E-AE16-8F5FC6CA8DBF}] => (Allow) D:\Programme\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{58B8DBE3-CB61-490C-B2EF-D6976042B024}D:\arbeit\zprogramming\eclipseinstall\eclipse.exe] => (Allow) D:\arbeit\zprogramming\eclipseinstall\eclipse.exe (Eclipse.org Foundation, Inc. -> )
FirewallRules: [TCP Query User{FDD574AE-0D5E-4F0B-B935-5C8C36F1FCB4}D:\arbeit\zprogramming\eclipseinstall\eclipse.exe] => (Allow) D:\arbeit\zprogramming\eclipseinstall\eclipse.exe (Eclipse.org Foundation, Inc. -> )
FirewallRules: [UDP Query User{1F9B85CD-2C36-424C-BA10-BF51EED21E0D}D:\programme\java32\jdk1.8.0_251\jre\bin\java.exe] => (Block) D:\programme\java32\jdk1.8.0_251\jre\bin\java.exe => Keine Datei
FirewallRules: [TCP Query User{681EC9A7-6758-4025-8577-772A60F74721}D:\programme\java32\jdk1.8.0_251\jre\bin\java.exe] => (Block) D:\programme\java32\jdk1.8.0_251\jre\bin\java.exe => Keine Datei
FirewallRules: [UDP Query User{4610251D-866B-4E80-A369-AC4CF8F39B0A}D:\programme\java32\jre1.8.0_251\bin\javaw.exe] => (Allow) D:\programme\java32\jre1.8.0_251\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{1D5858FD-CC35-42D9-A9C1-0952B8CBB580}D:\programme\java32\jre1.8.0_251\bin\javaw.exe] => (Allow) D:\programme\java32\jre1.8.0_251\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{134D0F37-58F5-4703-ACE6-0A577B165589}D:\programme\java64\jdk-14.0.1\bin\javaw.exe] => (Allow) D:\programme\java64\jdk-14.0.1\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{AD4354FD-86BE-4E48-83CA-881E10E51432}D:\programme\java64\jdk-14.0.1\bin\javaw.exe] => (Allow) D:\programme\java64\jdk-14.0.1\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{1444B872-0370-4564-AE87-C7C0D1E4342F}D:\arbeit\zprogramming\eclipseinstall\eclipse\eclipse.exe] => (Allow) D:\arbeit\zprogramming\eclipseinstall\eclipse\eclipse.exe => Keine Datei
FirewallRules: [TCP Query User{31BF38B8-6B6F-416D-B1F8-3E41A8CA53F7}D:\arbeit\zprogramming\eclipseinstall\eclipse\eclipse.exe] => (Allow) D:\arbeit\zprogramming\eclipseinstall\eclipse\eclipse.exe => Keine Datei
FirewallRules: [UDP Query User{C2B29C38-BD5E-4D3F-ADF0-BA00E709383E}D:\arbeit\zprogramming\local_prj\openhab-webui\bundles\org.openhab.ui.paper\node\node.exe] => (Allow) D:\arbeit\zprogramming\local_prj\openhab-webui\bundles\org.openhab.ui.paper\node\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [TCP Query User{BD72522E-D3F0-471B-BC20-1EF3EF8BBB81}D:\arbeit\zprogramming\local_prj\openhab-webui\bundles\org.openhab.ui.paper\node\node.exe] => (Allow) D:\arbeit\zprogramming\local_prj\openhab-webui\bundles\org.openhab.ui.paper\node\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{37AB47B5-DB9E-4A7E-A5EB-027F8BB297C6}D:\programme\kodi\kodi.exe] => (Allow) D:\programme\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{4F3D4B02-E808-4C63-9A04-9FD5B8D8876E}D:\programme\kodi\kodi.exe] => (Allow) D:\programme\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{69A807A3-0D85-4A31-99BD-1E3D7BC65F52}C:\program files\aquila technology\wakeonlan\wakeonlan.exe] => (Allow) C:\program files\aquila technology\wakeonlan\wakeonlan.exe (Open Source Developer, Philip Sterling Tull -> Aquila Technology)
FirewallRules: [TCP Query User{F1044954-FA92-438F-A0C1-E49EA9808D38}C:\program files\aquila technology\wakeonlan\wakeonlan.exe] => (Allow) C:\program files\aquila technology\wakeonlan\wakeonlan.exe (Open Source Developer, Philip Sterling Tull -> Aquila Technology)
FirewallRules: [UDP Query User{81BDA2EF-C623-4644-93BB-65CA7813139F}C:\program files (x86)\smartcontrolcenter\sccd.exe] => (Allow) C:\program files (x86)\smartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [TCP Query User{991529A3-3C21-496B-B78F-8254CE269E44}C:\program files (x86)\smartcontrolcenter\sccd.exe] => (Allow) C:\program files (x86)\smartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [UDP Query User{49EF06E3-3A5D-4EF4-A4AD-ABD999C7A302}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe => Keine Datei
FirewallRules: [TCP Query User{1D5340BD-FEB8-4DDD-AE85-FF500D560FCA}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe => Keine Datei
FirewallRules: [UDP Query User{E0CB0B60-8EC2-4740-845A-42ECCC12B4F8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{15D6ADD1-14C4-4A0F-9824-E560C537ADF7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{33C2DEC9-2A47-4A0B-B956-5AB136846016}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{30B7FFF9-4CC2-4803-AA06-9FF0A39B4535}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A941ACCC-3C10-4FE0-BE8E-D900CC715F2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3E5467F0-BE7D-4BB0-AFC0-03D5632D219B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BF465933-7C5A-478C-9EE7-A657635AA354}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{71098D98-7DB3-40D8-AB1E-6BEA218BFB74}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7F586656-3AA3-4BF3-B20A-0D8E1210E869}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B31A7716-E042-44CD-8166-CCD64416C811}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{29708248-1DD4-4106-817E-2B3C39088F09}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BFE2834C-B6A7-4412-88AE-C2E4C54EA6DF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe => Keine Datei
FirewallRules: [{B9924A9C-A71D-4960-A0BF-56AF9550D83F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{607E6385-A942-4CB4-B935-E21350F3B0C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D33882D9-F441-4E02-80FD-D09F5F2DCA52}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{9801DDED-F8CF-4791-92D0-DA63EDA62F7C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{35D12C64-B698-40AF-AFB1-8A4CFB3A2075}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{A5D049BA-BBA3-4383-811A-1EA82079C9D9}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{FDE02139-845A-48F8-8C5A-53B1934567C6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{8ED666DA-874C-4BCA-B9E8-422E04278655}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{293C3A3F-CC31-44F8-89E3-09726E7019D7}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{1ED8560A-D924-40F7-A3A0-2BA68E512CD2}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe () [Datei ist nicht signiert]
FirewallRules: [{FE1B676F-6271-4B64-B70D-B25F4908C494}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe () [Datei ist nicht signiert]
FirewallRules: [{00192F63-78F0-4CAA-B5F9-3847D47B70D7}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{71F7A69A-2CF5-4B00-B03E-D23642DB5EE7}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{6211DBE4-35A4-4800-8B32-0C25CA8FDB5A}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{544C5DAF-F49E-443A-A767-294EBCD2C0EA}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{76582FC6-945D-4F4C-99AE-90D7AED2CFDE}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{A14FD695-5904-4F6C-B0F6-0D787C0FF388}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{9AC230B9-993D-43F1-8C62-85BC2750CDD9}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
FirewallRules: [{6B261B47-BBB3-4D07-A667-5454244CE091}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
FirewallRules: [{F2017C1F-EE21-4999-BA99-80F4CA521711}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{09137EA0-772B-48E1-A085-34F9BF1E7F99}C:\program files (x86)\smartcontrolcenter\sccd.exe] => (Allow) C:\program files (x86)\smartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [UDP Query User{A520744B-3141-4773-A8EB-5DC3973FCE7D}C:\program files (x86)\smartcontrolcenter\sccd.exe] => (Allow) C:\program files (x86)\smartcontrolcenter\sccd.exe => Keine Datei
FirewallRules: [TCP Query User{210E53B7-D273-4A1A-9663-82D832177391}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe => Keine Datei
FirewallRules: [UDP Query User{10AACF7E-2248-437E-83E3-E110DE5F395F}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe => Keine Datei
FirewallRules: [TCP Query User{CDA62F1D-1081-484B-9417-BCC2E95F0616}C:\program files (x86)\qnap\qsync\qsync.exe] => (Allow) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [UDP Query User{5608F1D4-10E5-4576-A918-B90D1E5E7DF8}C:\program files (x86)\qnap\qsync\qsync.exe] => (Allow) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [{7AD17824-30E0-445B-B423-F2DBA8A7BA5D}] => (Block) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [{CF9DE28F-E34F-46AE-9C91-93BB85D156F5}] => (Block) C:\program files (x86)\qnap\qsync\qsync.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.)
FirewallRules: [TCP Query User{733E7B53-0882-44BA-A112-C9EC67A6414F}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe (KNX Association) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{8193C757-1E42-4D6B-8753-5EA9C62111BB}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe (KNX Association) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{45B40E81-D673-4217-9483-A24314C01B9C}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe => Keine Datei
FirewallRules: [UDP Query User{2C71C24D-DA63-49FE-83B7-5F75CBF8AC79}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe => Keine Datei
FirewallRules: [TCP Query User{91158797-E548-4C90-AB76-3DC16877908C}C:\users\**User**\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\**User**\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{D25EA8A5-52F3-4712-841D-853D44C542BC}C:\users\**User**\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\**User**\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{E25111C1-7711-494F-B618-523AD7D9ADC9}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe => Keine Datei
FirewallRules: [UDP Query User{F8A303EA-99C3-4F2C-B610-7BA96F894CE3}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe => Keine Datei
FirewallRules: [TCP Query User{ADAB3000-A29D-4F20-B4C6-037102D42D4B}C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [UDP Query User{B68597A7-0609-4F25-8097-C7046FD042D0}C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe => Keine Datei
FirewallRules: [TCP Query User{CFCA897C-657A-49ED-96FA-60C0951FCBF7}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe (KNX Association) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{1DE0F898-186A-433C-92A0-A742811FA57C}C:\program files (x86)\common files\eiba sc\falcon\falcon.exe] => (Allow) C:\program files (x86)\common files\eiba sc\falcon\falcon.exe (KNX Association) [Datei ist nicht signiert]
FirewallRules: [{42AD79A9-D6C1-4043-AEE8-914756F6C4DB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22D961F1-FB58-492E-992B-86DD59572D86}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52455608-870B-4DF4-AD26-3E30A4825514}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{400804DD-6A28-4742-9C9E-092A7CB5D081}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B5C7CF9E-5D82-4ED7-BF81-BE624DA7636F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{150740DE-9B06-4242-AA93-65C90E8E57A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{17572C71-10E4-4E11-B0F1-1ABD8E9ECEF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F5206E27-BA97-48F4-BCB0-D07B397056FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{8FDC8FF6-B726-4023-B064-AF0D57E36B20}C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm.exe => Keine Datei
FirewallRules: [UDP Query User{FFD85465-977C-4520-9B73-0CE33FDBB99E}C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base64455\heroesofthestorm.exe => Keine Datei
FirewallRules: [{289D2472-2F81-4EE3-B07F-E06A67BF08E0}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{9577CD4E-35D5-465B-8B4B-5F7A73994E7F}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
==================== Wiederherstellungspunkte =========================
17-01-2021 23:36:58 Lexware Finanzmanager 2020
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (01/18/2021 11:10:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 10.0.19041.546, Zeitstempel: 0xb850de5d
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.19041.746, Zeitstempel: 0x2f680839
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000aaa02
ID des fehlerhaften Prozesses: 0x3d50
Startzeit der fehlerhaften Anwendung: 0x01d6ede56370bc38
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SysWOW64\DllHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\combase.dll
Berichtskennung: 6ca65f4d-785c-4188-9f53-6d906c209ec6
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (01/18/2021 10:46:45 PM) (Source: MSSQL$KNXETS4) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$KNXETS4\Performance'. SQL Server performance counters are disabled.
Error: (01/18/2021 10:44:14 PM) (Source: MsiInstaller) (EventID: 10005) (User: HAL)
Description: Product: PuTTY release 0.74 (64-bit) -- A version of PuTTY is already installed on this system using the old Inno Setup installer. Please uninstall that before running the new installer.
Error: (01/18/2021 07:32:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Qsync.exe, Version: 4.5.1.1026, Zeitstempel: 0x5f96411f
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.662, Zeitstempel: 0x5f641e44
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e6ac3
ID des fehlerhaften Prozesses: 0x2e58
Startzeit der fehlerhaften Anwendung: 0x01d6ed78981bae7b
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\QNAP\Qsync\Qsync.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: fa18cbf5-1ca2-4296-84b2-c2449a8de41d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/18/2021 10:01:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Qsync.exe, Version: 4.5.1.1026, Zeitstempel: 0x5f96411f
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.662, Zeitstempel: 0x5f641e44
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e6ac3
ID des fehlerhaften Prozesses: 0x34e0
Startzeit der fehlerhaften Anwendung: 0x01d6ed687188d725
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\QNAP\Qsync\Qsync.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 632b1b0c-14a6-4ad9-ab65-7cb29b65747c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/18/2021 08:05:50 AM) (Source: MSSQL$KNXETS4) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$KNXETS4\Performance'. SQL Server performance counters are disabled.
Error: (01/18/2021 01:43:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (01/18/2021 01:43:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Systemfehler:
=============
Error: (01/18/2021 10:46:36 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Der Treiber hat einen internen Treiberfehler auf \Device\VBoxNetLwf gefunden.
Error: (01/18/2021 10:45:32 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/18/2021 10:45:32 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/18/2021 10:45:32 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/18/2021 10:45:30 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/18/2021 10:45:30 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/18/2021 10:45:30 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/18/2021 10:45:30 PM) (Source: DCOM) (EventID: 10010) (User: HAL)
Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
===================================
Date: 2021-01-19 18:59:52.0420000Z
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {2BB80ADF-79EA-426A-B14B-EB006A41B1BF}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2021-01-18 23:56:30.7260000Z
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5EF4E71A-FFC2-4D89-BE18-E1AD00460795}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2021-01-18 22:53:20.5480000Z
Description:
Der überwachte Ordnerzugriff hat C:\Windows\System32\svchost.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2021-01-18T21:53:20.547Z
Benutzer: NT-AUTORITÄT\SYSTEM
Pfad: \Device\HarddiskVolume1
Name des Prozesses: C:\Windows\System32\svchost.exe
Sicherheitsversion: 1.329.2429.0
Modulversion: 1.1.17700.4
Produktversion: 4.18.2011.6
Date: 2021-01-18 01:39:05.7090000Z
Description:
D:\Programme\AdobePSE2021\Elements 2021 Organizer\PhotoshopElementsOrganizer.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Videos zu ändern.
Erkennungszeit: 2021-01-18T00:39:05.709Z
Benutzer: HAL\**User**
Pfad: %userprofile%\Videos
Prozessname: D:\Programme\AdobePSE2021\Elements 2021 Organizer\PhotoshopElementsOrganizer.exe
Sicherheitsversion: 1.329.2376.0
Modulversion: 1.1.17700.4
Produktversion: 4.18.2011.6
Date: 2021-01-18 01:36:49.1280000Z
Description:
D:\Programme\AdobePSE2021\Photoshop Elements 2021\PhotoshopElementsEditor.exe wurde durch den überwachten Ordnerzugriff daran gehindert, \\Wolke\Data_XChange\\ zu ändern.
Erkennungszeit: 2021-01-18T00:36:49.127Z
Benutzer: HAL\**User**
Pfad: \\Wolke\Data_XChange\\
Prozessname: D:\Programme\AdobePSE2021\Photoshop Elements 2021\PhotoshopElementsEditor.exe
Sicherheitsversion: 1.329.2376.0
Modulversion: 1.1.17700.4
Produktversion: 4.18.2011.6
CodeIntegrity:
===================================
Date: 2021-01-18 22:48:55.3170000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Programme\Malwarebytes\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-18 22:48:54.2040000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Programme\Malwarebytes\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-18 21:08:26.8890000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-18 21:08:26.8850000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-18 21:08:20.1340000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-18 21:08:20.1160000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-18 21:08:20.0260000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-18 21:08:19.8930000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Programme\Malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 1102 11/16/2015
Hauptplatine: ASUSTeK COMPUTER INC. Z170 PRO GAMING
Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 24500.32 MB
Verfügbarer physikalischer RAM: 13421.77 MB
Summe virtueller Speicher: 28084.32 MB
Verfügbarer virtueller Speicher: 16214.77 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.3 GB) (Free:45.57 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:821.49 GB) NTFS
Drive q: () (Network) (Total:3.44 GB) (Free:0.77 GB)
Drive r: () (Network) (Total:3.44 GB) (Free:0.77 GB)
Drive v: (Media) (Network) (Total:2015.73 GB) (Free:1632.15 GB) NTFS
Drive z: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
\\?\Volume{297e7a1d-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{297e7a1d-0000-0000-0000-40193a000000}\ () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{e8fcc8a4-3997-11eb-86f6-f832e4bc5f9c}\ (Tresorit Drive) (Removable) (Total:505 GB) (Free:356.45 GB) exFAT
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 297E7A1D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=502 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 85A40634)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
|
|
19.01.2021, 20:05
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Vermeintliche Infektion mit "murofetweekly"Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Vermeintliche Infektion mit "murofetweekly" |
| appdata, avg, canon, code, defender, detected, diverse, dll, email, explorer, failed, firefox, frage, infektion, infiziert, microsoft, namen, nvcontainer, programme, registry, reset, server, services, sicherheit, steam, telekom, temp, virtualbox |
Linear-Darstellung
