| |
| |||||||
Log-Analyse und Auswertung: Audacity.de - Izito & Zapmeta in den Suchmaschinen im BrowserWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
01.02.2021, 10:45
| #1 |
| |  Audacity.de - Izito & Zapmeta in den Suchmaschinen im Browser Hallo liebes Forum! Leider bin ich auch auf die Audacity.de-Seite reingefallen und habe nun wohl Malware, welches ich nicht ganz wegbekomme. Ich würde mich über Hilfe sehr freuen und bedanke mich im Voraus. FRST Logs: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
durchgeführt von Adika (Administrator) auf SUHARIADIKA (Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI) (01-02-2021 10:36:36)
Gestartet von D:\Downloads
Geladene Profile: Adika
Platform: Windows 10 Pro Version 1909 18363.1316 (X64) Sprache: German (Germany)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
() [Datei ist nicht signiert] C:\Program Files (x86)\RocketDock\RocketDock.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(AgileBits Inc. -> AgileBits Inc.) C:\Users\Adika\AppData\Local\1Password\app\7\1Password.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_11.6.32.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_11.6.32.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_11.6.32.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_11.6.32.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_11.6.32.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Chris Andriessen) [Datei ist nicht signiert] C:\Program Files (x86)\TaskbarX\TaskbarX.exe
(devolo AG -> devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Discord Inc. -> Discord Inc.) C:\Users\Adika\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
(DREVO Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.exe
(DREVO Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\DrevoService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <35>
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) INTELND1820 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\APP_Dragon_Center_Keeper.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\DragonCenter_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\Mystic_Light\LightKeeperService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\StorageMonitor\StorageMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Dragon Center\CC_Engine_x64.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_4f0927d2d65e905f\Display.NvContainer\NVDisplay.Container.exe <2>
(NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\cam_helper.exe <4>
(NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe
(NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe <5>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(ShareX Team) [Datei ist nicht signiert] C:\Program Files\ShareX\ShareX.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Swift Media Entertainment, Inc. -> Blitz, Inc.) C:\Users\Adika\AppData\Local\Programs\Blitz\Blitz.exe <17>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [MouseDriver] => TiltWheelMouse.exe
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353400 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AdobePSE18AutoAnalyzer] => C:\Program Files\Adobe\Elements 2020 Organizer\Elements Auto Creations 2020.exe [3560048 2019-08-27] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobePSE19AutoAnalyzer] => C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe [2653808 2020-11-10] (Adobe Inc. -> Adobe)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951968 2019-07-09] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5886264 2020-12-21] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-10-08] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5866032 2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-10-12] (Adobe Inc. -> )
HKLM-x32\...\Run: [Genshin Impact Beta_Launcher] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [110721160 2021-01-07] (NZXT, Inc. -> NZXT, Inc.)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [Discord] => C:\Users\Adika\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680712 2021-01-12] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50011008 2021-01-20] (Google LLC -> )
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [1Password] => C:\Users\Adika\AppData\Local\1Password\app\7\1Password.exe [5254480 2021-01-28] (AgileBits Inc. -> AgileBits Inc.)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [com.blitz.app] => C:\Users\Adika\AppData\Local\Programs\Blitz\Blitz.exe [108249856 2021-01-24] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [WallpaperEngine] => "D:\Games\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe" -silent
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Datei ist nicht signiert]
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [Drevo] => C:\Program Files (x86)\Drevo\Power Console\DrevoStartup.exe [113160 2018-11-23] (北京繁石简作科技有限公司 -> )
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491248 2020-12-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792272 2021-01-13] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [Snap Camera] => C:\Program Files\Snap Inc\Snap Camera\Snap Camera.exe [67068448 2020-12-04] (Snapchat Inc. (Snap Inc.) -> Snap Inc)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\Canon PRO-100S series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCM.DLL [30208 2016-05-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor PRO-100S series: C:\Windows\system32\CNMLMCM.DLL [406528 2016-05-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor PRO-100S series XPS: C:\Windows\system32\CNMXLMCM.DLL [409088 2016-05-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-27] (Google LLC -> Google LLC)
Startup: C:\Users\Adika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2019-10-13]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2020-12-21]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02DFE4A6-FBE5-4D48-BB1C-E9AE1A196DB0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0422D8B8-11D5-4ED8-8295-1F019E5203CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {091AB4AF-27DF-4AE2-B6E3-A2E06F7A0E7B} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [227328 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert]
Task: {0D95FA99-65FF-4333-ABAC-DE08EB5C7C42} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {1374E9A4-89C4-47C0-BB85-08772DD01774} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {17F2209A-5C69-4CF0-88AA-2972454FEFA4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-14] (Adobe Inc. -> Adobe)
Task: {1F151E63-B099-4AEA-A772-13DE1076DDB7} - System32\Tasks\@bthpan.inf,%BthPan.DisplayName%;BluetoothDeviceBluetooth-Unterstützungsdienst => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> C:\WINDOWS\Installer\{5C0E17C7-97FB-417E-B79A-4B14BBD204DB}\{6DC56F76-AEE4-4C9A-A9EA-C4018F1E313F} <==== ACHTUNG
Task: {29401CA2-1DB0-4E4C-8CB8-E7B994DF857F} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Task: {29CD23C4-39EE-4CB1-946C-7FD06366E0EE} - System32\Tasks\AdobeAAMUpdater-1.0-SUHARIADIKA-Adika => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {3DD9B8FF-567C-423C-A61D-CCEC552E16F5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F5A7981-5FB3-4519-852F-532F94F3620A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {415AA7A9-E130-4922-82CB-3C9B2AE23F92} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4BFCC3A8-8985-49B3-87E5-1189BF3E3592} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {6182D919-AEE0-413D-A9D9-4EDE0EDBF996} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {62605863-3034-4464-9A73-F3C1E47A1794} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {68FAF41D-6088-4DAD-9FC3-BF4DBAF45830} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {829291A2-417B-4627-B1F7-058E86492927} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5332904 2021-01-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E2ACE85-D917-4720-A5B5-4B81A7AEE82C} - System32\Tasks\Adobe Service Hyper-V => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> "C:\ProgramData\Package Cache\{84C8938D-B5A0-4A08-974B-C2CA04850D3B}\{7B31DC89-D1E0-45B1-8DC0-530A166549F7}" <==== ACHTUNG
Task: {971F0BC3-520D-4BB1-94AB-DC1E6D6ED366} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [245760 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert]
Task: {98CFDE4A-2F85-49AC-8CA0-18B69541ED5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {A6D5FBED-40D4-441A-9F5E-56E935E7CC07} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5332904 2021-01-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE49658D-EA73-494E-A1F6-6187B72B6961} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2571704 2020-02-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {B137962A-0EC3-43FE-BC2A-E011B7C43731} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B757B3FF-8488-48D7-9220-8233CB42DAE3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C0C2D390-4E30-43F3-A5F5-77D0D11E0076} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1722177080-3761313699-1016939255-1008 => C:\Users\Adika\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {C886D0E1-8F83-4482-B253-51B3351350F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {D08248F3-7F7E-40C2-B770-FD413F3AEE7F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D45F043D-8B4F-49DB-8B2E-96403B79FAC1} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Task: {D6F3F5A8-731A-4C99-A988-8A29EC633A34} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7A4DF9B-E7A1-4929-81BA-A971D15D0761} - System32\Tasks\TaskbarX => C:\Program Files (x86)\TaskbarX\TaskbarX.exe [263680 2020-04-19] (Chris Andriessen) [Datei ist nicht signiert]
Task: {DA63434C-ACC2-4D70-806B-B46267FCAF52} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {DE326016-7D96-48EC-9E13-261E227B475E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E59840D0-A67C-4B77-8A26-7C17C323E024} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA1A79D1-ECE2-4A04-83EF-582630D02A24} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1722177080-3761313699-1016939255-1002 => C:\Users\Adika\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {EA39082F-542A-403C-B64A-78824FB6C243} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1722177080-3761313699-1016939255-1005 => C:\Users\Adika\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {F03D48D5-E296-4152-9DBB-30FCA82AAD06} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F17EE1E5-3846-45FF-9BEE-CE376C2921F9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{26a7ba22-20c2-4588-ab3c-1563ae37b717}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a34ab0db-0ae4-4769-ae16-cee9001ddb96}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Profile: C:\Users\Adika\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-31]
Edge Extension: ( ) - C:\Users\Adika\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dofpbojfgicaljfmagepfkdcobbcnoii [2021-01-31]
FireFox:
========
FF DefaultProfile: eo982mlq.default
FF ProfilePath: C:\Users\Adika\AppData\Roaming\Mozilla\Firefox\Profiles\eo982mlq.default [2019-10-13]
FF ProfilePath: C:\Users\Adika\AppData\Roaming\Mozilla\Firefox\Profiles\p1m08x7a.default-release [2021-02-01]
FF user.js: detected! => C:\Users\Adika\AppData\Roaming\Mozilla\Firefox\Profiles\p1m08x7a.default-release\user.js [2021-01-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-10-08] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-14] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-10-08] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default [2021-02-01]
CHR DownloadDir: D:\Downloads
CHR Extension: (Google Übersetzer) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-31]
CHR Extension: (Präsentationen) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-10-13]
CHR Extension: (lock) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2020-11-13]
CHR Extension: (BetterTTV) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-12-18]
CHR Extension: (Docs) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-10-13]
CHR Extension: (Google Drive) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-13]
CHR Extension: (YouTube) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-13]
CHR Extension: (uBlock Origin) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-01-10]
CHR Extension: (Adobe Acrobat) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-16]
CHR Extension: (FrankerFaceZ) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-05-09]
CHR Extension: (Tabellen) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-10-13]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-10-13]
CHR Extension: (Volume Master - Lautstärkeregler) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2020-01-31]
CHR Extension: (TTV ad-block) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kndhknfnihidhcfnaacnndbolonbimai [2020-11-28]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-13]
CHR Extension: (Chrome Media Router) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR Extension: (Batch Media Saver from Instagram™) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmnmnpijgncjompjiccojbccinacefh [2019-10-13]
CHR HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-10-08] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-21] (BattlEye Innovations e.K. -> )
R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe [534664 2021-01-07] (NZXT, Inc. -> )
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [595720 2019-09-04] (cFos Software GmbH -> cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [6189232 2019-11-15] (devolo AG -> devolo AG)
R2 DragonCenter_Service; C:\Program Files (x86)\MSI\Dragon Center\DragonCenter_Service.exe [142512 2019-08-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2020-12-25] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [143072 2019-12-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [Datei ist nicht signiert]
S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [562848 2020-08-06] (Gameforge 4D GmbH -> )
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10897296 2021-01-13] (Logitech Inc -> Logitech, Inc.)
R2 LightKeeperService; C:\Program Files (x86)\MSI\Dragon Center\Mystic_Light\LightKeeperService.exe [81552 2020-04-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [446600 2020-01-08] (Logitech Inc -> Logitech)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [119808 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2506544 2020-02-04] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3429176 2020-02-04] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6264144 2021-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5886264 2020-12-21] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10091440 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 edgeupdate; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc [X]
S4 edgeupdatem; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /medsvc [X]
S4 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S4 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_4f0927d2d65e905f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_4f0927d2d65e905f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1601312 2019-09-03] (cFos Software GmbH -> cFos Software GmbH)
R3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2021-02-01] (CPUID S.A.R.L.U. -> CPUID)
S3 CY3014.X64; C:\WINDOWS\system32\DRIVERS\CY3014.X64.SYS [3717608 2018-10-18] (Elgato Systems LLC -> )
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-01] (Malwarebytes Corporation -> Malwarebytes)
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2019-10-04] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 goxlr_audio; C:\WINDOWS\System32\drivers\goxlr_audio.sys [374768 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 goxlr_audioks; C:\WINDOWS\System32\drivers\goxlr_audioks.sys [53744 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 GVCIDrv; C:\Program Files (x86)\Gigabyte\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\73248\driver_cpu_temperature\logi_core_temp.sys [25448 2021-01-13] (Logitech Inc. -> Logitech)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [52832 2020-02-19] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 logi_audio_surround; C:\WINDOWS\system32\drivers\logi_audio_surround.sys [44088 2020-10-12] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2019-10-22] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [26672 2020-05-22] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2019-10-22] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220600 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-01] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142440 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 NAL; C:\WINDOWS\system32\Drivers\iqvw64e.sys [58520 2019-10-04] (Intel(R) INTELND1820 -> Intel Corporation)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2020-12-21] (SoftEther Corporation -> SoftEther Corporation)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2019-11-15] (devolo AG -> Riverbed Technology, Inc.)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [134120 2018-02-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5782360 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-12-11] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-02-01 10:36 - 2021-02-01 10:36 - 000000000 ____D C:\FRST
2021-02-01 10:18 - 2021-02-01 10:18 - 000220600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-01 10:18 - 2021-02-01 10:18 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-01 10:18 - 2021-02-01 10:18 - 000142440 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-01 10:18 - 2021-02-01 10:18 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-02-01 10:18 - 2021-02-01 10:18 - 000000000 ____D C:\Users\Adika\AppData\LocalLow\IGDump
2021-02-01 10:01 - 2021-02-01 10:02 - 000000000 ____D C:\AdwCleaner
2021-02-01 09:59 - 2021-02-01 09:59 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-01 09:59 - 2021-02-01 09:59 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-01 09:59 - 2021-02-01 09:59 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-02-01 09:59 - 2021-02-01 09:59 - 000001981 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-02-01 09:59 - 2021-02-01 09:59 - 000000000 ____D C:\Users\Adika\AppData\Local\mbam
2021-02-01 09:59 - 2021-02-01 09:58 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-02-01 09:59 - 2021-02-01 09:58 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-02-01 09:58 - 2021-02-01 09:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-01 09:58 - 2021-02-01 09:58 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-01 08:10 - 2021-02-01 08:16 - 000000000 ____D C:\Users\Adika\Desktop\Wordpress JPG
2021-02-01 03:44 - 2021-02-01 03:44 - 000000000 ____D C:\Users\Adika\Desktop\Atelier
2021-01-31 16:14 - 2021-01-31 16:14 - 000000000 ____D C:\Users\Adika\Documents\My Games
2021-01-31 15:32 - 2021-02-01 10:05 - 000000000 ____D C:\Program Files\CCleaner
2021-01-31 15:32 - 2021-02-01 10:03 - 000000000 ____D C:\ProgramData\AVG
2021-01-31 15:32 - 2021-01-31 15:32 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-31 15:32 - 2021-01-31 15:32 - 000002880 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-31 15:32 - 2021-01-31 15:32 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-01-31 15:32 - 2021-01-31 15:32 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-01-31 15:32 - 2021-01-31 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-01-29 05:04 - 2021-01-29 05:04 - 000004332 _____ C:\WINDOWS\system32\Tasks\@bthpan.inf,%BthPan.DisplayName%;BluetoothDeviceBluetooth-Unterstützungsdienst
2021-01-29 04:54 - 2021-01-29 04:54 - 000004388 _____ C:\WINDOWS\system32\Tasks\Adobe Service Hyper-V
2021-01-29 04:54 - 2021-01-29 04:54 - 000000000 ____D C:\Users\Adika\AppData\Roaming\npm
2021-01-29 04:54 - 2021-01-29 04:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2021-01-29 04:54 - 2021-01-29 04:54 - 000000000 ____D C:\Program Files (x86)\nodejs
2021-01-26 15:46 - 2021-01-26 16:02 - 000000000 ____D C:\Users\Adika\Desktop\Jobcenter Teil 2
2021-01-23 21:58 - 2021-01-23 21:58 - 002628619 _____ C:\Users\Adika\Desktop\Leri - Bruh.psd
2021-01-23 03:09 - 2021-01-23 07:48 - 000000000 ____D C:\Users\Adika\Desktop\WOHNUNG
2021-01-23 02:52 - 2021-01-23 02:53 - 000000000 ____D C:\Users\Adika\Desktop\umsaetze
2021-01-23 02:43 - 2021-01-23 02:43 - 000100331 _____ C:\Users\Adika\Desktop\Umsaetze_KtoNr202069100_EUR_23-01-2021_0241.pdf
2021-01-23 02:40 - 2021-01-23 02:41 - 000927480 _____ C:\Users\Adika\Desktop\Umsätze & Digitales Haushaltsbuch - Commerzbank.pdf
2021-01-23 01:15 - 2021-01-23 01:15 - 000527770 _____ C:\Users\Adika\Desktop\checks-2-6WMIP5PG75234-2.pdf
2021-01-23 01:12 - 2021-01-23 01:12 - 000673568 _____ C:\Users\Adika\Desktop\2021-01-17_SelbstauskunftMietinteressent.pdf
2021-01-22 22:14 - 2021-01-22 22:14 - 000000222 _____ C:\Users\Adika\Desktop\Path of Exile.url
2021-01-20 14:07 - 2021-01-20 14:07 - 000000000 ____D C:\Users\49151\AppData\Local\OneDrive
2021-01-20 12:32 - 2021-01-20 13:33 - 000000000 ____D C:\Users\Adika\Desktop\Roborock S5 Max
2021-01-19 06:15 - 2021-01-19 06:16 - 000000000 ____D C:\Users\Adika\Desktop\KFW Corona Antrag
2021-01-18 16:45 - 2021-01-18 16:45 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2020.lnk
2021-01-18 16:41 - 2021-01-18 16:41 - 000001085 _____ C:\Users\Adika\Desktop\Adobe Lightroom Classic.lnk
2021-01-18 16:41 - 2021-01-18 16:41 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2021-01-18 16:38 - 2021-01-18 16:38 - 000001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2021.lnk
2021-01-18 16:36 - 2021-01-18 16:36 - 000001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2020.lnk
2021-01-18 16:31 - 2021-01-18 16:31 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2021-01-18 16:26 - 2021-01-18 16:26 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-01-18 11:32 - 2021-01-18 11:32 - 000154918 _____ C:\Users\Adika\Desktop\suhariadika Mail - Bescheid zu dem Antrag AWDHR2-568.pdf
2021-01-17 20:18 - 2021-01-17 20:18 - 000194050 _____ C:\Users\Adika\Desktop\Druckansicht.pdf
2021-01-17 20:15 - 2021-01-17 20:15 - 000153886 _____ C:\Users\Adika\Desktop\Umsaetze_KtoNr202069100_EUR_17-01-2021_2015.pdf
2021-01-16 21:32 - 2021-01-16 21:32 - 000000222 _____ C:\Users\Adika\Desktop\Golf It!.url
2021-01-16 19:37 - 2021-01-16 19:37 - 000000000 ____D C:\Users\Adika\Desktop\e-scorts.gg
2021-01-15 16:54 - 2021-01-18 21:06 - 000000000 ____D C:\Users\Adika\Desktop\Strafverfahren
2021-01-15 16:31 - 2021-01-15 16:31 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2021-01-15 16:31 - 2021-01-15 16:31 - 000000650 _____ C:\ProgramData\Desktop\Logitech G HUB.lnk
2021-01-15 16:31 - 2021-01-15 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-01-15 16:31 - 2021-01-15 16:31 - 000000000 ____D C:\Program Files\LGHUB
2021-01-15 09:56 - 2021-01-15 10:05 - 006736928 _____ C:\Users\Adika\Desktop\Lebenslauf - Adika Suhari.psd
2021-01-15 07:25 - 2021-01-18 12:44 - 000000000 ____D C:\Users\Adika\Desktop\Antrag - Corona
2021-01-15 06:38 - 2021-01-15 06:38 - 000000000 ____D C:\Users\Adika\Desktop\kamerajaeger
2021-01-14 23:17 - 2021-01-14 23:17 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-14 23:17 - 2021-01-14 23:17 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-14 23:17 - 2021-01-14 23:17 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-14 23:17 - 2021-01-14 23:17 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-14 23:17 - 2021-01-14 23:17 - 000502784 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-14 23:17 - 2021-01-14 23:17 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-14 23:17 - 2021-01-14 23:17 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-14 23:17 - 2021-01-14 23:17 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-14 23:17 - 2021-01-14 23:17 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-14 23:17 - 2021-01-14 23:17 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-14 23:17 - 2021-01-14 23:17 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-14 23:17 - 2021-01-14 23:17 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-14 23:17 - 2021-01-14 23:17 - 000151040 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-14 23:17 - 2021-01-14 23:17 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-14 23:17 - 2021-01-14 23:17 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-14 23:17 - 2021-01-14 23:17 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-14 23:17 - 2021-01-14 23:17 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-14 23:17 - 2021-01-14 23:17 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-14 23:17 - 2021-01-14 23:17 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-14 23:17 - 2021-01-14 23:17 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-14 23:17 - 2021-01-14 23:17 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-14 23:16 - 2021-01-14 23:16 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-14 23:16 - 2021-01-14 23:16 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-14 23:16 - 2021-01-14 23:16 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-14 23:16 - 2021-01-14 23:16 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-14 23:16 - 2021-01-14 23:16 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-14 23:16 - 2021-01-14 23:16 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-14 23:16 - 2021-01-14 23:16 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-14 23:16 - 2021-01-14 23:16 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-14 21:39 - 2021-01-15 06:19 - 000000000 ____D C:\Users\Adika\AppData\Roaming\youtube-dlg
2021-01-14 21:39 - 2021-01-14 21:39 - 000001131 _____ C:\Users\Public\Desktop\Youtube-DLG.lnk
2021-01-14 21:39 - 2021-01-14 21:39 - 000001131 _____ C:\ProgramData\Desktop\Youtube-DLG.lnk
2021-01-14 21:39 - 2021-01-14 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube-DLG
2021-01-14 21:39 - 2021-01-14 21:39 - 000000000 ____D C:\Program Files (x86)\Youtube-DLG
2021-01-14 21:39 - 2021-01-14 21:18 - 2807262288 _____ C:\Users\Adika\Desktop\LIVE PHOTO RETOUCHING! Photoshop _ Lightroom.mp4
2021-01-13 06:14 - 2021-01-13 06:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snap Inc
2021-01-13 06:14 - 2021-01-13 06:14 - 000000000 ____D C:\Program Files\Snap Inc
2021-01-13 06:14 - 2020-10-12 20:08 - 002800232 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\SnapCameraVirtualDevice.sys
2021-01-12 09:46 - 2021-01-15 16:39 - 000000000 ____D C:\Users\Adika\Desktop\Shooting - Michelle
2021-01-11 17:45 - 2021-01-11 17:45 - 000489843 _____ C:\Users\Adika\Desktop\Hochzeitsjubel - Logo.psd
2021-01-10 18:11 - 2021-01-19 05:47 - 000000623 _____ C:\Users\49151\Desktop\TEXTVORLAGE.txt
2021-01-10 18:08 - 2021-01-10 18:08 - 000128902 _____ C:\Users\49151\Downloads\Rahmalia-Script-1249613-GraphicEx.com.zip
2021-01-10 14:57 - 2021-01-10 14:57 - 132001853 _____ C:\Users\Adika\Desktop\Fiverr - Test Order.psd
2021-01-10 14:11 - 2021-01-10 14:11 - 001046106 _____ C:\Users\Adika\Desktop\Portrait ALL.jfif
2021-01-10 04:49 - 2021-01-10 04:49 - 000029190 _____ C:\Users\Adika\Desktop\Finanzuebersicht_10-01-2021_0448.pdf
2021-01-09 16:22 - 2021-01-09 16:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-08 20:36 - 2021-01-08 20:36 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk
2021-01-07 09:20 - 2021-01-30 05:05 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-06 08:50 - 2021-01-15 12:24 - 000000000 ____D C:\Users\Adika\Desktop\Freepik
2021-01-06 03:51 - 2021-01-06 03:51 - 000000000 ____D C:\Users\49151\AppData\Local\cache
2021-01-06 03:50 - 2021-01-06 03:51 - 000000000 ____D C:\Users\49151\AppData\Local\DxO
2021-01-06 02:21 - 2021-01-06 02:21 - 000000095 _____ C:\Users\Adika\Desktop\CODES.txt
2021-01-05 22:43 - 2021-01-06 00:47 - 000000000 ____D C:\Users\Adika\Desktop\Maike Geburtstag
2021-01-05 22:14 - 2021-01-05 22:15 - 000000000 ____D C:\ProgramData\DxO
2021-01-05 22:14 - 2021-01-05 22:14 - 000000000 ____D C:\ProgramData\Reprise
2021-01-05 22:14 - 2021-01-05 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nik Collection
2021-01-05 22:14 - 2021-01-05 22:14 - 000000000 ____D C:\ProgramData\DxO Labs
2021-01-05 22:14 - 2021-01-05 22:14 - 000000000 ____D C:\Program Files\DxO
2021-01-05 22:13 - 2021-01-05 22:38 - 000000000 ____D C:\Users\Adika\AppData\Local\DxO
2021-01-04 10:41 - 2021-01-04 10:41 - 000000000 ____D C:\Users\Adika\.jes
2021-01-04 10:41 - 2021-01-04 10:41 - 000000000 ____D C:\Program Files\ojdkbuild
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-02-01 10:33 - 2019-10-04 17:40 - 000000000 ____D C:\Users\Adika\AppData\Roaming\NZXT CAM
2021-02-01 10:33 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-01 10:30 - 2020-08-06 17:27 - 000000000 ____D C:\Users\Adika\AppData\Local\LGHUB
2021-02-01 10:23 - 2020-06-15 14:29 - 000000000 ____D C:\Users\Adika\AppData\LocalLow\Mozilla
2021-02-01 10:14 - 2019-10-04 17:29 - 000000000 ____D C:\Users\Adika\AppData\Local\D3DSCache
2021-02-01 10:09 - 2019-11-25 05:52 - 001723292 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-01 10:09 - 2019-03-19 13:16 - 000741728 _____ C:\WINDOWS\system32\perfh007.dat
2021-02-01 10:09 - 2019-03-19 13:16 - 000149880 _____ C:\WINDOWS\system32\perfc007.dat
2021-02-01 10:09 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-02-01 10:06 - 2020-04-07 19:17 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-02-01 10:05 - 2020-01-21 11:23 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Blitz
2021-02-01 10:05 - 2019-10-04 17:21 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-01 10:04 - 2020-12-21 10:21 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2021-02-01 10:04 - 2020-10-31 19:29 - 000000000 ___RD C:\Users\Adika\iCloudDrive
2021-02-01 10:04 - 2019-10-13 16:19 - 000000000 ___RD C:\Users\Adika\Creative Cloud Files
2021-02-01 10:04 - 2019-10-13 04:36 - 000000000 ____D C:\Users\Adika\AppData\Roaming\LGHUB
2021-02-01 10:04 - 2019-10-13 04:25 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Discord
2021-02-01 10:03 - 2020-02-19 01:51 - 000000258 __RSH C:\ProgramData\ntuser.pol
2021-02-01 10:03 - 2019-11-25 05:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-01 10:03 - 2019-10-13 05:00 - 000000000 ____D C:\Users\Adika\AppData\Local\CrashDumps
2021-02-01 10:03 - 2019-10-13 04:14 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-01 10:03 - 2019-03-19 05:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-02-01 09:59 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-01 09:48 - 2019-11-01 00:27 - 000001456 _____ C:\Users\Adika\AppData\Local\Adobe Save for Web 13.0 Prefs
2021-02-01 08:10 - 2019-10-18 01:57 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beamr Imaging
2021-02-01 07:53 - 2019-11-25 05:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-01 07:46 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-01 07:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-01 04:10 - 2019-10-13 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-01 03:43 - 2020-12-18 02:13 - 000000000 ____D C:\Users\Adika\Desktop\Hochzeit
2021-02-01 03:43 - 2020-04-27 05:28 - 000000000 ____D C:\Users\Adika\Desktop\Misc
2021-02-01 03:39 - 2020-10-21 06:13 - 000000000 ____D C:\Users\Adika\Desktop\Versandmarken
2021-01-31 21:54 - 2019-10-13 16:17 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-31 15:35 - 2019-11-25 05:50 - 000000000 ____D C:\WINDOWS\minidump
2021-01-31 15:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-31 00:30 - 2019-10-13 16:04 - 000000000 ____D C:\ProgramData\Riot Games
2021-01-29 18:22 - 2019-10-04 17:02 - 000000000 ____D C:\Users\Adika\AppData\Local\Packages
2021-01-29 17:21 - 2019-11-25 04:15 - 000000000 ____D C:\Users\Adika\AppData\Local\ElevatedDiagnostics
2021-01-29 05:04 - 2020-07-13 16:58 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-29 05:04 - 2020-07-13 16:58 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-29 05:04 - 2019-11-25 05:50 - 000003618 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-29 05:04 - 2019-11-25 05:50 - 000003394 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-29 05:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-01-29 04:54 - 2019-10-04 17:20 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-29 04:25 - 2021-01-01 18:10 - 000000000 ___RD C:\Users\49151\Creative Cloud Files
2021-01-28 20:15 - 2019-10-20 00:38 - 000001365 _____ C:\Users\Adika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1Password.lnk
2021-01-28 20:15 - 2019-10-20 00:38 - 000000000 ____D C:\Users\Adika\AppData\Local\1Password
2021-01-28 18:45 - 2020-07-13 16:59 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-28 16:54 - 2020-02-07 00:59 - 000000000 ____D C:\Users\Adika\AppData\Local\log
2021-01-28 01:45 - 2020-06-02 11:20 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-01-27 22:27 - 2019-10-13 04:14 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-26 21:27 - 2019-10-19 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-01-24 21:54 - 2019-10-13 17:25 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-24 15:06 - 2020-04-22 13:02 - 000000000 ____D C:\Program Files\SteelSeries
2021-01-24 12:33 - 2019-10-17 22:36 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-22 16:39 - 2019-10-13 22:53 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-19 11:01 - 2020-05-08 06:05 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Apple Computer
2021-01-19 08:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-18 17:18 - 2020-12-18 10:33 - 000000000 ___RD C:\Users\49151\3D Objects
2021-01-18 17:18 - 2019-11-25 05:48 - 000000000 ____D C:\Users\Adika
2021-01-18 17:18 - 2019-10-04 17:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-18 16:45 - 2019-10-13 16:16 - 000000000 ____D C:\Program Files\Adobe
2021-01-18 16:31 - 2019-10-13 16:26 - 000000000 ____D C:\Users\Public\Documents\Adobe
2021-01-17 21:57 - 2020-06-02 11:18 - 000001639 _____ C:\Users\Adika\Desktop\VALORANT.lnk
2021-01-17 16:47 - 2019-10-13 04:52 - 000000000 ____D C:\Users\Adika\AppData\Local\Battle.net
2021-01-17 10:09 - 2019-11-02 16:31 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Electrum
2021-01-16 20:58 - 2020-04-27 18:41 - 000001693 _____ C:\Users\Adika\Desktop\LEAGUE OF LEGENDS.lnk
2021-01-15 16:30 - 2019-10-04 17:02 - 000000000 ___RD C:\Users\Adika\3D Objects
2021-01-15 16:28 - 2019-11-25 05:46 - 000450544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-15 16:27 - 2019-11-25 05:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-01-15 16:27 - 2019-03-19 13:19 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 16:27 - 2019-03-19 13:19 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-15 16:27 - 2019-03-19 13:19 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-15 12:52 - 2020-10-26 16:52 - 000000000 ____D C:\Users\Adika\Desktop\Fiverr
2021-01-14 23:20 - 2019-10-14 23:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-14 23:20 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-14 23:18 - 2019-10-14 23:17 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-14 23:16 - 2019-11-25 05:50 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 17:01 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-13 12:56 - 2019-10-13 04:50 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-01-10 17:39 - 2019-10-04 17:02 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Adobe
2021-01-10 04:57 - 2020-12-18 10:33 - 000000000 ____D C:\Users\49151\AppData\Local\NVIDIA Corporation
2021-01-10 04:56 - 2019-10-13 17:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-09 16:22 - 2019-10-13 17:25 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-08 20:37 - 2019-10-13 16:16 - 000000000 ____D C:\ProgramData\Adobe
2021-01-08 20:36 - 2019-10-13 16:16 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-01-08 20:34 - 2019-10-04 17:40 - 000000000 ____D C:\Program Files\NZXT CAM
2021-01-07 19:49 - 2019-10-25 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-06 09:28 - 2020-01-29 00:04 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-01-05 15:46 - 2020-09-13 05:58 - 000001110 _____ C:\Users\Adika\Desktop\Electrum.lnk
2021-01-05 15:46 - 2019-10-13 22:08 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum
2021-01-05 15:46 - 2019-10-13 22:08 - 000000000 ____D C:\Program Files (x86)\Electrum
2021-01-02 07:51 - 2020-12-15 21:49 - 000000000 ____D C:\Users\Adika\Desktop\STEALTH
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2019-11-01 00:27 - 2021-02-01 09:48 - 000001456 _____ () C:\Users\Adika\AppData\Local\Adobe Save for Web 13.0 Prefs
2020-05-16 14:35 - 2020-05-16 20:20 - 000042164 _____ () C:\Users\Adika\AppData\Local\krita.log
2020-05-16 20:20 - 2020-05-16 20:20 - 000000060 _____ () C:\Users\Adika\AppData\Local\kritadisplayrc
2020-05-16 14:35 - 2020-05-16 20:20 - 000016177 _____ () C:\Users\Adika\AppData\Local\kritarc
2019-10-13 16:16 - 2019-10-13 16:16 - 000000410 _____ () C:\Users\Adika\AppData\Local\oobelibMkey.log
2020-05-21 23:22 - 2020-08-15 20:03 - 000003094 _____ () C:\Users\Adika\AppData\Local\PlariumPlay.log
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
01.02.2021, 10:46
| #2 |
| | Audacity.de - Izito & Zapmeta in den Suchmaschinen im Browser Addition Logs:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-01-2021
durchgeführt von Adika (01-02-2021 10:37:48)
Gestartet von D:\Downloads
Windows 10 Pro Version 1909 18363.1316 (X64) (2019-11-25 04:50:41)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Aadko (S-1-5-21-1722177080-3761313699-1016939255-1008 - Limited - Enabled) => C:\Users\49151
Adika (S-1-5-21-1722177080-3761313699-1016939255-1001 - Administrator - Enabled) => C:\Users\Adika
Administrator (S-1-5-21-1722177080-3761313699-1016939255-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1722177080-3761313699-1016939255-503 - Limited - Disabled)
Gast (S-1-5-21-1722177080-3761313699-1016939255-501 - Limited - Disabled)
lizen (S-1-5-21-1722177080-3761313699-1016939255-1002 - Limited - Enabled) => C:\Users\lizen
WDAGUtilityAccount (S-1-5-21-1722177080-3761313699-1016939255-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1Password (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\1Password) (Version: 7.6.791 - AgileBits Inc.)
7-Zip 19.02 alpha (x64) (HKLM\...\7-Zip) (Version: 19.02 alpha - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_6) (Version: 17.6 - Adobe Inc.)
Adobe Bridge 2021 (HKLM-x32\...\KBRG_11_0_1) (Version: 11.0.1 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.1.470 - Adobe Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_1) (Version: 25.1 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_0_1) (Version: 16.0.1 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_4_1) (Version: 4.1 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_1_1) (Version: 10.1 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_8) (Version: 14.8 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_1_1) (Version: 22.1.1.138 - Adobe Inc.)
Adobe Photoshop Elements 2020 (HKLM-x32\...\PSE_18_0) (Version: 18.0 - Adobe Inc.)
Adobe Photoshop Elements 2021 (HKLM-x32\...\PSE_19_0) (Version: 19.0 - Adobe Inc.)
Adobe Premiere Elements 2021 (HKLM-x32\...\PRE_19_0) (Version: 19.0 - Adobe Inc.)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_8) (Version: 14.8 - Adobe Inc.)
Albion Online (HKLM-x32\...\SandboxAlbionOnline) (Version: - Sandbox Interactive GmbH)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.2.3 - Electronic Arts, Inc.)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.19.1021.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.19.1021.1 - GIGABYTE)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Backup and Sync from Google (HKLM\...\{00BA5D43-DC76-4DF2-A38C-5D3B8FABF5E4}) (Version: 3.54.3529.0458 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blitz 1.13.83 (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.13.83 - Blitz, Inc.)
Call of Duty Black Ops Cold War (HKLM-x32\...\Call of Duty Black Ops Cold War) (Version: - Blizzard Entertainment)
Call of Duty Black Ops Cold War Beta (HKLM-x32\...\Call of Duty Black Ops Cold War Beta) (Version: - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Canon PRO-100S series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_PRO-100S_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
cFosSpeed 10.51 (HKLM\...\cFosSpeed) (Version: 10.51 - cFos Software GmbH, Bonn)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 5.1.1.0 - devolo AG)
Discord (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dragon Center (HKLM-x32\...\{B252FABF-9582-4824-B02B-6D2DC93685C7}}_is1) (Version: 1.0.0.67 - MSI)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.19.1205.1 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.19.1205.1 - GIGABYTE)
Electrum (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Electrum) (Version: 4.0.9 - Electrum Technologies GmbH)
Elgato Video Capture (HKLM-x32\...\{E29D0CAD-C1B2-49E5-BAE1-AB75461109A3}) (Version: 1.15.2.119 - Elgato Systems GmbH)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.0.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{B380DBDE-BA95-481B-92E9-52F2E5E84F24}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{adbc3d98-57f2-4d68-b155-138f8fb0f73d}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{26b207d1-1f37-4df9-8b3f-aeebbca6bb85}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{422FC196-EA1D-448E-A505-BC7DFC21C880}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Gameforge Client (HKLM-x32\...\{d3b2a0c1-f0d0-4888-ae0b-1c5e1febdafb}_is1) (Version: 2.1.12.165 - Gameforge)
Genshin Impact (HKLM\...\Genshin Impact Beta) (Version: 2.3.3.0 - miHoYo Co.,Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1202.1 - GIGABYTE)
iCloud Outlook (HKLM\...\{58EF239A-565E-4854-9769-DE7BB82ED781}) (Version: 11.4.0.12 - Apple Inc.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1916.12.0.1263 - Intel Corporation)
Intel(R) Network Connections 23.5.0.0 (HKLM\...\PROSetDX) (Version: 23.5.0.0 - Intel)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{3d2240de-3c21-4e14-84b3-1c6cd02bfab4}) (Version: 10.1.17969.8134 - Intel(R) Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{074dda6c-5a4a-455e-8a99-09de068e0771}) (Version: 21.40.1 - Intel Corporation)
JPEGminiPro (HKLM-x32\...\{FE484208-1913-4A76-97B9-325BBF338D84}) (Version: 2.1.0.2 - Beamr Imaging Ltd)
Krita (x64) 4.2.7.1 (HKLM\...\Krita_x64) (Version: 4.2.7.1 - Krita Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Legends of Runeterra (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Riot Game bacon.live) (Version: - Riot Games, Inc)
Logitech Capture (HKLM\...\Capture) (Version: 2.00.226 - Logitech)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: - Logitech)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Maxon Cinema 4D 22 (HKLM\...\Maxon Cinema 4D S22) (Version: S22 - Maxon)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Metin2 de-DE (HKLM-x32\...\{fab180a3-cd65-4b7e-bd0e-2ef77fd0c258.de-DE}) (Version: - Gameforge)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.53 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 84.0.2 (x64 en-US)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.3 - Mozilla)
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 3.3.0 - DxO)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
NZXT CAM 4.18.1 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.18.1 - NZXT, Inc.)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
OpenJDK 1.8.0_275-1-ojdkbuild (HKLM\...\{DA310B25-AB91-41D2-8BAE-E2220FD18DFB}) (Version: 1.8.2751.1 - ojdkbuild open-source project)
Origin (HKLM-x32\...\Origin) (Version: 10.5.63.37653 - Electronic Arts, Inc.)
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
Power Console (HKLM-x32\...\Power Console) (Version: 1.1.0.40 - DREVO Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.20.0330.2 - GIGABYTE)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
RivaTuner Statistics Server 7.2.2 (HKLM-x32\...\RTSS) (Version: 7.2.2 - Unwinder)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.1.0.170 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{bfb0503a-76b9-415a-b0a3-dd55d2a01ebe}) (Version: 3.0.0.1802 - Samsung Electronics)
Samsung NVM Express Driver 3.0.0.1802 (HKLM\...\{92729760-681A-42A2-A101-1098CAB4DEC1}) (Version: 3.0.0.1802 - Samsung Electronics Co., Ltd) Hidden
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.4.0 - ShareX Team)
Sky Ticket 8.2.0.0 (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\com.bskyb.skyticket_is1) (Version: 8.2.0.0 - Sky Ticket)
Snap Camera 1.11.0 (HKLM-x32\...\{024A6CF5-627D-497F-980B-B9A6EC5C40AF}_is1) (Version: 1.11.0 - Snap Inc.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.34.9745 - SoftEther VPN Project)
Spark AR Studio (HKLM\...\{489436BA-8B71-4F2A-81B8-F5C3EE2E5ABD}) (Version: 73.0.10 - Facebook Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 20.12.9.680 - StreamElements)
Streamlabs OBS 0.17.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.17.1 - General Workings, Inc.)
TaskbarX (HKLM-x32\...\TaskbarX) (Version: 1.5.4.0 - Chris Andriessen)
Twitch (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
VALORANT (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Video Capture v7.07.0.127 (HKLM-x32\...\Software_Elgato_Video Capture) (Version: 7.07.0.127 - Elgato Systems)
WhatsApp (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\WhatsApp) (Version: 2.2041.6 - WhatsApp)
WISO steuer:Sparbuch 2020 (HKLM-x32\...\{FE6E838C-1CA4-4718-8BDD-F1CD1D218138}) (Version: 27.07.1862 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2021 (HKLM-x32\...\{9C427D3E-0128-4A2A-A4F0-AA7551669B74}) (Version: 28.02.1932 - Buhl Data Service GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
Youtube-DLG version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-10-14] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-11] (Adobe Systems Incorporated)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-06-14] (Canon Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_11.6.32.0_x86__nzyj5cx40ttqa [2020-12-31] (Apple Inc.) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-18] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-13] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-20] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-13] (Microsoft Corporation)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.32861.0_x64__8wekyb3d8bbwe [2020-10-23] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-10-04] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0 [2021-01-29] (Spotify AB) [Startup Task]
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32 -> C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2021}\localserver32 -> C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-682CDB814D0D} -> [Creative Cloud Files] => C:\Users\Adika\Creative Cloud Files [2019-10-13 16:19]
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Adika\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{20462679-09B6-4CBB-A886-8BECE9C20C8F} -> [iCloud Photos] => C:\Users\Adika\Pictures\iCloud Photos\Photos [2020-10-31 19:30]
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{6FF2D3A9-DAFA-4513-98A5-A744E0929935} -> [iCloud Drive] => C:\Users\Adika\iCloudDrive [2020-10-31 19:29]
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Adika\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Adika\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{a3d7e084-b0df-4d14-8e0a-27a572a6332c}\localserver32 -> "C:\Program Files\Sony\Imaging Edge Desktop\ied.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_4f0927d2d65e905f\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-01] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Adika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Adika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disable-features=RendererCodeIntegrity
ShortcutWithArgument: C:\Users\Adika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disable-features=RendererCodeIntegrity
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-04-23 02:47 - 2021-01-24 08:55 - 000415232 _____ () [Datei ist nicht signiert] \\?\C:\Users\Adika\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\node_modules\leveldown\prebuilds\win32-ia32\node.napi.node
2020-04-29 15:25 - 2020-04-29 15:25 - 000117248 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.Config.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000017920 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.Downloader.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000029184 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.DriverComm.dll
2020-04-29 15:26 - 2020-04-29 15:26 - 000035328 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.Framework.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000013312 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.HookService.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000018944 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.Logger.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 001036800 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.MacroService.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000007680 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.MsgHook.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000137216 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.NetComm.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000069120 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.NetWork.dll
2020-04-29 15:26 - 2020-04-29 15:26 - 000956928 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.Service.dll
2020-04-29 15:26 - 2020-04-29 15:26 - 001447936 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.StartupMgrDlg.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000959488 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.StatisticalServer.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000023040 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.UpdateService.dll
2020-04-29 15:26 - 2020-04-29 15:26 - 001025024 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\FSUI.dll
2021-01-29 05:04 - 2021-01-30 05:05 - 000010752 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Google\Chrome\Application\VERSION.dll
2020-04-26 01:36 - 2007-09-02 12:57 - 000069632 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\RocketDock\RocketDock.dll
2020-12-16 21:02 - 2021-01-07 20:39 - 002772480 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\ffmpeg.dll
2020-12-16 21:02 - 2021-01-07 20:39 - 000379904 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\libegl.dll
2020-12-16 21:02 - 2021-01-07 20:39 - 007863296 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\libglesv2.dll
2020-04-08 01:55 - 2021-01-24 08:55 - 002567680 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Programs\Blitz\ffmpeg.dll
2020-04-08 01:55 - 2021-01-24 08:55 - 000359424 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Programs\Blitz\libegl.dll
2020-04-08 01:55 - 2021-01-24 08:55 - 006615552 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Programs\Blitz\libglesv2.dll
2021-02-01 10:04 - 2021-02-01 10:04 - 000114176 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\_ctypes.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000172544 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\_elementtree.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 002255872 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\_hashlib.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000032256 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\_multiprocessing.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000046080 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\_psutil_windows.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000047616 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\_socket.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 002824704 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\_ssl.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000026112 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\_yappi.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000080896 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\bz2.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000015872 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\common.time34.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000007680 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\hashobjs_ext.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000301568 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\PIL._imaging.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000168448 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\pyexpat.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 001084416 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\pysqlite2._sqlite.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000548864 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\pythoncom27.dll
2021-02-01 10:04 - 2021-02-01 10:04 - 000137728 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\pywintypes27.dll
2021-02-01 10:04 - 2021-02-01 10:04 - 000010752 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\select.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000020992 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\thumbnails_ext.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000689664 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\unicodedata.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000119808 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\usb_ext.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000128512 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\win32api.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000438784 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\win32com.shell.shell.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000011776 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\win32crypt.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000023040 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\win32event.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000149504 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\win32file.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000223232 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\win32gui.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000048128 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\win32inet.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000029696 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\win32pdh.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000027648 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\win32pipe.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000044032 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\win32process.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000020480 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\win32profile.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000136192 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\win32security.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000026624 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\win32ts.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\windows.conditional.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000037888 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\windows.connectivity.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000071680 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\windows.device_monitor.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000103936 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\windows.volumes.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000019968 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\windows.winwrap.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 001325056 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\wx._controls_.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 001489408 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\wx._core_.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 001007104 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\wx._gdi_.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000103424 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\wx._html2.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 000916992 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\wx._misc_.pyd
2021-02-01 10:04 - 2021-02-01 10:04 - 001039872 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\wx._windows_.pyd
2021-01-08 20:34 - 2021-01-07 20:39 - 001818112 _____ (CPUID) [Datei ist nicht signiert] C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\cam_helper\cpuidsdk64.dll
2019-06-14 08:15 - 2019-06-14 08:15 - 000022528 _____ (Drevo Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.BatteryService.dll
2019-04-15 15:24 - 2019-04-15 15:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\yccV2.dll
2019-10-13 22:07 - 2019-09-05 20:00 - 000076800 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
2021-02-01 10:04 - 2021-02-01 10:04 - 003043328 _____ (Python Software Foundation) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\python27.dll
2021-01-08 20:34 - 2021-01-07 20:39 - 000083456 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\nzxt-device\SiUSBXp64.dll
2019-10-19 02:53 - 2019-10-19 02:53 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-10-19 02:53 - 2019-10-19 02:53 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2019-10-19 02:53 - 2019-10-19 02:53 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-02-17 01:15 - 2019-10-19 02:53 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-02-17 01:15 - 2019-10-19 02:53 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-02-17 01:15 - 2019-10-19 02:53 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-02-17 01:15 - 2019-10-19 02:53 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-02-17 01:15 - 2019-10-19 02:53 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-07-04 17:06 - 2019-07-04 17:06 - 001988608 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GbtNvGpuLib.dll
2021-02-01 10:04 - 2021-02-01 10:04 - 000202240 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\wxbase30u_net_vc90_x64.dll
2021-02-01 10:04 - 2021-02-01 10:04 - 002831872 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\wxbase30u_vc90_x64.dll
2021-02-01 10:04 - 2021-02-01 10:04 - 001654784 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\wxmsw30u_adv_vc90_x64.dll
2021-02-01 10:04 - 2021-02-01 10:04 - 006542336 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\wxmsw30u_core_vc90_x64.dll
2021-02-01 10:04 - 2021-02-01 10:04 - 000773632 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\wxmsw30u_html_vc90_x64.dll
2021-02-01 10:04 - 2021-02-01 10:04 - 000137216 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI149402\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\ojdkbuild\java-1.8.0-openjdk-1.8.0.275-1\bin;C:\Program Files\ojdkbuild\java-1.8.0-openjdk-1.8.0.275-1\jre\bin;C:\Program Files (x86)\nodejs\
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
Network Binding:
=============
VPN - VPN Client: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Wi-Fi: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\StartupApproved\Run: => "Snap Camera"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{45419C11-5C7B-4F60-A84A-2B80F980A425}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A3CB66F0-F2F3-4D07-A8DB-33D8295DA540}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2014C5C9-D80D-49BD-8D59-9F504AA9B040}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{891C5A34-F250-4673-821D-34C0477C070E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2D85B8A8-948D-41EF-8642-641F6113CBB9}D:\games\cod modern warfare\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\cod modern warfare\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [TCP Query User{E16118ED-40E3-42C4-AC37-2AD7EEABC6D4}D:\games\cod modern warfare\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\cod modern warfare\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [UDP Query User{4A06D02A-677B-4762-9F90-CD0CF7EAA636}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{9620BAA1-E94F-43EA-9E34-DCB64E213225}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{A11C5B28-B248-43D2-983B-481A44081229}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{077CA878-D364-4993-B252-22F9B5854951}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{67058F37-A947-4227-B7C5-17B265E10F4E}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> devolo AG)
FirewallRules: [{FC8181CA-02BB-4AD6-9DF4-4AC4D2441FBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{85B7AA23-9887-4AB0-8045-B451CC9F8F3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{907B9C97-1F6B-416B-9FCF-449349426231}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6D74BC15-2C4A-41DD-810D-D69C9DDCD399}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{997604B4-C036-422B-B755-B9306CD39E3B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ABA02167-9C79-4D17-B6ED-8D143CAD2427}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1E92C50C-C18D-481A-90A4-C7EACE3B974B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5FC0880B-A9BC-4D49-9D5D-E3FDCB829C89}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CC6EF0BF-1205-42BD-B444-7EABEA9C7BBA}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{F482C1F4-9BC6-440D-A669-E90BDC74AD42}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{2B0129C1-127E-4504-A74A-389F07FDEF87}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{BF304400-04E2-437D-986D-6855BD8FDE21}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{AC794B6C-5213-409B-9B23-12ED5B669922}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD253A48-5696-4F2C-A88E-A3C732E0CEBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{80758D4E-8A18-441F-9359-E7D168C1BBDB}] => (Allow) D:\Games\Steam\steamapps\common\Starbound\win64\starbound.exe => Keine Datei
FirewallRules: [{01C52F00-7DA0-4AD0-AF3B-D6770CAD9C8E}] => (Allow) D:\Games\Steam\steamapps\common\Starbound\win64\starbound.exe => Keine Datei
FirewallRules: [{9E119771-2C79-4B2F-A415-ECD0FEFD283C}] => (Allow) D:\Games\Steam\steamapps\common\Starbound\win64\starbound_server.exe => Keine Datei
FirewallRules: [{34E84D39-235E-4DCF-8E76-4FC9D7253345}] => (Allow) D:\Games\Steam\steamapps\common\Starbound\win64\starbound_server.exe => Keine Datei
FirewallRules: [{415E8F1F-5F57-4A04-AC73-ADD670088EF3}] => (Allow) D:\Games\Steam\steamapps\common\Starbound\win64\mod_uploader.exe => Keine Datei
FirewallRules: [{187769AB-EE35-4F2A-8E61-E8038BE979F8}] => (Allow) D:\Games\Steam\steamapps\common\Starbound\win64\mod_uploader.exe => Keine Datei
FirewallRules: [{1AD94E44-E4EA-438F-9596-74B5BB2BB5FB}] => (Allow) D:\Games\Steam\steamapps\common\Starbound\win32\starbound.exe => Keine Datei
FirewallRules: [{68B7F202-7E36-423F-A45B-5C6F82B818A9}] => (Allow) D:\Games\Steam\steamapps\common\Starbound\win32\starbound.exe => Keine Datei
FirewallRules: [TCP Query User{E75A25A9-4621-4D59-AB7C-BF4C78B9A90C}D:\games\call of duty - modern warfare\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty - modern warfare\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{FD6ED8A4-DCC2-4A88-BB82-526316E23F21}D:\games\call of duty - modern warfare\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty - modern warfare\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{C06E2911-A2B7-46A9-A948-E773B2630C5C}C:\users\adika\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\adika\appdata\local\gamecenter\gamecenter.exe => Keine Datei
FirewallRules: [UDP Query User{3F2C8EAF-0DCC-4F4A-A15B-67B86BAEAC58}C:\users\adika\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\adika\appdata\local\gamecenter\gamecenter.exe => Keine Datei
FirewallRules: [TCP Query User{90FAD91F-6FB7-4161-9305-27F9A01C2099}C:\users\adika\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\adika\appdata\local\blitz\current\blitz.exe => Keine Datei
FirewallRules: [UDP Query User{699F63C5-611C-4E68-9E85-04C4052EA8F4}C:\users\adika\appdata\local\blitz\current\blitz.exe] => (Allow) C:\users\adika\appdata\local\blitz\current\blitz.exe => Keine Datei
FirewallRules: [TCP Query User{AC4DE742-03AE-417D-8DAC-965B050ACFB0}C:\users\adika\appdata\local\blitz\app-1.6.12\blitz.exe] => (Allow) C:\users\adika\appdata\local\blitz\app-1.6.12\blitz.exe => Keine Datei
FirewallRules: [UDP Query User{97209665-0B8C-4B53-880D-D330E6D43EFC}C:\users\adika\appdata\local\blitz\app-1.6.12\blitz.exe] => (Allow) C:\users\adika\appdata\local\blitz\app-1.6.12\blitz.exe => Keine Datei
FirewallRules: [{941C3871-1938-46A9-95B9-74F9FF19D263}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> devolo AG)
FirewallRules: [{7963A8FA-9760-49BB-89E0-C0FF4EB23828}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> devolo AG)
FirewallRules: [{17398447-895C-42D2-A1A1-496ED73847EA}] => (Allow) D:\Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{AB264C7E-E1DE-4B9E-BA72-D0739C502B93}] => (Allow) D:\Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{9B1DD20C-EBEB-487C-A19D-5C981920AE03}C:\users\adika\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\adika\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [UDP Query User{B6DFD434-1D77-44D4-9E8C-AB7749EA902B}C:\users\adika\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\adika\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [{FA92D0EE-A866-4BF2-934E-0AAE043A0998}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{191F1872-11D8-4917-9C9C-6D270B0A24EB}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{7CD315AC-D513-49B7-A569-60695D2B0A37}] => (Allow) LPort=9009
FirewallRules: [{E88CE50E-521F-4D15-B52E-F4DA89ED54DC}] => (Allow) LPort=9009
FirewallRules: [{64318752-7090-4C72-820E-0B937B152BFF}] => (Allow) LPort=9009
FirewallRules: [{163308C0-3D6E-442D-9886-B5533C4C76F4}] => (Allow) LPort=9009
FirewallRules: [{C6FDAA03-4CD0-4832-A21F-A73CAB69CA56}] => (Allow) LPort=9009
FirewallRules: [{310510F6-81FC-4799-A00D-1FB7FA1437F8}] => (Allow) LPort=9009
FirewallRules: [{43ABD717-4224-4CDF-A75F-B9F920D669AD}] => (Allow) LPort=9009
FirewallRules: [{78AAF2D3-E795-41DB-B914-311C3DE0398A}] => (Allow) LPort=9009
FirewallRules: [{7715858B-0F9D-47C8-87F1-D4447B9F83E9}] => (Allow) LPort=9009
FirewallRules: [{6B5AC4DE-0C20-4B6C-81A1-4135CBD3ABF4}] => (Allow) LPort=9009
FirewallRules: [{9D148A4E-BDEF-492F-BFD6-A55B23306328}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{2E5AE953-1FD7-4118-94FF-F8E6226EBFCB}C:\users\adika\appdata\local\plarium\plariumplay\standaloneapps\raid\217\raid.exe] => (Block) C:\users\adika\appdata\local\plarium\plariumplay\standaloneapps\raid\217\raid.exe => Keine Datei
FirewallRules: [UDP Query User{E9552A4C-2BF5-471B-A002-A03F12C2E52C}C:\users\adika\appdata\local\plarium\plariumplay\standaloneapps\raid\217\raid.exe] => (Block) C:\users\adika\appdata\local\plarium\plariumplay\standaloneapps\raid\217\raid.exe => Keine Datei
FirewallRules: [{A1B149DF-7B78-419B-B80A-9333368EBCEF}] => (Allow) LPort=9009
FirewallRules: [{27013645-0288-482C-B7BE-3F6B8F134275}] => (Allow) LPort=9009
FirewallRules: [{0CEF06FB-4B4E-416E-8567-0E859D9079FF}] => (Allow) LPort=9009
FirewallRules: [{7A80A3DA-5C0A-452B-AC16-0BCB85FEDB2F}] => (Allow) LPort=9009
FirewallRules: [{7A109D09-8C99-4AC9-BFFE-15432D9E184D}] => (Allow) LPort=9009
FirewallRules: [{2DBD3F56-38A4-4423-BB0E-A298DBAC7261}] => (Allow) LPort=9009
FirewallRules: [{740D619E-7C91-4C70-82C2-480FBAF2DCFE}] => (Allow) LPort=9009
FirewallRules: [{67CFE4B9-00E0-447F-9E5B-5C68FF620D65}] => (Allow) LPort=9009
FirewallRules: [{DBF5E831-56E3-489D-9C5D-84C26BEA05FC}] => (Allow) LPort=9009
FirewallRules: [{307E3CC5-35E5-470D-968F-1831A07C0A65}] => (Allow) LPort=9009
FirewallRules: [{387268AA-46F6-4C81-BF6B-43DB02DD921B}] => (Allow) LPort=9009
FirewallRules: [{99E17849-0A08-40C3-A146-BD8916240D8E}] => (Allow) LPort=9009
FirewallRules: [{A4CA140B-272C-4C7B-B045-D2177FDD9FB1}] => (Allow) LPort=9009
FirewallRules: [{E5CA9C82-5DBC-4CB5-A6B5-D0DE59CAD40F}] => (Allow) D:\Games\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{A26FC5CA-6E10-49B4-AF9C-F6DF39659DF1}] => (Allow) D:\Games\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{1ED89DAB-CED2-479B-B63D-0D66E3FD88C5}] => (Allow) D:\Games\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{727624D8-E571-4D54-ACA1-FA5492594B2E}] => (Allow) D:\Games\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{7C700E3D-8087-42A6-BF3F-5A83CD08D750}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{4CA2952B-F8C2-4CB1-BF1E-543882AF5A17}D:\games\steam\steamapps\common\tera\client\binaries\tera.exe] => (Allow) D:\games\steam\steamapps\common\tera\client\binaries\tera.exe => Keine Datei
FirewallRules: [UDP Query User{1E7929CC-D352-404B-8D07-F49948E344DD}D:\games\steam\steamapps\common\tera\client\binaries\tera.exe] => (Allow) D:\games\steam\steamapps\common\tera\client\binaries\tera.exe => Keine Datei
FirewallRules: [{8B817291-0F2A-4CBA-A258-D44315445AAE}] => (Allow) LPort=9009
FirewallRules: [{348B60DC-A3FB-4370-9B22-00613F40EBE2}] => (Allow) LPort=9009
FirewallRules: [{9F8A8A76-AE15-48CB-9734-0956A8B26373}] => (Allow) LPort=9009
FirewallRules: [{B470FA70-ECD7-4ED3-8F00-E3936D41B3D6}] => (Allow) LPort=9009
FirewallRules: [{A2FDF6F5-EFEB-42D5-AA4B-67248E1ED965}] => (Allow) LPort=9009
FirewallRules: [{755F773A-4F77-437D-B3D7-8380906EBABE}] => (Allow) LPort=9009
FirewallRules: [{C84E23E7-B67E-4A59-9225-98C7B784F6B2}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{2D8437CF-8ED3-467B-B7B1-2D69DC3BF78A}D:\games\cod cold war\call of duty black ops cold war beta\blackopscoldwar.exe] => (Allow) D:\games\cod cold war\call of duty black ops cold war beta\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [UDP Query User{D1C0A198-B0FA-4FDB-8BD7-0C03AD4766AC}D:\games\cod cold war\call of duty black ops cold war beta\blackopscoldwar.exe] => (Allow) D:\games\cod cold war\call of duty black ops cold war beta\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [{D65873C5-5EEA-42BB-A887-E8B3AC61DD72}] => (Allow) LPort=9009
FirewallRules: [{9DD1D494-BE15-493C-AC13-C0B25B879E95}] => (Allow) LPort=9009
FirewallRules: [{55A84A41-F8EE-4088-B068-C62491FD70DE}] => (Allow) D:\Games\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [{6AA0AC44-F048-474E-8F76-90C8FE315239}] => (Allow) D:\Games\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [{A72844B0-2072-4D34-A252-F9322A4C923F}] => (Allow) LPort=9009
FirewallRules: [{20398E7D-80AE-42D6-B6F3-BD9D6B35A6BA}] => (Allow) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe => Keine Datei
FirewallRules: [{B7B19EFA-3BC0-47FC-B05D-FE02B65658BB}] => (Allow) LPort=9009
FirewallRules: [{6408B98B-2EE0-4F7C-AFB7-BAA9C05FF3E4}] => (Allow) LPort=9009
FirewallRules: [{68FCF26D-120D-46BE-9A67-5E37CC3631B3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8A319DE6-5B71-4205-8172-EDE374F4D389}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{817F5074-CE96-4B3D-B8DA-A0714C93A5AB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3C96130F-E98E-4BBA-BE9A-3A5F67230455}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3F777D55-1679-4461-A1DF-91C552BC5F2A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E021AA1C-835A-46D9-BB91-4EB4A6AD4E33}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{801B854E-17DA-4B1F-BD91-C8D1A1B20EA9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BD68C89D-08AC-470F-B1B3-B1CD529B53C6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4D9D09DA-5590-4020-B14D-CE802E17F10F}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{9C0F4376-B6BB-4AA6-B323-1269987BEB65}D:\games\cod cold war\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\games\cod cold war\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [UDP Query User{29D91F7D-78D6-40B8-A514-EF9E7F19CF35}D:\games\cod cold war\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\games\cod cold war\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [{94F2FF9A-78CE-4362-89B1-8E4898F74D74}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D7777F30-6957-407B-A5F1-F395821A0E10}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{903EDA61-4D1F-4C7F-96E0-A2A8B9E7E8C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2366C8BC-16CA-4AF1-A5F2-52FEFB35CCBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7EA433FF-ADE1-45DE-B5DC-446EEC614E29}] => (Allow) LPort=9009
FirewallRules: [{4CCEF03A-4362-4FF4-97A4-EF2AAC50AD25}] => (Allow) LPort=9009
FirewallRules: [{27EA7D18-A488-4C96-8423-AE21BEA1D4B1}] => (Allow) LPort=9009
FirewallRules: [{68205420-70BC-4510-9672-992652F9C4C9}] => (Allow) LPort=9009
FirewallRules: [{A3B100ED-155F-4E69-8BA8-8DA3CCE7F162}] => (Allow) LPort=9009
FirewallRules: [{9AD4BAC3-6E27-4949-B9B4-ADBB275F3666}] => (Allow) LPort=9009
FirewallRules: [{4AB3548F-23BC-4EEB-8484-57201014B464}] => (Allow) D:\Games\Steam\steamapps\common\Spellbreak\Launch_Spellbreak.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{AFD69751-A68F-4FA0-AFCB-24A28F56D555}] => (Allow) D:\Games\Steam\steamapps\common\Spellbreak\Launch_Spellbreak.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{289BD39B-ABD8-45BE-B456-1C09A3E297A9}D:\games\steam\steamapps\common\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) D:\games\steam\steamapps\common\spellbreak\g3\binaries\win64\spellbreak.exe (Proletariat Inc. -> Proletariat, Inc.)
FirewallRules: [UDP Query User{FAA767A0-6CF5-4762-AC80-C58EE679D404}D:\games\steam\steamapps\common\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) D:\games\steam\steamapps\common\spellbreak\g3\binaries\win64\spellbreak.exe (Proletariat Inc. -> Proletariat, Inc.)
FirewallRules: [{C56663EA-DC71-4587-94F2-37BADC70DAE4}] => (Allow) LPort=9009
FirewallRules: [{6A1C2E19-C0FA-42D9-8F9A-25129EEB6E93}] => (Allow) D:\Games\Steam\steamapps\common\Tera\launcher.exe => Keine Datei
FirewallRules: [{01E87007-9AF9-4293-A50E-025AC01CBA43}] => (Allow) D:\Games\Steam\steamapps\common\Tera\launcher.exe => Keine Datei
FirewallRules: [{1752948A-F4A2-4C0F-9907-AC565DC19A22}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{725C44BD-A3DC-4004-A57B-66181E44CFC1}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{70EDCB7D-24B9-463F-80EC-D33BBD8D1417}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{197E5901-AEC6-484E-A903-EFBB865BB82B}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{44DDB20B-3A23-4558-8264-246E949F5EB2}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{64931D68-FB67-4FC9-B1A4-C14181DDF265}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{FE5E354C-83ED-4BD8-A5D7-50C2D946C7A9}] => (Allow) D:\Games\Steam\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9AC0D317-43EF-4775-8944-7D2E4C697A2E}] => (Allow) D:\Games\Steam\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{503745C6-EB5C-4160-B7EA-B4E4ADF6C214}] => (Allow) LPort=9009
FirewallRules: [{5FC7B7B2-D05D-4A6C-8DD6-EBE7A0C54E2B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3BA60718-DA47-41A7-9763-08929CED8F73}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5CC12404-A390-4AE9-AA4E-36A6597B8243}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{913F4834-28B0-4595-8A0C-5D7944938C48}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BFF3B37C-DA79-4810-8600-CEA9F2672DAF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E7076707-0493-418E-9064-68AD19E7FA13}] => (Allow) LPort=9009
FirewallRules: [{E6492EE1-382B-41D1-9777-170A4324FE3B}] => (Allow) LPort=9009
FirewallRules: [{58546E05-1977-448A-B80C-8EF1C7C187EF}] => (Allow) LPort=9009
FirewallRules: [{80AC82B6-7CC9-4353-B3E8-9A4219F9DD22}] => (Allow) D:\Games\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{DBDB00B8-BF26-4571-84BC-546515505FD1}] => (Allow) D:\Games\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{CB69EFF1-F16A-4B26-8F7D-4A4D9FB4CC5E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3C4FA539-79F6-4620-A3BD-9E142AEAECC0}] => (Allow) LPort=9009
FirewallRules: [{C05E2062-055F-463C-918F-01F8DE03256F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{746CFA96-D911-4684-B1E5-2E9CCD89C193}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F27BBBCD-EA1F-4DF7-86A6-044893F32443}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FB225AB8-0260-4574-AB51-5FB8C1CCB588}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5A8C7578-AEDA-4C0B-8662-741145E6C02C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5B6B79F8-3110-4385-8838-68155F8AA393}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E1090F5B-A681-493D-835C-F8B4B64E44AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{538C3344-D0A8-4A00-AC0C-44D238CB3881}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{30FCE951-9B07-43AC-9C5E-9357FE65415E}] => (Allow) D:\Games\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{7A1E7C88-155F-4C4A-9010-1B630C333468}] => (Allow) D:\Games\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{26637E74-4DA9-4004-93FA-8F8FDF63099F}] => (Allow) D:\Games\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe (Sandbox Interactive GmbH -> Sandbox Interactive GmbH)
FirewallRules: [{A07AD981-5EA8-4943-897C-09E846CCE52D}] => (Allow) D:\Games\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe (Sandbox Interactive GmbH -> Sandbox Interactive GmbH)
FirewallRules: [{1EEC57D4-A856-46A1-9F8F-AB7F3A43AEC9}] => (Allow) LPort=9009
==================== Wiederherstellungspunkte =========================
24-01-2021 04:28:49 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (02/01/2021 10:28:58 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3664,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/01/2021 10:03:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ctfmon.exe, version: 10.0.18362.1, time stamp: 0x50d94f4d
Faulting module name: KERNELBASE.dll, version: 10.0.18362.1316, time stamp: 0xf9127b9c
Exception code: 0xe06d7363
Fault offset: 0x0000000000043b29
Faulting process ID: 0x2638
Faulting application start time: 0x01d6f8792c7ffebc
Faulting application path: C:\WINDOWS\system32\ctfmon.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 40811537-65c3-4ac2-bf26-5de4cc5a328a
Faulting package full name:
Faulting package-relative application ID:
Error: (02/01/2021 09:43:39 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (28580,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/01/2021 09:37:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (30352,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/01/2021 09:09:53 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11576,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/01/2021 08:21:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (26144,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/01/2021 08:15:58 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18712,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/01/2021 07:51:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8956,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Systemfehler:
=============
Error: (02/01/2021 10:33:57 AM) (Source: DCOM) (EventID: 10010) (User: SUHARIADIKA)
Description: The server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (02/01/2021 10:05:54 AM) (Source: DCOM) (EventID: 10010) (User: SUHARIADIKA)
Description: The server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (02/01/2021 10:04:02 AM) (Source: DCOM) (EventID: 10010) (User: SUHARIADIKA)
Description: The server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (02/01/2021 10:03:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The ZeroConfigService service terminated with the following error:
%%2147770990
Error: (02/01/2021 10:03:13 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (02/01/2021 10:03:13 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (02/01/2021 10:03:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (02/01/2021 10:02:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SoftEther VPN Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Neustart des Diensts.
Windows Defender:
===================================
Date: 2021-01-31 06:02:00.919
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4659E38B-6BB3-4CEE-A1AE-A0FE98787C37}
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
Date: 2021-01-29 17:21:40.892
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {445D4F76-2F64-4913-8F3D-C7D313EE737F}
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
Date: 2021-01-27 13:19:33.939
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A1FA9E3A-6B87-4B4B-9357-7F2BEC9625BF}
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
Date: 2021-01-26 11:11:37.924
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C3C03F11-C3DA-48E8-BC6E-7D6FF0F5332A}
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
Date: 2021-01-25 06:13:52.927
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {485E732E-B480-48FF-BA2B-542152919D50}
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
Date: 2021-01-14 06:15:37.825
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.2153.0
Update Source: Microsoft Update-Server
Security intelligence Type: AntiVirus
Update Type: Voll
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80240438
Error description: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
CodeIntegrity:
===================================
Date: 2021-02-01 10:20:35.764
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:35.758
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:35.698
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:35.692
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:34.080
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:34.075
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:33.967
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:32.671
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. F7a 08/29/2019
Hauptplatine: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI-CF
Prozessor: Intel(R) Core(TM) i9-9900K CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 32699.23 MB
Verfügbarer physikalischer RAM: 23263.96 MB
Summe virtueller Speicher: 37563.23 MB
Verfügbarer virtueller Speicher: 24881.46 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.88 GB) (Free:509.76 GB) NTFS
Drive d: (Volume) (Fixed) (Total:3726.01 GB) (Free:1546.76 GB) NTFS
Drive g: (LaCie #1) (Fixed) (Total:1862.96 GB) (Free:527.8 GB) exFAT
\\?\Volume{4602e376-7f9e-46b5-8266-9d08d618377d}\ () (Fixed) (Total:0.52 GB) (Free:0.04 GB) NTFS
\\?\Volume{b4bd1f78-0ff4-4bde-8ddc-112cbbde2bba}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 741A88E1)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
|
|
01.02.2021, 11:55
| #3 |
| /// TB-Ausbilder   | Audacity.de - Izito & Zapmeta in den Suchmaschinen im Browser Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen. Ich analysiere gerade dein System und melde mich in Kürze mit weiteren Anweisungen. |
|
01.02.2021, 12:05
| #4 |
| /// TB-Ausbilder | Audacity.de - Izito & Zapmeta in den Suchmaschinen im Browser Was kosten Dich die ganzen premium Adobe Produkte eigentlich im Montag/Jahr? Wofür braucht man das als Privatperson? Schritt 1
Schritt 2
Bitte poste mit deiner nächsten Antwort:
|
|
01.02.2021, 19:20
| #5 |
| | Audacity.de - Izito & Zapmeta in den Suchmaschinen im Browser Die Adobe Programme kosten mich in etwa 20€ im Monat. Die zahle ich zum jetzigen Zeitpunkt, da ich in Erwägung ziehe eine komplette Umorientierung meines Metiers zu verfolgen. Möchte wohl eher in die kreative Schiene statt meine jetzige handwerkliche Laufbahn weiterzuführen. Fixlogs: Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-01-2021
durchgeführt von Adika (01-02-2021 19:10:11) Run:1
Gestartet von C:\Users\Adika\Desktop
Geladene Profile: Adika
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
Task: {1F151E63-B099-4AEA-A772-13DE1076DDB7} - System32\Tasks\@bthpan.inf,%BthPan.DisplayName%;BluetoothDeviceBluetooth-Unterstützungsdienst => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> C:\WINDOWS\Installer\{5C0E17C7-97FB-417E-B79A-4B14BBD204DB}\{6DC56F76-AEE4-4C9A-A9EA-C4018F1E313F} <==== ACHTUNG
Task: {8E2ACE85-D917-4720-A5B5-4B81A7AEE82C} - System32\Tasks\Adobe Service Hyper-V => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> "C:\ProgramData\Package Cache\{84C8938D-B5A0-4A08-974B-C2CA04850D3B}\{7B31DC89-D1E0-45B1-8DC0-530A166549F7}" <==== ACHTUNG
C:\ProgramData\ntuser.pol
C:\WINDOWS\system32\GroupPolicy\Machine
C:\WINDOWS\system32\GroupPolicy\GPT.ini
C:\WINDOWS\SysWOW64\GroupPolicy\Machine
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini
DeleteKey: HKLM\SOFTWARE\Policies\Google
DeleteKey: HKLM\SOFTWARE\Policies\Mozilla
DeleteKey: HKLM\SOFTWARE\Policies\Microsoft\Edge
DeleteKey: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
C:\Program Files (x86)\nodejs
DeleteKey: HKLM\SOFTWARE\Node.js
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Node.js
DeleteKey: HKLM\SOFTWARE\Classes\Installer\Products\4D45993E1218CF443A3DFD6652D48B19
DeleteKey: HKLM\SOFTWARE\Classes\Installer\Products\27AC50E0DD8DF2342ACC8800434A5877
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D45993E1218CF443A3DFD6652D48B19
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\27AC50E0DD8DF2342ACC8800434A5877
DeleteKey: HKU\.DEFAULT\Software\Node.js
DeleteKey: HKCU\SOFTWARE\Node.js
DeleteKey: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E39954D4-8121-44FC-A3D3-DF66254DB891}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{77754e9b-264b-4d8d-b981-e4135c1ecb0c}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{793c9b44-3d6b-4f57-b5d7-4ff80adcf9a2}
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{793c9b44-3d6b-4f57-b5d7-4ff80adcf9a2}
StartBatch:
FOR /D %%a IN ("%WINDIR%\Installer\{????????-????-????-????-????????????}") DO ( IF EXIST "%%a\{????????-????-????-????-????????????}.xpi" RD /S /Q "%%a" )
FOR /D %%a IN ("%WINDIR%\Installer\{????????-????-????-????-????????????}") DO ( IF EXIST "%%a\c????????????????????????????????rx" RD /S /Q "%%a" )
FOR /D %%a IN ("%WINDIR%\Installer\{????????-????-????-????-????????????}") DO ( IF EXIST "%%a\x????????????????????????????????ml" RD /S /Q "%%a" )
FOR /D %%a IN ("%WINDIR%\Installer\{????????-????-????-????-????????????}") DO ( IF EXIST "%%a\{????????-????-????-????-????????????}" RD /S /Q "%%a" )
FOR /D %%a IN ("%ProgramData%\Package Cache\{????????-????-????-????-????????????}") DO ( IF EXIST "%%a\{????????-????-????-????-????????????}" RD /S /Q "%%a" )
EndBatch:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Genshin Impact Beta_Launcher] => [X]
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [AdobeBridge] => [X]
C:\Users\49151\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dofpbojfgicaljfmagepfkdcobbcnoii
C:\Users\Adika\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dofpbojfgicaljfmagepfkdcobbcnoii
C:\Users\Default\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dofpbojfgicaljfmagepfkdcobbcnoii
C:\Users\lizen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dofpbojfgicaljfmagepfkdcobbcnoii
FF user.js: detected! => C:\Users\Adika\AppData\Roaming\Mozilla\Firefox\Profiles\p1m08x7a.default-release\user.js [2021-01-24]
C:\Users\49151\AppData\Roaming\Mozilla\Firefox\Profiles\p1m08x7a.default-release\prefs.js
C:\Users\Adika\AppData\Roaming\Mozilla\Firefox\Profiles\p1m08x7a.default-release\prefs.js
C:\Users\Default\AppData\Roaming\Mozilla\Firefox\Profiles\p1m08x7a.default-release\prefs.js
C:\Users\lizen\AppData\Roaming\Mozilla\Firefox\Profiles\p1m08x7a.default-release\prefs.js
S4 edgeupdate; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc [X]
S4 edgeupdatem; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /medsvc [X]
S4 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S4 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]
2021-01-31 15:32 - 2021-02-01 10:03 - 000000000 ____D C:\ProgramData\AVG
AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Adika\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Adika\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Adika\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{a3d7e084-b0df-4d14-8e0a-27a572a6332c}\localserver32 -> "C:\Program Files\Sony\Imaging Edge Desktop\ied.exe" -ToastActivated => Keine Datei
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
CMD: ipconfig /flushdns
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: Bitsadmin /Reset /Allusers
powershell: Set-MpPreference -PUAProtection Enabled
powershell: Set-MpPreference -DisableScanningNetworkFiles 0
Hosts:
RemoveProxy:
SystemRestore: On
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{1F151E63-B099-4AEA-A772-13DE1076DDB7}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F151E63-B099-4AEA-A772-13DE1076DDB7}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\@bthpan.inf,%BthPan.DisplayName%;BluetoothDeviceBluetooth-Unterstützungsdienst => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\@bthpan.inf,%BthPan.DisplayName%;BluetoothDeviceBluetooth-Unterstützungsdienst" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8E2ACE85-D917-4720-A5B5-4B81A7AEE82C}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E2ACE85-D917-4720-A5B5-4B81A7AEE82C}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Adobe Service Hyper-V => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Service Hyper-V" => erfolgreich entfernt
C:\ProgramData\ntuser.pol => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
"C:\WINDOWS\SysWOW64\GroupPolicy\Machine" => nicht gefunden
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => erfolgreich verschoben
HKLM\SOFTWARE\Policies\Google => erfolgreich entfernt
HKLM\SOFTWARE\Policies\Mozilla => erfolgreich entfernt
HKLM\SOFTWARE\Policies\Microsoft\Edge => erfolgreich entfernt
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js => erfolgreich verschoben
C:\Program Files (x86)\nodejs => erfolgreich verschoben
HKLM\SOFTWARE\Node.js => nicht gefunden
HKLM\SOFTWARE\WOW6432Node\Node.js => erfolgreich entfernt
HKLM\SOFTWARE\Classes\Installer\Products\4D45993E1218CF443A3DFD6652D48B19 => nicht gefunden
HKLM\SOFTWARE\Classes\Installer\Products\27AC50E0DD8DF2342ACC8800434A5877 => erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D45993E1218CF443A3DFD6652D48B19 => nicht gefunden
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\27AC50E0DD8DF2342ACC8800434A5877 => erfolgreich entfernt
HKU\.DEFAULT\Software\Node.js => nicht gefunden
HKCU\SOFTWARE\Node.js => erfolgreich entfernt
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E39954D4-8121-44FC-A3D3-DF66254DB891} => nicht gefunden
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{77754e9b-264b-4d8d-b981-e4135c1ecb0c} => erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{793c9b44-3d6b-4f57-b5d7-4ff80adcf9a2} => erfolgreich entfernt
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\_V2Providers\{793c9b44-3d6b-4f57-b5d7-4ff80adcf9a2} => nicht gefunden
========= Batch: =========
========= Ende von Batch: =========
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => erfolgreich entfernt
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Genshin Impact Beta_Launcher" => erfolgreich entfernt
"HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => erfolgreich entfernt
"C:\Users\49151\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dofpbojfgicaljfmagepfkdcobbcnoii" => nicht gefunden
C:\Users\Adika\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dofpbojfgicaljfmagepfkdcobbcnoii => erfolgreich verschoben
"C:\Users\Default\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dofpbojfgicaljfmagepfkdcobbcnoii" => nicht gefunden
"C:\Users\lizen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dofpbojfgicaljfmagepfkdcobbcnoii" => nicht gefunden
C:\Users\Adika\AppData\Roaming\Mozilla\Firefox\Profiles\p1m08x7a.default-release\user.js => erfolgreich verschoben
"C:\Users\49151\AppData\Roaming\Mozilla\Firefox\Profiles\p1m08x7a.default-release\prefs.js" => nicht gefunden
C:\Users\Adika\AppData\Roaming\Mozilla\Firefox\Profiles\p1m08x7a.default-release\prefs.js => erfolgreich verschoben
"C:\Users\Default\AppData\Roaming\Mozilla\Firefox\Profiles\p1m08x7a.default-release\prefs.js" => nicht gefunden
"C:\Users\lizen\AppData\Roaming\Mozilla\Firefox\Profiles\p1m08x7a.default-release\prefs.js" => nicht gefunden
HKLM\System\CurrentControlSet\Services\edgeupdate => erfolgreich entfernt
edgeupdate => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\edgeupdatem => erfolgreich entfernt
edgeupdatem => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\gupdate => erfolgreich entfernt
gupdate => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\gupdatem => erfolgreich entfernt
gupdatem => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\cpuz149 => erfolgreich entfernt
cpuz149 => Dienst erfolgreich entfernt
C:\ProgramData\AVG => erfolgreich verschoben
C:\ProgramData => ":BDSDRMHK" ADS erfolgreich entfernt
"C:\Users\All Users" => ":BDSDRMHK" ADS nicht gefunden.
"C:\ProgramData\Anwendungsdaten" => ":BDSDRMHK" ADS nicht gefunden.
C:\Users\Public\Shared Files => ":VersionCache" ADS erfolgreich entfernt
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => erfolgreich entfernt
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => erfolgreich entfernt
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => erfolgreich entfernt
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{a3d7e084-b0df-4d14-8e0a-27a572a6332c} => erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => erfolgreich entfernt
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= Ende von CMD: =========
========= netsh winsock reset =========
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
========= Ende von CMD: =========
========= netsh advfirewall reset =========
Ok.
========= Ende von CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Ok.
========= Ende von CMD: =========
========= Bitsadmin /Reset /Allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
0 out of 0 jobs canceled.
========= Ende von CMD: =========
========= Set-MpPreference -PUAProtection Enabled =========
Set-MpPreference : A general error occurred that is not covered by a more specific error code.
At C:\FRST\tmp.ps1:1 char:1
+ Set-MpPreference -PUAProtection Enabled
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],
CimException
+ FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference
========= Ende von Powershell: =========
========= Set-MpPreference -DisableScanningNetworkFiles 0 =========
Set-MpPreference : A general error occurred that is not covered by a more specific error code.
At C:\FRST\tmp.ps1:1 char:1
+ Set-MpPreference -DisableScanningNetworkFiles 0
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],
CimException
+ FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference
========= Ende von Powershell: =========
C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
========= Ende von RemoveProxy: =========
SystemRestore: On => abgeschlossen
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 237896568 B
Java, Flash, Steam htmlcache => 412626208 B
Windows/system/drivers => 25098598 B
Edge => 50459 B
Chrome => 424442207 B
Firefox => 35111922 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 27206 B
NetworkService => 27206 B
Adika => 177131664 B
lizen => 523759930 B
49151 => 702333401 B
RecycleBin => 160346004 B
EmptyTemp: => 2.5 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 19:10:45 ====
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
durchgeführt von Adika (Administrator) auf SUHARIADIKA (Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI) (01-02-2021 19:14:49)
Gestartet von C:\Users\Adika\Desktop
Geladene Profile: Adika
Platform: Windows 10 Pro Version 1909 18363.1316 (X64) Sprache: German (Germany)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
() [Datei ist nicht signiert] C:\Program Files (x86)\RocketDock\RocketDock.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 2020 Organizer\Elements Auto Creations 2020.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Inc. -> Adobe) C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(AgileBits Inc. -> AgileBits Inc.) C:\Users\Adika\AppData\Local\1Password\app\7\1Password.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_11.6.32.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_11.6.32.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_11.6.32.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_11.6.32.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_11.6.32.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Chris Andriessen) [Datei ist nicht signiert] C:\Program Files (x86)\TaskbarX\TaskbarX.exe
(devolo AG -> devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(DREVO Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.exe
(DREVO Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\DrevoService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) INTELND1820 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\APP_Dragon_Center_Keeper.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\DragonCenter_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\Mystic_Light\LightKeeperService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\StorageMonitor\StorageMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Dragon Center\CC_Engine_x64.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_4f0927d2d65e905f\Display.NvContainer\NVDisplay.Container.exe <2>
(NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\cam_helper.exe <4>
(NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe
(NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe <5>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(ShareX Team) [Datei ist nicht signiert] C:\Program Files\ShareX\ShareX.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Swift Media Entertainment, Inc. -> Blitz, Inc.) C:\Users\Adika\AppData\Local\Programs\Blitz\Blitz.exe <13>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [MouseDriver] => TiltWheelMouse.exe
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353400 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AdobePSE18AutoAnalyzer] => C:\Program Files\Adobe\Elements 2020 Organizer\Elements Auto Creations 2020.exe [3560048 2019-08-27] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobePSE19AutoAnalyzer] => C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe [2653808 2020-11-10] (Adobe Inc. -> Adobe)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951968 2019-07-09] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5886264 2020-12-21] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-10-08] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5866032 2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-10-12] (Adobe Inc. -> )
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [110721160 2021-01-07] (NZXT, Inc. -> NZXT, Inc.)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [Discord] => C:\Users\Adika\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680712 2021-01-12] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50011008 2021-01-20] (Google LLC -> )
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [1Password] => C:\Users\Adika\AppData\Local\1Password\app\7\1Password.exe [5254480 2021-01-28] (AgileBits Inc. -> AgileBits Inc.)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [com.blitz.app] => C:\Users\Adika\AppData\Local\Programs\Blitz\Blitz.exe [108249856 2021-01-24] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [WallpaperEngine] => "D:\Games\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe" -silent
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Datei ist nicht signiert]
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [Drevo] => C:\Program Files (x86)\Drevo\Power Console\DrevoStartup.exe [113160 2018-11-23] (北京繁石简作科技有限公司 -> )
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491248 2020-12-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792272 2021-01-13] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [Snap Camera] => C:\Program Files\Snap Inc\Snap Camera\Snap Camera.exe [67068448 2020-12-04] (Snapchat Inc. (Snap Inc.) -> Snap Inc)
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\Canon PRO-100S series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCM.DLL [30208 2016-05-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor PRO-100S series: C:\Windows\system32\CNMLMCM.DLL [406528 2016-05-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor PRO-100S series XPS: C:\Windows\system32\CNMXLMCM.DLL [409088 2016-05-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-27] (Google LLC -> Google LLC)
Startup: C:\Users\Adika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2019-10-13]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2020-12-21]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02DFE4A6-FBE5-4D48-BB1C-E9AE1A196DB0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0422D8B8-11D5-4ED8-8295-1F019E5203CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {091AB4AF-27DF-4AE2-B6E3-A2E06F7A0E7B} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [227328 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert]
Task: {0D95FA99-65FF-4333-ABAC-DE08EB5C7C42} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {1374E9A4-89C4-47C0-BB85-08772DD01774} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {17F2209A-5C69-4CF0-88AA-2972454FEFA4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-14] (Adobe Inc. -> Adobe)
Task: {29401CA2-1DB0-4E4C-8CB8-E7B994DF857F} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Task: {29CD23C4-39EE-4CB1-946C-7FD06366E0EE} - System32\Tasks\AdobeAAMUpdater-1.0-SUHARIADIKA-Adika => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {3DD9B8FF-567C-423C-A61D-CCEC552E16F5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F5A7981-5FB3-4519-852F-532F94F3620A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {415AA7A9-E130-4922-82CB-3C9B2AE23F92} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4BFCC3A8-8985-49B3-87E5-1189BF3E3592} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {6182D919-AEE0-413D-A9D9-4EDE0EDBF996} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {62605863-3034-4464-9A73-F3C1E47A1794} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {68FAF41D-6088-4DAD-9FC3-BF4DBAF45830} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {829291A2-417B-4627-B1F7-058E86492927} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5332904 2021-01-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {971F0BC3-520D-4BB1-94AB-DC1E6D6ED366} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [245760 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert]
Task: {98CFDE4A-2F85-49AC-8CA0-18B69541ED5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {A6D5FBED-40D4-441A-9F5E-56E935E7CC07} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5332904 2021-01-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE49658D-EA73-494E-A1F6-6187B72B6961} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2571704 2020-02-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {B137962A-0EC3-43FE-BC2A-E011B7C43731} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B757B3FF-8488-48D7-9220-8233CB42DAE3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C0C2D390-4E30-43F3-A5F5-77D0D11E0076} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1722177080-3761313699-1016939255-1008 => C:\Users\Adika\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {C886D0E1-8F83-4482-B253-51B3351350F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {D08248F3-7F7E-40C2-B770-FD413F3AEE7F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D45F043D-8B4F-49DB-8B2E-96403B79FAC1} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Task: {D6F3F5A8-731A-4C99-A988-8A29EC633A34} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7A4DF9B-E7A1-4929-81BA-A971D15D0761} - System32\Tasks\TaskbarX => C:\Program Files (x86)\TaskbarX\TaskbarX.exe [263680 2020-04-19] (Chris Andriessen) [Datei ist nicht signiert]
Task: {DA63434C-ACC2-4D70-806B-B46267FCAF52} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {DE326016-7D96-48EC-9E13-261E227B475E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E59840D0-A67C-4B77-8A26-7C17C323E024} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA1A79D1-ECE2-4A04-83EF-582630D02A24} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1722177080-3761313699-1016939255-1002 => C:\Users\Adika\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {EA39082F-542A-403C-B64A-78824FB6C243} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1722177080-3761313699-1016939255-1005 => C:\Users\Adika\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {F03D48D5-E296-4152-9DBB-30FCA82AAD06} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F17EE1E5-3846-45FF-9BEE-CE376C2921F9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{26a7ba22-20c2-4588-ab3c-1563ae37b717}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a34ab0db-0ae4-4769-ae16-cee9001ddb96}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Profile: C:\Users\Adika\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-31]
FireFox:
========
FF DefaultProfile: eo982mlq.default
FF ProfilePath: C:\Users\Adika\AppData\Roaming\Mozilla\Firefox\Profiles\eo982mlq.default [2021-02-01]
FF ProfilePath: C:\Users\Adika\AppData\Roaming\Mozilla\Firefox\Profiles\p1m08x7a.default-release [2021-02-01]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-10-08] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-14] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-10-08] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default [2021-02-01]
CHR DownloadDir: D:\Downloads
CHR Extension: (Google Übersetzer) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-31]
CHR Extension: (Präsentationen) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-10-13]
CHR Extension: (lock) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2020-11-13]
CHR Extension: (BetterTTV) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-12-18]
CHR Extension: (Docs) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-10-13]
CHR Extension: (Google Drive) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-13]
CHR Extension: (YouTube) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-13]
CHR Extension: (uBlock Origin) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-01-10]
CHR Extension: (Adobe Acrobat) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-16]
CHR Extension: (FrankerFaceZ) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-05-09]
CHR Extension: (Tabellen) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-10-13]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-10-13]
CHR Extension: (Volume Master - Lautstärkeregler) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2020-01-31]
CHR Extension: (TTV ad-block) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kndhknfnihidhcfnaacnndbolonbimai [2020-11-28]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-13]
CHR Extension: (Chrome Media Router) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR Extension: (Batch Media Saver from Instagram™) - C:\Users\Adika\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmnmnpijgncjompjiccojbccinacefh [2019-10-13]
CHR HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-10-08] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-21] (BattlEye Innovations e.K. -> )
R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe [534664 2021-01-07] (NZXT, Inc. -> )
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [595720 2019-09-04] (cFos Software GmbH -> cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [6189232 2019-11-15] (devolo AG -> devolo AG)
R2 DragonCenter_Service; C:\Program Files (x86)\MSI\Dragon Center\DragonCenter_Service.exe [142512 2019-08-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2020-12-25] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [143072 2019-12-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [Datei ist nicht signiert]
S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [562848 2020-08-06] (Gameforge 4D GmbH -> )
S2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10897296 2021-01-13] (Logitech Inc -> Logitech, Inc.)
R2 LightKeeperService; C:\Program Files (x86)\MSI\Dragon Center\Mystic_Light\LightKeeperService.exe [81552 2020-04-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [446600 2020-01-08] (Logitech Inc -> Logitech)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [119808 2019-11-21] (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2506544 2020-02-04] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3429176 2020-02-04] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6264144 2021-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5886264 2020-12-21] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10091440 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_4f0927d2d65e905f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_4f0927d2d65e905f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1601312 2019-09-03] (cFos Software GmbH -> cFos Software GmbH)
R3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2021-02-01] (CPUID S.A.R.L.U. -> CPUID)
S3 CY3014.X64; C:\WINDOWS\system32\DRIVERS\CY3014.X64.SYS [3717608 2018-10-18] (Elgato Systems LLC -> )
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-01] (Malwarebytes Corporation -> Malwarebytes)
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2019-10-04] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 goxlr_audio; C:\WINDOWS\System32\drivers\goxlr_audio.sys [374768 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 goxlr_audioks; C:\WINDOWS\System32\drivers\goxlr_audioks.sys [53744 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 GVCIDrv; C:\Program Files (x86)\Gigabyte\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\73248\driver_cpu_temperature\logi_core_temp.sys [25448 2021-01-13] (Logitech Inc. -> Logitech)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [52832 2020-02-19] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 logi_audio_surround; C:\WINDOWS\system32\drivers\logi_audio_surround.sys [44088 2020-10-12] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2019-10-22] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [26672 2020-05-22] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2019-10-22] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220600 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-01] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142440 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 NAL; C:\WINDOWS\system32\Drivers\iqvw64e.sys [58520 2019-10-04] (Intel(R) INTELND1820 -> Intel Corporation)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2020-12-21] (SoftEther Corporation -> SoftEther Corporation)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2019-11-15] (devolo AG -> Riverbed Technology, Inc.)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [134120 2018-02-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5782360 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-12-11] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-02-01 19:14 - 2021-02-01 19:15 - 000038606 _____ C:\Users\Adika\Desktop\FRST.txt
2021-02-01 19:13 - 2021-02-01 19:13 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-01 19:13 - 2021-02-01 19:13 - 000142440 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-01 19:13 - 2021-02-01 19:13 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-02-01 19:13 - 2021-02-01 19:13 - 000000008 __RSH C:\ProgramData\ntuser.pol
2021-02-01 19:10 - 2021-02-01 19:10 - 000016074 _____ C:\Users\Adika\Desktop\Fixlog.txt
2021-02-01 19:09 - 2021-02-01 10:36 - 002297856 _____ (Farbar) C:\Users\Adika\Desktop\FRST64.exe
2021-02-01 10:36 - 2021-02-01 19:15 - 000000000 ____D C:\FRST
2021-02-01 10:18 - 2021-02-01 10:18 - 000220600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-01 10:01 - 2021-02-01 10:02 - 000000000 ____D C:\AdwCleaner
2021-02-01 09:59 - 2021-02-01 09:59 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-01 09:59 - 2021-02-01 09:59 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-01 09:59 - 2021-02-01 09:59 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-02-01 09:59 - 2021-02-01 09:59 - 000001981 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-02-01 09:59 - 2021-02-01 09:59 - 000000000 ____D C:\Users\Adika\AppData\Local\mbam
2021-02-01 09:59 - 2021-02-01 09:58 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-02-01 09:59 - 2021-02-01 09:58 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-02-01 09:58 - 2021-02-01 09:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-01 09:58 - 2021-02-01 09:58 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-01 08:10 - 2021-02-01 08:16 - 000000000 ____D C:\Users\Adika\Desktop\Wordpress JPG
2021-02-01 03:44 - 2021-02-01 03:44 - 000000000 ____D C:\Users\Adika\Desktop\Atelier
2021-01-31 16:14 - 2021-01-31 16:14 - 000000000 ____D C:\Users\Adika\Documents\My Games
2021-01-31 15:32 - 2021-02-01 19:15 - 000000000 ____D C:\Program Files\CCleaner
2021-01-31 15:32 - 2021-01-31 15:32 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-31 15:32 - 2021-01-31 15:32 - 000002880 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-31 15:32 - 2021-01-31 15:32 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-01-31 15:32 - 2021-01-31 15:32 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-01-31 15:32 - 2021-01-31 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-01-29 04:54 - 2021-01-29 04:54 - 000000000 ____D C:\Users\Adika\AppData\Roaming\npm
2021-01-26 15:46 - 2021-01-26 16:02 - 000000000 ____D C:\Users\Adika\Desktop\Jobcenter Teil 2
2021-01-23 21:58 - 2021-01-23 21:58 - 002628619 _____ C:\Users\Adika\Desktop\Leri - Bruh.psd
2021-01-23 03:09 - 2021-01-23 07:48 - 000000000 ____D C:\Users\Adika\Desktop\WOHNUNG
2021-01-23 02:52 - 2021-01-23 02:53 - 000000000 ____D C:\Users\Adika\Desktop\umsaetze
2021-01-23 02:43 - 2021-01-23 02:43 - 000100331 _____ C:\Users\Adika\Desktop\Umsaetze_KtoNr202069100_EUR_23-01-2021_0241.pdf
2021-01-23 02:40 - 2021-01-23 02:41 - 000927480 _____ C:\Users\Adika\Desktop\Umsätze & Digitales Haushaltsbuch - Commerzbank.pdf
2021-01-23 01:15 - 2021-01-23 01:15 - 000527770 _____ C:\Users\Adika\Desktop\checks-2-6WMIP5PG75234-2.pdf
2021-01-23 01:12 - 2021-01-23 01:12 - 000673568 _____ C:\Users\Adika\Desktop\2021-01-17_SelbstauskunftMietinteressent.pdf
2021-01-22 22:14 - 2021-01-22 22:14 - 000000222 _____ C:\Users\Adika\Desktop\Path of Exile.url
2021-01-20 14:07 - 2021-01-20 14:07 - 000000000 ____D C:\Users\49151\AppData\Local\OneDrive
2021-01-20 12:32 - 2021-01-20 13:33 - 000000000 ____D C:\Users\Adika\Desktop\Roborock S5 Max
2021-01-19 06:15 - 2021-01-19 06:16 - 000000000 ____D C:\Users\Adika\Desktop\KFW Corona Antrag
2021-01-18 16:45 - 2021-01-18 16:45 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2020.lnk
2021-01-18 16:41 - 2021-01-18 16:41 - 000001085 _____ C:\Users\Adika\Desktop\Adobe Lightroom Classic.lnk
2021-01-18 16:41 - 2021-01-18 16:41 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2021-01-18 16:38 - 2021-01-18 16:38 - 000001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2021.lnk
2021-01-18 16:36 - 2021-01-18 16:36 - 000001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2020.lnk
2021-01-18 16:31 - 2021-01-18 16:31 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2021-01-18 16:26 - 2021-01-18 16:26 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-01-18 11:32 - 2021-01-18 11:32 - 000154918 _____ C:\Users\Adika\Desktop\suhariadika Mail - Bescheid zu dem Antrag AWDHR2-568.pdf
2021-01-17 20:18 - 2021-01-17 20:18 - 000194050 _____ C:\Users\Adika\Desktop\Druckansicht.pdf
2021-01-17 20:15 - 2021-01-17 20:15 - 000153886 _____ C:\Users\Adika\Desktop\Umsaetze_KtoNr202069100_EUR_17-01-2021_2015.pdf
2021-01-16 21:32 - 2021-01-16 21:32 - 000000222 _____ C:\Users\Adika\Desktop\Golf It!.url
2021-01-16 19:37 - 2021-01-16 19:37 - 000000000 ____D C:\Users\Adika\Desktop\e-scorts.gg
2021-01-15 16:54 - 2021-01-18 21:06 - 000000000 ____D C:\Users\Adika\Desktop\Strafverfahren
2021-01-15 16:31 - 2021-01-15 16:31 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2021-01-15 16:31 - 2021-01-15 16:31 - 000000650 _____ C:\ProgramData\Desktop\Logitech G HUB.lnk
2021-01-15 16:31 - 2021-01-15 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-01-15 16:31 - 2021-01-15 16:31 - 000000000 ____D C:\Program Files\LGHUB
2021-01-15 09:56 - 2021-01-15 10:05 - 006736928 _____ C:\Users\Adika\Desktop\Lebenslauf - Adika Suhari.psd
2021-01-15 07:25 - 2021-01-18 12:44 - 000000000 ____D C:\Users\Adika\Desktop\Antrag - Corona
2021-01-15 06:38 - 2021-01-15 06:38 - 000000000 ____D C:\Users\Adika\Desktop\kamerajaeger
2021-01-14 23:17 - 2021-01-14 23:17 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-14 23:17 - 2021-01-14 23:17 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-14 23:17 - 2021-01-14 23:17 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-14 23:17 - 2021-01-14 23:17 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-14 23:17 - 2021-01-14 23:17 - 000502784 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-14 23:17 - 2021-01-14 23:17 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-14 23:17 - 2021-01-14 23:17 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-14 23:17 - 2021-01-14 23:17 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-14 23:17 - 2021-01-14 23:17 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-14 23:17 - 2021-01-14 23:17 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-14 23:17 - 2021-01-14 23:17 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-14 23:17 - 2021-01-14 23:17 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-14 23:17 - 2021-01-14 23:17 - 000151040 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-14 23:17 - 2021-01-14 23:17 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-14 23:17 - 2021-01-14 23:17 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-14 23:17 - 2021-01-14 23:17 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-14 23:17 - 2021-01-14 23:17 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-14 23:17 - 2021-01-14 23:17 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-14 23:17 - 2021-01-14 23:17 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-14 23:17 - 2021-01-14 23:17 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-14 23:17 - 2021-01-14 23:17 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-14 23:17 - 2021-01-14 23:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-14 23:16 - 2021-01-14 23:16 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-14 23:16 - 2021-01-14 23:16 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-14 23:16 - 2021-01-14 23:16 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-14 23:16 - 2021-01-14 23:16 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-14 23:16 - 2021-01-14 23:16 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-14 23:16 - 2021-01-14 23:16 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-14 23:16 - 2021-01-14 23:16 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-14 23:16 - 2021-01-14 23:16 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-14 23:16 - 2021-01-14 23:16 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-14 21:39 - 2021-01-15 06:19 - 000000000 ____D C:\Users\Adika\AppData\Roaming\youtube-dlg
2021-01-14 21:39 - 2021-01-14 21:39 - 000001131 _____ C:\Users\Public\Desktop\Youtube-DLG.lnk
2021-01-14 21:39 - 2021-01-14 21:39 - 000001131 _____ C:\ProgramData\Desktop\Youtube-DLG.lnk
2021-01-14 21:39 - 2021-01-14 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube-DLG
2021-01-14 21:39 - 2021-01-14 21:39 - 000000000 ____D C:\Program Files (x86)\Youtube-DLG
2021-01-14 21:39 - 2021-01-14 21:18 - 2807262288 _____ C:\Users\Adika\Desktop\LIVE PHOTO RETOUCHING! Photoshop _ Lightroom.mp4
2021-01-13 06:14 - 2021-01-13 06:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snap Inc
2021-01-13 06:14 - 2021-01-13 06:14 - 000000000 ____D C:\Program Files\Snap Inc
2021-01-13 06:14 - 2020-10-12 20:08 - 002800232 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\SnapCameraVirtualDevice.sys
2021-01-12 09:46 - 2021-01-15 16:39 - 000000000 ____D C:\Users\Adika\Desktop\Shooting - Michelle
2021-01-11 17:45 - 2021-01-11 17:45 - 000489843 _____ C:\Users\Adika\Desktop\Hochzeitsjubel - Logo.psd
2021-01-10 18:11 - 2021-01-19 05:47 - 000000623 _____ C:\Users\49151\Desktop\TEXTVORLAGE.txt
2021-01-10 18:08 - 2021-01-10 18:08 - 000128902 _____ C:\Users\49151\Downloads\Rahmalia-Script-1249613-GraphicEx.com.zip
2021-01-10 14:57 - 2021-01-10 14:57 - 132001853 _____ C:\Users\Adika\Desktop\Fiverr - Test Order.psd
2021-01-10 14:11 - 2021-01-10 14:11 - 001046106 _____ C:\Users\Adika\Desktop\Portrait ALL.jfif
2021-01-10 04:49 - 2021-01-10 04:49 - 000029190 _____ C:\Users\Adika\Desktop\Finanzuebersicht_10-01-2021_0448.pdf
2021-01-09 16:22 - 2021-01-09 16:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-08 20:36 - 2021-01-08 20:36 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk
2021-01-07 09:20 - 2021-01-30 05:05 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-06 08:50 - 2021-01-15 12:24 - 000000000 ____D C:\Users\Adika\Desktop\Freepik
2021-01-06 03:51 - 2021-01-06 03:51 - 000000000 ____D C:\Users\49151\AppData\Local\cache
2021-01-06 03:50 - 2021-01-06 03:51 - 000000000 ____D C:\Users\49151\AppData\Local\DxO
2021-01-06 02:21 - 2021-01-06 02:21 - 000000095 _____ C:\Users\Adika\Desktop\CODES.txt
2021-01-05 22:43 - 2021-01-06 00:47 - 000000000 ____D C:\Users\Adika\Desktop\Maike Geburtstag
2021-01-05 22:14 - 2021-01-05 22:15 - 000000000 ____D C:\ProgramData\DxO
2021-01-05 22:14 - 2021-01-05 22:14 - 000000000 ____D C:\ProgramData\Reprise
2021-01-05 22:14 - 2021-01-05 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nik Collection
2021-01-05 22:14 - 2021-01-05 22:14 - 000000000 ____D C:\ProgramData\DxO Labs
2021-01-05 22:14 - 2021-01-05 22:14 - 000000000 ____D C:\Program Files\DxO
2021-01-05 22:13 - 2021-01-05 22:38 - 000000000 ____D C:\Users\Adika\AppData\Local\DxO
2021-01-04 10:41 - 2021-01-04 10:41 - 000000000 ____D C:\Users\Adika\.jes
2021-01-04 10:41 - 2021-01-04 10:41 - 000000000 ____D C:\Program Files\ojdkbuild
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-02-01 19:15 - 2020-01-21 11:23 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Blitz
2021-02-01 19:15 - 2019-10-04 17:21 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-01 19:14 - 2020-08-06 17:27 - 000000000 ____D C:\Users\Adika\AppData\Local\LGHUB
2021-02-01 19:14 - 2019-10-13 16:19 - 000000000 ___RD C:\Users\Adika\Creative Cloud Files
2021-02-01 19:14 - 2019-10-13 04:25 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Discord
2021-02-01 19:13 - 2020-12-21 10:21 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2021-02-01 19:13 - 2020-10-31 19:29 - 000000000 ___RD C:\Users\Adika\iCloudDrive
2021-02-01 19:13 - 2019-11-25 05:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-01 19:13 - 2019-10-13 05:00 - 000000000 ____D C:\Users\Adika\AppData\Local\CrashDumps
2021-02-01 19:13 - 2019-10-13 04:36 - 000000000 ____D C:\Users\Adika\AppData\Roaming\LGHUB
2021-02-01 19:13 - 2019-10-04 17:40 - 000000000 ____D C:\Users\Adika\AppData\Roaming\NZXT CAM
2021-02-01 19:13 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-01 19:12 - 2020-04-07 19:17 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-02-01 19:12 - 2019-03-19 05:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-02-01 19:10 - 2019-10-04 17:20 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-01 19:10 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-02-01 19:10 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-02-01 18:51 - 2019-11-25 05:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-01 10:23 - 2020-06-15 14:29 - 000000000 ____D C:\Users\Adika\AppData\LocalLow\Mozilla
2021-02-01 10:14 - 2019-10-04 17:29 - 000000000 ____D C:\Users\Adika\AppData\Local\D3DSCache
2021-02-01 10:09 - 2019-11-25 05:52 - 001723292 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-01 10:09 - 2019-03-19 13:16 - 000741728 _____ C:\WINDOWS\system32\perfh007.dat
2021-02-01 10:09 - 2019-03-19 13:16 - 000149880 _____ C:\WINDOWS\system32\perfc007.dat
2021-02-01 10:09 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-02-01 10:03 - 2019-10-13 04:14 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-01 09:59 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-01 09:48 - 2019-11-01 00:27 - 000001456 _____ C:\Users\Adika\AppData\Local\Adobe Save for Web 13.0 Prefs
2021-02-01 08:10 - 2019-10-18 01:57 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beamr Imaging
2021-02-01 07:46 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-01 07:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-01 04:10 - 2019-10-13 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-01 03:43 - 2020-12-18 02:13 - 000000000 ____D C:\Users\Adika\Desktop\Hochzeit
2021-02-01 03:43 - 2020-04-27 05:28 - 000000000 ____D C:\Users\Adika\Desktop\Misc
2021-02-01 03:39 - 2020-10-21 06:13 - 000000000 ____D C:\Users\Adika\Desktop\Versandmarken
2021-01-31 21:54 - 2019-10-13 16:17 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-31 15:35 - 2019-11-25 05:50 - 000000000 ____D C:\WINDOWS\minidump
2021-01-31 15:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-31 00:30 - 2019-10-13 16:04 - 000000000 ____D C:\ProgramData\Riot Games
2021-01-29 18:22 - 2019-10-04 17:02 - 000000000 ____D C:\Users\Adika\AppData\Local\Packages
2021-01-29 17:21 - 2019-11-25 04:15 - 000000000 ____D C:\Users\Adika\AppData\Local\ElevatedDiagnostics
2021-01-29 05:04 - 2020-07-13 16:58 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-29 05:04 - 2020-07-13 16:58 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-29 05:04 - 2019-11-25 05:50 - 000003618 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-29 05:04 - 2019-11-25 05:50 - 000003394 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-29 04:25 - 2021-01-01 18:10 - 000000000 ___RD C:\Users\49151\Creative Cloud Files
2021-01-28 20:15 - 2019-10-20 00:38 - 000001365 _____ C:\Users\Adika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1Password.lnk
2021-01-28 20:15 - 2019-10-20 00:38 - 000000000 ____D C:\Users\Adika\AppData\Local\1Password
2021-01-28 18:45 - 2020-07-13 16:59 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-28 16:54 - 2020-02-07 00:59 - 000000000 ____D C:\Users\Adika\AppData\Local\log
2021-01-28 01:45 - 2020-06-02 11:20 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-01-27 22:27 - 2019-10-13 04:14 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-26 21:27 - 2019-10-19 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-01-24 21:54 - 2019-10-13 17:25 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-24 15:06 - 2020-04-22 13:02 - 000000000 ____D C:\Program Files\SteelSeries
2021-01-24 12:33 - 2019-10-17 22:36 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-22 16:39 - 2019-10-13 22:53 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-19 11:01 - 2020-05-08 06:05 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Apple Computer
2021-01-19 08:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-18 17:18 - 2020-12-18 10:33 - 000000000 ___RD C:\Users\49151\3D Objects
2021-01-18 17:18 - 2019-11-25 05:48 - 000000000 ____D C:\Users\Adika
2021-01-18 17:18 - 2019-10-04 17:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-18 16:45 - 2019-10-13 16:16 - 000000000 ____D C:\Program Files\Adobe
2021-01-18 16:31 - 2019-10-13 16:26 - 000000000 ____D C:\Users\Public\Documents\Adobe
2021-01-17 21:57 - 2020-06-02 11:18 - 000001639 _____ C:\Users\Adika\Desktop\VALORANT.lnk
2021-01-17 16:47 - 2019-10-13 04:52 - 000000000 ____D C:\Users\Adika\AppData\Local\Battle.net
2021-01-17 10:09 - 2019-11-02 16:31 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Electrum
2021-01-16 20:58 - 2020-04-27 18:41 - 000001693 _____ C:\Users\Adika\Desktop\LEAGUE OF LEGENDS.lnk
2021-01-15 16:30 - 2019-10-04 17:02 - 000000000 ___RD C:\Users\Adika\3D Objects
2021-01-15 16:28 - 2019-11-25 05:46 - 000450544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-15 16:27 - 2019-11-25 05:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-01-15 16:27 - 2019-03-19 13:19 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 16:27 - 2019-03-19 13:19 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-15 16:27 - 2019-03-19 13:19 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-15 16:27 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-15 12:52 - 2020-10-26 16:52 - 000000000 ____D C:\Users\Adika\Desktop\Fiverr
2021-01-14 23:20 - 2019-10-14 23:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-14 23:20 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-14 23:18 - 2019-10-14 23:17 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-14 23:16 - 2019-11-25 05:50 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 17:01 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-13 12:56 - 2019-10-13 04:50 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-01-10 17:39 - 2019-10-04 17:02 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Adobe
2021-01-10 04:57 - 2020-12-18 10:33 - 000000000 ____D C:\Users\49151\AppData\Local\NVIDIA Corporation
2021-01-10 04:56 - 2019-10-13 17:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-09 16:22 - 2019-10-13 17:25 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-08 20:37 - 2019-10-13 16:16 - 000000000 ____D C:\ProgramData\Adobe
2021-01-08 20:36 - 2019-10-13 16:16 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-01-08 20:34 - 2019-10-04 17:40 - 000000000 ____D C:\Program Files\NZXT CAM
2021-01-07 19:49 - 2019-10-25 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-06 09:28 - 2020-01-29 00:04 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-01-05 15:46 - 2020-09-13 05:58 - 000001110 _____ C:\Users\Adika\Desktop\Electrum.lnk
2021-01-05 15:46 - 2019-10-13 22:08 - 000000000 ____D C:\Users\Adika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum
2021-01-05 15:46 - 2019-10-13 22:08 - 000000000 ____D C:\Program Files (x86)\Electrum
2021-01-02 07:51 - 2020-12-15 21:49 - 000000000 ____D C:\Users\Adika\Desktop\STEALTH
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2019-11-01 00:27 - 2021-02-01 09:48 - 000001456 _____ () C:\Users\Adika\AppData\Local\Adobe Save for Web 13.0 Prefs
2020-05-16 14:35 - 2020-05-16 20:20 - 000042164 _____ () C:\Users\Adika\AppData\Local\krita.log
2020-05-16 20:20 - 2020-05-16 20:20 - 000000060 _____ () C:\Users\Adika\AppData\Local\kritadisplayrc
2020-05-16 14:35 - 2020-05-16 20:20 - 000016177 _____ () C:\Users\Adika\AppData\Local\kritarc
2019-10-13 16:16 - 2019-10-13 16:16 - 000000410 _____ () C:\Users\Adika\AppData\Local\oobelibMkey.log
2020-05-21 23:22 - 2020-08-15 20:03 - 000003094 _____ () C:\Users\Adika\AppData\Local\PlariumPlay.log
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
01.02.2021, 19:21
| #6 |
| | Audacity.de - Izito & Zapmeta in den Suchmaschinen im Browser Addition Logs: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-01-2021
durchgeführt von Adika (01-02-2021 19:16:03)
Gestartet von C:\Users\Adika\Desktop
Windows 10 Pro Version 1909 18363.1316 (X64) (2019-11-25 04:50:41)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Aadko (S-1-5-21-1722177080-3761313699-1016939255-1008 - Limited - Enabled) => C:\Users\49151
Adika (S-1-5-21-1722177080-3761313699-1016939255-1001 - Administrator - Enabled) => C:\Users\Adika
Administrator (S-1-5-21-1722177080-3761313699-1016939255-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1722177080-3761313699-1016939255-503 - Limited - Disabled)
Gast (S-1-5-21-1722177080-3761313699-1016939255-501 - Limited - Disabled)
lizen (S-1-5-21-1722177080-3761313699-1016939255-1002 - Limited - Enabled) => C:\Users\lizen
WDAGUtilityAccount (S-1-5-21-1722177080-3761313699-1016939255-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1Password (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\1Password) (Version: 7.6.791 - AgileBits Inc.)
7-Zip 19.02 alpha (x64) (HKLM\...\7-Zip) (Version: 19.02 alpha - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_6) (Version: 17.6 - Adobe Inc.)
Adobe Bridge 2021 (HKLM-x32\...\KBRG_11_0_1) (Version: 11.0.1 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.1.470 - Adobe Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_1) (Version: 25.1 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_0_1) (Version: 16.0.1 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_4_1) (Version: 4.1 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_1_1) (Version: 10.1 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_8) (Version: 14.8 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_1_1) (Version: 22.1.1.138 - Adobe Inc.)
Adobe Photoshop Elements 2020 (HKLM-x32\...\PSE_18_0) (Version: 18.0 - Adobe Inc.)
Adobe Photoshop Elements 2021 (HKLM-x32\...\PSE_19_0) (Version: 19.0 - Adobe Inc.)
Adobe Premiere Elements 2021 (HKLM-x32\...\PRE_19_0) (Version: 19.0 - Adobe Inc.)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_8) (Version: 14.8 - Adobe Inc.)
Albion Online (HKLM-x32\...\SandboxAlbionOnline) (Version: - Sandbox Interactive GmbH)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.2.3 - Electronic Arts, Inc.)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.19.1021.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.19.1021.1 - GIGABYTE)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Backup and Sync from Google (HKLM\...\{00BA5D43-DC76-4DF2-A38C-5D3B8FABF5E4}) (Version: 3.54.3529.0458 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blitz 1.13.83 (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.13.83 - Blitz, Inc.)
Call of Duty Black Ops Cold War (HKLM-x32\...\Call of Duty Black Ops Cold War) (Version: - Blizzard Entertainment)
Call of Duty Black Ops Cold War Beta (HKLM-x32\...\Call of Duty Black Ops Cold War Beta) (Version: - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Canon PRO-100S series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_PRO-100S_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
cFosSpeed 10.51 (HKLM\...\cFosSpeed) (Version: 10.51 - cFos Software GmbH, Bonn)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 5.1.1.0 - devolo AG)
Discord (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dragon Center (HKLM-x32\...\{B252FABF-9582-4824-B02B-6D2DC93685C7}}_is1) (Version: 1.0.0.67 - MSI)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.19.1205.1 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.19.1205.1 - GIGABYTE)
Electrum (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Electrum) (Version: 4.0.9 - Electrum Technologies GmbH)
Elgato Video Capture (HKLM-x32\...\{E29D0CAD-C1B2-49E5-BAE1-AB75461109A3}) (Version: 1.15.2.119 - Elgato Systems GmbH)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.0.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{B380DBDE-BA95-481B-92E9-52F2E5E84F24}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{adbc3d98-57f2-4d68-b155-138f8fb0f73d}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{26b207d1-1f37-4df9-8b3f-aeebbca6bb85}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{422FC196-EA1D-448E-A505-BC7DFC21C880}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Gameforge Client (HKLM-x32\...\{d3b2a0c1-f0d0-4888-ae0b-1c5e1febdafb}_is1) (Version: 2.1.12.165 - Gameforge)
Genshin Impact (HKLM\...\Genshin Impact Beta) (Version: 2.3.3.0 - miHoYo Co.,Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1202.1 - GIGABYTE)
iCloud Outlook (HKLM\...\{58EF239A-565E-4854-9769-DE7BB82ED781}) (Version: 11.4.0.12 - Apple Inc.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1916.12.0.1263 - Intel Corporation)
Intel(R) Network Connections 23.5.0.0 (HKLM\...\PROSetDX) (Version: 23.5.0.0 - Intel)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{3d2240de-3c21-4e14-84b3-1c6cd02bfab4}) (Version: 10.1.17969.8134 - Intel(R) Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{074dda6c-5a4a-455e-8a99-09de068e0771}) (Version: 21.40.1 - Intel Corporation)
JPEGminiPro (HKLM-x32\...\{FE484208-1913-4A76-97B9-325BBF338D84}) (Version: 2.1.0.2 - Beamr Imaging Ltd)
Krita (x64) 4.2.7.1 (HKLM\...\Krita_x64) (Version: 4.2.7.1 - Krita Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Legends of Runeterra (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Riot Game bacon.live) (Version: - Riot Games, Inc)
Logitech Capture (HKLM\...\Capture) (Version: 2.00.226 - Logitech)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: - Logitech)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Maxon Cinema 4D 22 (HKLM\...\Maxon Cinema 4D S22) (Version: S22 - Maxon)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Metin2 de-DE (HKLM-x32\...\{fab180a3-cd65-4b7e-bd0e-2ef77fd0c258.de-DE}) (Version: - Gameforge)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.53 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 84.0.2 (x64 en-US)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.3 - Mozilla)
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 3.3.0 - DxO)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
NZXT CAM 4.18.1 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.18.1 - NZXT, Inc.)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
OpenJDK 1.8.0_275-1-ojdkbuild (HKLM\...\{DA310B25-AB91-41D2-8BAE-E2220FD18DFB}) (Version: 1.8.2751.1 - ojdkbuild open-source project)
Origin (HKLM-x32\...\Origin) (Version: 10.5.63.37653 - Electronic Arts, Inc.)
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
Power Console (HKLM-x32\...\Power Console) (Version: 1.1.0.40 - DREVO Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.20.0330.2 - GIGABYTE)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
RivaTuner Statistics Server 7.2.2 (HKLM-x32\...\RTSS) (Version: 7.2.2 - Unwinder)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.1.0.170 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{bfb0503a-76b9-415a-b0a3-dd55d2a01ebe}) (Version: 3.0.0.1802 - Samsung Electronics)
Samsung NVM Express Driver 3.0.0.1802 (HKLM\...\{92729760-681A-42A2-A101-1098CAB4DEC1}) (Version: 3.0.0.1802 - Samsung Electronics Co., Ltd) Hidden
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.4.0 - ShareX Team)
Sky Ticket 8.2.0.0 (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\com.bskyb.skyticket_is1) (Version: 8.2.0.0 - Sky Ticket)
Snap Camera 1.11.0 (HKLM-x32\...\{024A6CF5-627D-497F-980B-B9A6EC5C40AF}_is1) (Version: 1.11.0 - Snap Inc.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.34.9745 - SoftEther VPN Project)
Spark AR Studio (HKLM\...\{489436BA-8B71-4F2A-81B8-F5C3EE2E5ABD}) (Version: 73.0.10 - Facebook Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 20.12.9.680 - StreamElements)
Streamlabs OBS 0.17.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.17.1 - General Workings, Inc.)
TaskbarX (HKLM-x32\...\TaskbarX) (Version: 1.5.4.0 - Chris Andriessen)
Twitch (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
VALORANT (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Video Capture v7.07.0.127 (HKLM-x32\...\Software_Elgato_Video Capture) (Version: 7.07.0.127 - Elgato Systems)
WhatsApp (HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\WhatsApp) (Version: 2.2041.6 - WhatsApp)
WISO steuer:Sparbuch 2020 (HKLM-x32\...\{FE6E838C-1CA4-4718-8BDD-F1CD1D218138}) (Version: 27.07.1862 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2021 (HKLM-x32\...\{9C427D3E-0128-4A2A-A4F0-AA7551669B74}) (Version: 28.02.1932 - Buhl Data Service GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
Youtube-DLG version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-10-14] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-11] (Adobe Systems Incorporated)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-06-14] (Canon Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_11.6.32.0_x86__nzyj5cx40ttqa [2020-12-31] (Apple Inc.) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-18] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-13] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-20] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-13] (Microsoft Corporation)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.32861.0_x64__8wekyb3d8bbwe [2020-10-23] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-10-04] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0 [2021-01-29] (Spotify AB) [Startup Task]
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32 -> C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2021}\localserver32 -> C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-682CDB814D0D} -> [Creative Cloud Files] => C:\Users\Adika\Creative Cloud Files [2019-10-13 16:19]
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{20462679-09B6-4CBB-A886-8BECE9C20C8F} -> [iCloud Photos] => C:\Users\Adika\Pictures\iCloud Photos\Photos [2020-10-31 19:30]
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{6FF2D3A9-DAFA-4513-98A5-A744E0929935} -> [iCloud Drive] => C:\Users\Adika\iCloudDrive [2020-10-31 19:29]
CustomCLSID: HKU\S-1-5-21-1722177080-3761313699-1016939255-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_4f0927d2d65e905f\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-12-09] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-01] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Adika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Adika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disable-features=RendererCodeIntegrity
ShortcutWithArgument: C:\Users\Adika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disable-features=RendererCodeIntegrity
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-04-23 02:47 - 2021-01-24 08:55 - 000415232 _____ () [Datei ist nicht signiert] \\?\C:\Users\Adika\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\node_modules\leveldown\prebuilds\win32-ia32\node.napi.node
2020-04-29 15:25 - 2020-04-29 15:25 - 000117248 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.Config.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000017920 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.Downloader.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000029184 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.DriverComm.dll
2020-04-29 15:26 - 2020-04-29 15:26 - 000035328 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.Framework.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000013312 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.HookService.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000018944 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.Logger.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 001036800 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.MacroService.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000007680 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.MsgHook.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000137216 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.NetComm.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000069120 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.NetWork.dll
2020-04-29 15:26 - 2020-04-29 15:26 - 000956928 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.Service.dll
2020-04-29 15:26 - 2020-04-29 15:26 - 001447936 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.StartupMgrDlg.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000959488 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.StatisticalServer.dll
2020-04-29 15:25 - 2020-04-29 15:25 - 000023040 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.UpdateService.dll
2020-04-29 15:26 - 2020-04-29 15:26 - 001025024 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\FSUI.dll
2020-04-26 01:36 - 2007-09-02 12:57 - 000069632 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\RocketDock\RocketDock.dll
2020-12-16 21:02 - 2021-01-07 20:39 - 002772480 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\ffmpeg.dll
2020-12-16 21:02 - 2021-01-07 20:39 - 000379904 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\libegl.dll
2020-12-16 21:02 - 2021-01-07 20:39 - 007863296 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\libglesv2.dll
2020-04-08 01:55 - 2021-01-24 08:55 - 002567680 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Programs\Blitz\ffmpeg.dll
2020-04-08 01:55 - 2021-01-24 08:55 - 000359424 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Programs\Blitz\libegl.dll
2020-04-08 01:55 - 2021-01-24 08:55 - 006615552 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Programs\Blitz\libglesv2.dll
2021-02-01 19:13 - 2021-02-01 19:13 - 000114176 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\_ctypes.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000172544 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\_elementtree.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 002255872 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\_hashlib.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000032256 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\_multiprocessing.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000046080 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\_psutil_windows.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000047616 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\_socket.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 002824704 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\_ssl.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000026112 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\_yappi.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000080896 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\bz2.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000015872 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\common.time34.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000007680 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\hashobjs_ext.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000301568 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\PIL._imaging.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000168448 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\pyexpat.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 001084416 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\pysqlite2._sqlite.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000548864 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\pythoncom27.dll
2021-02-01 19:13 - 2021-02-01 19:13 - 000137728 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\pywintypes27.dll
2021-02-01 19:13 - 2021-02-01 19:13 - 000010752 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\select.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000020992 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\thumbnails_ext.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000689664 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\unicodedata.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000119808 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\usb_ext.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000128512 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\win32api.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000438784 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\win32com.shell.shell.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000011776 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\win32crypt.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000023040 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\win32event.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000149504 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\win32file.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000223232 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\win32gui.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000048128 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\win32inet.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000029696 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\win32pdh.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000027648 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\win32pipe.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000044032 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\win32process.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000020480 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\win32profile.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000136192 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\win32security.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000026624 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\win32ts.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\windows.conditional.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000037888 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\windows.connectivity.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000071680 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\windows.device_monitor.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000103936 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\windows.volumes.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000019968 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\windows.winwrap.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 001325056 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\wx._controls_.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 001489408 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\wx._core_.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 001007104 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\wx._gdi_.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000103424 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\wx._html2.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 000916992 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\wx._misc_.pyd
2021-02-01 19:13 - 2021-02-01 19:13 - 001039872 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\wx._windows_.pyd
2021-02-01 19:15 - 2021-02-01 19:15 - 000064512 _____ () [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\cr_sdk_temp_00017086.tmp
2019-08-27 12:36 - 2019-08-27 12:36 - 002534400 _____ (Apache Software Foundation) [Datei ist nicht signiert] C:\Program Files\Adobe\Elements 2020 Organizer\xerces-c_3_1.dll
2021-01-08 20:34 - 2021-01-07 20:39 - 001818112 _____ (CPUID) [Datei ist nicht signiert] C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\cam_helper\cpuidsdk64.dll
2019-06-14 08:15 - 2019-06-14 08:15 - 000022528 _____ (Drevo Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Drevo\Power Console\Drevo.BatteryService.dll
2019-04-15 15:24 - 2019-04-15 15:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\yccV2.dll
2021-02-01 19:13 - 2021-02-01 19:13 - 003043328 _____ (Python Software Foundation) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\python27.dll
2021-01-08 20:34 - 2021-01-07 20:39 - 000083456 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\nzxt-device\SiUSBXp64.dll
2019-10-19 02:53 - 2019-10-19 02:53 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-10-19 02:53 - 2019-10-19 02:53 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2019-10-19 02:53 - 2019-10-19 02:53 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-02-17 01:15 - 2019-10-19 02:53 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-02-17 01:15 - 2019-10-19 02:53 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-02-17 01:15 - 2019-10-19 02:53 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-02-17 01:15 - 2019-10-19 02:53 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-02-17 01:15 - 2019-10-19 02:53 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-07-04 17:06 - 2019-07-04 17:06 - 001988608 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GbtNvGpuLib.dll
2019-08-27 12:36 - 2019-08-27 12:36 - 002207744 _____ (WinSoft S.A.) [Datei ist nicht signiert] C:\Program Files\Adobe\Elements 2020 Organizer\WRServices.dll
2021-02-01 19:13 - 2021-02-01 19:13 - 000202240 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\wxbase30u_net_vc90_x64.dll
2021-02-01 19:13 - 2021-02-01 19:13 - 002831872 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\wxbase30u_vc90_x64.dll
2021-02-01 19:13 - 2021-02-01 19:13 - 001654784 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\wxmsw30u_adv_vc90_x64.dll
2021-02-01 19:13 - 2021-02-01 19:13 - 006542336 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\wxmsw30u_core_vc90_x64.dll
2021-02-01 19:13 - 2021-02-01 19:13 - 000773632 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\wxmsw30u_html_vc90_x64.dll
2021-02-01 19:13 - 2021-02-01 19:13 - 000137216 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Adika\AppData\Local\Temp\_MEI143762\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-07-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-03-19 05:49 - 2021-02-01 19:10 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\ojdkbuild\java-1.8.0-openjdk-1.8.0.275-1\bin;C:\Program Files\ojdkbuild\java-1.8.0-openjdk-1.8.0.275-1\jre\bin;C:\Program Files (x86)\nodejs\
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
Network Binding:
=============
VPN - VPN Client: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Wi-Fi: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKU\S-1-5-21-1722177080-3761313699-1016939255-1001\...\StartupApproved\Run: => "Snap Camera"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{A1EB3015-22AB-47D5-A463-A00715098CE7}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{62DD041A-384E-4698-AC8B-1C0B8AD43610}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{5D076467-08C3-4E34-BD9D-BD84BFA42CFE}] => (Allow) LPort=9009
==================== Wiederherstellungspunkte =========================
24-01-2021 04:28:49 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (02/01/2021 07:13:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ctfmon.exe, version: 10.0.18362.1, time stamp: 0x50d94f4d
Faulting module name: KERNELBASE.dll, version: 10.0.18362.1316, time stamp: 0xf9127b9c
Exception code: 0xe06d7363
Fault offset: 0x0000000000043b29
Faulting process ID: 0x3208
Faulting application start time: 0x01d6f8c5efbb8059
Faulting application path: C:\WINDOWS\system32\ctfmon.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: f23bf939-961e-440e-86b2-33def0a1be9c
Faulting package full name:
Faulting package-relative application ID:
Error: (02/01/2021 07:13:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ctfmon.exe, version: 10.0.18362.1, time stamp: 0x50d94f4d
Faulting module name: KERNELBASE.dll, version: 10.0.18362.1316, time stamp: 0xf9127b9c
Exception code: 0xe06d7363
Fault offset: 0x0000000000043b29
Faulting process ID: 0x2674
Faulting application start time: 0x01d6f8c5ebd54327
Faulting application path: C:\WINDOWS\system32\ctfmon.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: d714b1a0-6a93-498f-bb5e-277660d16561
Faulting package full name:
Faulting package-relative application ID:
Error: (02/01/2021 07:10:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ctfmon.exe, version: 10.0.18362.1, time stamp: 0x50d94f4d
Faulting module name: KERNELBASE.dll, version: 10.0.18362.1316, time stamp: 0xf9127b9c
Exception code: 0xe06d7363
Fault offset: 0x0000000000043b29
Faulting process ID: 0x4e90
Faulting application start time: 0x01d6f8c58d76a5e1
Faulting application path: C:\WINDOWS\system32\ctfmon.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 7224457f-5aef-42f1-b7c0-7c651dce8bbf
Faulting package full name:
Faulting package-relative application ID:
Error: (02/01/2021 07:10:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ctfmon.exe, version: 10.0.18362.1, time stamp: 0x50d94f4d
Faulting module name: KERNELBASE.dll, version: 10.0.18362.1316, time stamp: 0xf9127b9c
Exception code: 0xe06d7363
Fault offset: 0x0000000000043b29
Faulting process ID: 0x2ddc
Faulting application start time: 0x01d6f8c58a7af121
Faulting application path: C:\WINDOWS\system32\ctfmon.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: dd491ac5-6425-452c-aa1e-dc940d5535c5
Faulting package full name:
Faulting package-relative application ID:
Error: (02/01/2021 07:10:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ctfmon.exe, version: 10.0.18362.1, time stamp: 0x50d94f4d
Faulting module name: KERNELBASE.dll, version: 10.0.18362.1316, time stamp: 0xf9127b9c
Exception code: 0xe06d7363
Fault offset: 0x0000000000043b29
Faulting process ID: 0x5344
Faulting application start time: 0x01d6f8c5877f7b03
Faulting application path: C:\WINDOWS\system32\ctfmon.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 3fc3aba7-b804-4062-91c2-9fa10777d562
Faulting package full name:
Faulting package-relative application ID:
Error: (02/01/2021 07:10:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ctfmon.exe, version: 10.0.18362.1, time stamp: 0x50d94f4d
Faulting module name: KERNELBASE.dll, version: 10.0.18362.1316, time stamp: 0xf9127b9c
Exception code: 0xe06d7363
Fault offset: 0x0000000000043b29
Faulting process ID: 0x4038
Faulting application start time: 0x01d6f8c584832798
Faulting application path: C:\WINDOWS\system32\ctfmon.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 023362e8-e802-44f6-a64a-a46905809335
Faulting package full name:
Faulting package-relative application ID:
Error: (02/01/2021 07:10:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ctfmon.exe, version: 10.0.18362.1, time stamp: 0x50d94f4d
Faulting module name: KERNELBASE.dll, version: 10.0.18362.1316, time stamp: 0xf9127b9c
Exception code: 0xe06d7363
Fault offset: 0x0000000000043b29
Faulting process ID: 0x8c4
Faulting application start time: 0x01d6f8c58184fde5
Faulting application path: C:\WINDOWS\system32\ctfmon.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 8a964f03-f505-4959-9735-edebb1b4c3ed
Faulting package full name:
Faulting package-relative application ID:
Error: (02/01/2021 07:10:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ctfmon.exe, version: 10.0.18362.1, time stamp: 0x50d94f4d
Faulting module name: KERNELBASE.dll, version: 10.0.18362.1316, time stamp: 0xf9127b9c
Exception code: 0xe06d7363
Fault offset: 0x0000000000043b29
Faulting process ID: 0x5244
Faulting application start time: 0x01d6f8c57e893d9a
Faulting application path: C:\WINDOWS\system32\ctfmon.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 6a57acc6-bf3a-449f-90a6-262d88306f17
Faulting package full name:
Faulting package-relative application ID:
Systemfehler:
=============
Error: (02/01/2021 07:15:15 PM) (Source: DCOM) (EventID: 10010) (User: SUHARIADIKA)
Description: The server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (02/01/2021 07:13:28 PM) (Source: DCOM) (EventID: 10010) (User: SUHARIADIKA)
Description: The server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (02/01/2021 07:13:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The ZeroConfigService service terminated with the following error:
%%2147770990
Error: (02/01/2021 07:12:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (02/01/2021 07:12:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (02/01/2021 07:12:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (02/01/2021 07:12:27 PM) (Source: DCOM) (EventID: 10010) (User: SUHARIADIKA)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (02/01/2021 07:10:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s).
Windows Defender:
===================================
Date: 2021-01-31 06:02:00.919
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4659E38B-6BB3-4CEE-A1AE-A0FE98787C37}
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
Date: 2021-01-29 17:21:40.892
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {445D4F76-2F64-4913-8F3D-C7D313EE737F}
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
Date: 2021-01-27 13:19:33.939
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A1FA9E3A-6B87-4B4B-9357-7F2BEC9625BF}
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
Date: 2021-01-26 11:11:37.924
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C3C03F11-C3DA-48E8-BC6E-7D6FF0F5332A}
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
Date: 2021-01-25 06:13:52.927
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {485E732E-B480-48FF-BA2B-542152919D50}
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
Date: 2021-01-14 06:15:37.825
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.2153.0
Update Source: Microsoft Update-Server
Security intelligence Type: AntiVirus
Update Type: Voll
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80240438
Error description: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
CodeIntegrity:
===================================
Date: 2021-02-01 10:20:35.764
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:35.758
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:35.698
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:35.692
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:34.080
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:34.075
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:33.967
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
Date: 2021-02-01 10:20:32.671
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\version.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. F7a 08/29/2019
Hauptplatine: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI-CF
Prozessor: Intel(R) Core(TM) i9-9900K CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 32699.23 MB
Verfügbarer physikalischer RAM: 25536.41 MB
Summe virtueller Speicher: 37563.23 MB
Verfügbarer virtueller Speicher: 27918.67 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.88 GB) (Free:509.96 GB) NTFS
Drive d: (Volume) (Fixed) (Total:3726.01 GB) (Free:1546.76 GB) NTFS
Drive g: (LaCie #1) (Fixed) (Total:1862.96 GB) (Free:527.8 GB) exFAT
\\?\Volume{4602e376-7f9e-46b5-8266-9d08d618377d}\ () (Fixed) (Total:0.52 GB) (Free:0.04 GB) NTFS
\\?\Volume{b4bd1f78-0ff4-4bde-8ddc-112cbbde2bba}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 741A88E1)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
|
|
01.02.2021, 22:07
| #7 |
| /// TB-Ausbilder | Audacity.de - Izito & Zapmeta in den Suchmaschinen im Browser Schritt 1 Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 2 Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Bitte poste mit deiner nächsten Antwort:
|
|
01.02.2021, 23:59
| #8 |
| | Audacity.de - Izito & Zapmeta in den Suchmaschinen im Browser MBAM Logs: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 01/02/2021
Scan Time: 23:54
Log File: 601b3d4c-64e0-11eb-a2ce-b42e99394c53.json
-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1157
Update Package Version: 1.0.36591
Licence: Trial
-System Information-
OS: Windows 10 (Build 18362.1316)
CPU: x64
File System: NTFS
User: SUHARIADIKA\Adika
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 392375
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 1 min, 20 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
AdwCleaner Logs: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-01-2021
# Duration: 00:00:18
# OS: Windows 10 Pro
# Scanned: 31956
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1514 octets] - [01/02/2021 10:01:44]
AdwCleaner[C00].txt - [1782 octets] - [01/02/2021 10:02:10]
AdwCleaner[S01].txt - [1527 octets] - [01/02/2021 10:29:58]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
|
|
02.02.2021, 12:03
| #9 | |
| /// TB-Ausbilder | Audacity.de - Izito & Zapmeta in den Suchmaschinen im Browser Schritt 1
Schritt 2 Auf deinem Computer fehlt das aktuelle Funktionsupdate Version 20H2. Zitat:
Dann wären wir durch! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Abschließend bitte noch einen Cleanup mit unserem TBCleanUpTool durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt: Wenn Du möchtest, kannst Du hier sagen, ob du mit mir und meiner Hilfe zufrieden warst...  Vielleicht möchtest du das Forum mit einer kleinen Spende  unterstützen.  Hinweis: Bitte gib mir eine kurze Rückmeldung, sobald du die oben verlinkten Informationen gelesen hast, alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
02.02.2021, 18:04
| #10 |
| | Audacity.de - Izito & Zapmeta in den Suchmaschinen im Browser Fixlogs: Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-01-2021
durchgeführt von Adika (02-02-2021 12:33:14) Run:2
Gestartet von C:\Users\Adika\Desktop
Geladene Profile: Adika
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
DeleteQuarantine:
Unlock: C:\FRST
Reboot:
*****************
C:\ProgramData\NTUSER.pol => erfolgreich verschoben
"C:\FRST\Quarantine" => erfolgreich entfernt
"C:\FRST" => wurde entsperrt
Das System musste neu gestartet werden.
==== Ende von Fixlog 12:33:29 ====
|
|
02.02.2021, 20:18
| #11 |
| /// TB-Ausbilder | Audacity.de - Izito & Zapmeta in den Suchmaschinen im Browser Wir sind froh, dass wir helfen konnten  Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
|
| Themen zu Audacity.de - Izito & Zapmeta in den Suchmaschinen im Browser |
| administrator, adobe, audacity, browser, canon, defender, desktop, firefox, flash player, geforce, google, internet, malware, mozilla, nvcontainer, nvcontainer.exe, nvidia, pdf, photoshop, port, prozesse, realtek, registry, rundll, scan, software, suchmaschine, temp, trojaner, windows |
Lesestoff:
Hybrid-Darstellung
