| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren AuswirkungenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.02.2021, 16:45
| #1 |
| |  Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren Auswirkungen Hallo, ich habe noch keine Probleme bemerkt, bin mir aber unsicher, ob ich mir nicht dennoch etwas eingefangen habe. Über eine gefälschte DHL Email habe ich ein .doc erhalten, welches ich naiver Weise geöffnet habe, da ich just am selben Tag ein Paket erwartet hatte. Das Dokument wurde jedoch in OpenOffice geöffnet. Avira meldet erst später den Fund eines Musters "EXP/YAV.Minerva.vzbiu" und verschob die Files in Quarantäne. Hier die Logs. Vielen Dank für Eure Hilfe FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2021
durchgeführt von AtelierNiederhein (Administrator) auf ATELIER_PC (Gigabyte Technology Co., Ltd. G1.Sniper Z87) (25-02-2021 16:25:56)
Gestartet von C:\Users\AtelierNiederhein\Downloads
Geladene Profile: AtelierNiederhein
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Alex Dragokas -> Stanislav Polshyn & Trend Micro Inc.) [Datei ist nicht signiert] C:\Users\AtelierNiederhein\Downloads\hijackthis.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe
(Canon INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\116.4.368\QtWebEngineProcess.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) [Datei ist nicht signiert] C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) [Datei ist nicht signiert] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\AtelierNiederhein\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <11>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Synology Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-10-09] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992336 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Updater] => C:\ProgramData\Updater\check-update.exe [485192 2020-05-24] (Aller Media e.K. -> Aller Media e.K.) <==== ACHTUNG
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickToolbox] => C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe [2340768 2018-05-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-05] (Adobe Inc. -> )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680720 2021-02-18] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [GIMP Updater] => C:\Users\AtelierNiederhein\AppData\Roaming\GIMP Updater\Updater.exe [215200 2019-11-03] (Arne Koenig -> ) <==== ACHTUNG
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [TabletDriver] => C:\Huion Tablet\x64\TabletDriverCore.exe [334056 2019-12-28] (Shenzhen Huion Animation Technology Co.,LTD -> )
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [AusweisApp2] => C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe [2405504 2020-11-30] (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [] => [X]
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\MountPoints2: {994bdb3c-1515-11eb-ab19-74d43585b2ed} - "E:\Autorun.exe"
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4708328 2021-01-17] (Microsoft Windows -> Microsoft Corporation) <==== ACHTUNG
HKLM\...\Windows x64\Print Processors\Canon MB2700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDD0.DLL [30720 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP640 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA2.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpcpp120: C:\Windows\System32\spool\prtprocs\x64\hpcpp120.DLL [342016 2012-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MB2700 series: C:\WINDOWS\system32\CNCALD0.DLL [254464 2015-11-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MB2700 series: C:\WINDOWS\system32\CNMLMD0.DLL [436736 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MB2700 series XPS: C:\WINDOWS\system32\CNMXLMD0.DLL [438784 2015-11-18] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Huion Tablet.lnk [2020-12-27]
ShortcutTarget: Huion Tablet.lnk -> C:\Huion Tablet\Huion Tablet.exe (Shenzhen Huion Animation Technology Co.,LTD -> )
Startup: C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-10-15]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) [Datei ist nicht signiert]
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0BDFD991-F8B5-4BEE-8530-45660E0017B2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {10D8BCA2-0BE0-467B-9D4B-A897FCB0A99C} - System32\Tasks\BundleApplicationRepairToolLauncherTask => C:\Users\AtelierNiederhein\AppData\Roaming\PCDr\Repair\BundleApplicationRepairTool.exe [625024 2018-01-22] (PC-Doctor, Inc. -> )
Task: {12F6F9F7-2275-45BB-95E7-2114EA65FF67} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {1CFF7823-78EF-46B3-A9DC-7E09FBC06883} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe [152128 2020-10-19] (Johannes Schindelin -> The Git Development Community)
Task: {1E1AA683-1EEF-4264-8968-7EA37A1A3969} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1E8503BB-182C-4B7C-96D7-CA1396FDCF21} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2220FFED-725D-45AC-804A-B0D1840B9931} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {23F0D60C-D90C-465F-9FFB-33AF1D13A34E} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29757392 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2669DC01-4CC5-4E45-9B31-8F8357AAEEAD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {2BC55E55-0A20-4278-8A9A-D28ECA3930E9} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {40963EC1-283A-4F9B-A04D-ADD40F8398D5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44130ECF-C77E-4F05-8443-7EDB691A4EB3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {59D79CEA-7628-4BF2-8038-A13C3C0ADEE2} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [233688 2021-02-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {5A31CF7F-82DF-4288-9EEC-00C0D39806B3} - System32\Tasks\AdobeAAMUpdater-1.0-Atelier_PC-AtelierNiederhein => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5C4C9D73-63F6-40D1-B10A-51E01301ADEF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {62A0F4F7-4327-4235-9042-94D34B32495B} - System32\Tasks\Red Giant Link => C:\Program [Argument = Files (x86)\Red Giant Link\Red Giant Link.exe]
Task: {64151D08-FB32-4417-B741-0119D3ECB8E1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {65323232-04B3-4D1B-A73A-60CCB8464652} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {661367E9-26A1-411C-B42B-F962A4C04EDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-28] (Google Inc -> Google LLC)
Task: {781E23ED-CF39-4361-8B26-31C6AE6EA57D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {8B5250F2-E991-4F5D-9797-DFC5242918F3} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {9E36B745-5CA5-4EAD-A9B9-9A080FD510EF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {BF9DFB29-744A-44C4-B75A-36CDBD359B87} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {CCCB4A12-FE2E-4E47-9019-FC85F691113D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D2D4D365-8A40-48B8-848E-BFDA0B54BB7E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-28] (Google Inc -> Google LLC)
Task: {DA92FC08-40B9-4490-A1F6-CEEFCFD54526} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [38360 2017-11-30] (Dell Inc. -> Dell Inc.)
Task: {DB3F2604-FE62-482E-9851-B4ABC5799615} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E8636D29-32DE-412D-A15D-971827532F7F} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {ECB9FE9C-C4C5-4722-A736-1903CFB243D0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F6B38547-7C6F-4A89-AEA2-6D87DAF88FD7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F8BF1748-421D-4457-9146-E1B158630EE3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4f89c9de-8a11-4370-a3fc-a9199241aa6a}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\AtelierNiederhein\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-25]
FireFox:
========
FF DefaultProfile: xspktsq9.default-1575993033040
FF ProfilePath: C:\Users\AtelierNiederhein\AppData\Roaming\Mozilla\Firefox\Profiles\xspktsq9.default-1575993033040 [2021-02-25]
FF Homepage: Mozilla\Firefox\Profiles\xspktsq9.default-1575993033040 -> www.google.de
FF Notifications: Mozilla\Firefox\Profiles\xspktsq9.default-1575993033040 -> hxxps://www.facebook.com
FF Extension: (Recordify Title Discover) - C:\Users\AtelierNiederhein\AppData\Roaming\Mozilla\Firefox\Profiles\xspktsq9.default-1575993033040\Extensions\{8C679308-89F3-402C-9323-8D9B3B6D57B2}.xpi [2020-03-16]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-10-09] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll [2008-10-15] (CANON INC.) [Datei ist nicht signiert]
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\WINDOWS\system32\C2MP\npdivx32.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.9.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @vlc.de/vlc,version=3.0.11 -> C:\Program Files (x86)\VLC Plus Player\npvlc.dll [2020-10-20] (Aller Media e.K. -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-02-15] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-10-09] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-962593549-1501595251-2753236537-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\AtelierNiederhein\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-03-09] (Unity Technologies SF -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-962593549-1501595251-2753236537-1000: LWA64Plugin15.8 -> C:\Users\AtelierNiederhein\AppData\Roaming\Mozilla\Plugins\npLWA64Plugin15.8.dll [2013-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-962593549-1501595251-2753236537-1000: LWAPlugin15.8 -> C:\Users\AtelierNiederhein\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2013-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\AtelierNiederhein\AppData\Roaming\mozilla\plugins\npLWA64Plugin15.8.dll [2018-05-25]
FF Plugin ProgramFiles/Appdata: C:\Users\AtelierNiederhein\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll [2018-05-25]
Chrome:
=======
CHR Profile: C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default [2021-02-25]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.instagram.com
CHR StartupUrls: Default -> "hxxps://calendar.google.com/calendar/r?tab=wc"
CHR Extension: (Präsentationen) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-28]
CHR Extension: (Docs) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-28]
CHR Extension: (Google Drive) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (YouTube) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-28]
CHR Extension: (Adobe Acrobat) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-18]
CHR Extension: (Tabellen) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-28]
CHR Extension: (Google Docs Offline) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Google Mail) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-10]
CHR HKLM-x32\...\Chrome\Extension: [djhangopedggnlnicpbjklghlckmndge]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [lobonlhedgiilkfmbbbfhkaoefacipgj]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-10-09] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2021-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [246168 2021-02-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8404720 2019-11-09] (BattlEye Innovations e.K. -> )
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2018-05-18] (Synology Inc. -> ) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [113152 2016-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44064 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc -> Dell Inc.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397256 2018-11-19] (Canon Inc. -> )
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-11-30] (Dell Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10967832 2021-02-05] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-12-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-02-28] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207424 2020-11-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199752 2020-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1064968 2016-12-13] (Creative Technology Ltd -> Creative Technology Ltd)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 wacomhidfilter; C:\WINDOWS\System32\drivers\wacomhidfilter.sys [12968 2008-08-27] (Wacom Technology Corp. -> Wacom Technology)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2021-02-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-02-25 16:25 - 2021-02-25 16:26 - 000038737 _____ C:\Users\AtelierNiederhein\Downloads\FRST.txt
2021-02-25 16:25 - 2021-02-25 16:26 - 000000000 ____D C:\FRST
2021-02-25 16:25 - 2021-02-25 16:25 - 002301440 _____ (Farbar) C:\Users\AtelierNiederhein\Downloads\FRST64.exe
2021-02-25 16:08 - 2021-02-25 16:08 - 000000000 ____D C:\WINDOWS\Panther
2021-02-24 18:02 - 2021-02-24 18:02 - 000022749 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_QTZQMX4WFQAB_1_Frau_Annette_Bohrloch.pdf
2021-02-24 15:10 - 2021-02-24 15:11 - 001029393 _____ C:\Users\AtelierNiederhein\Downloads\MWS_Integrators_ListingCreation_UK._V272404261_.pdf
2021-02-24 11:04 - 2021-02-24 11:04 - 005541016 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\AtelierNiederhein\Downloads\hijackthis.exe
2021-02-24 10:53 - 2021-02-24 10:54 - 000482040 _____ (Chip Digital GmbH) C:\Users\AtelierNiederhein\Downloads\HijackThis - CHIP-Installer vom 24.02.2021 456e5770bf506eb7d7b3888d815ad1b5.exe
2021-02-24 09:33 - 2021-02-24 09:34 - 001471893 _____ C:\Users\AtelierNiederhein\Downloads\f111-Vollmacht.pdf
2021-02-24 08:35 - 2021-02-25 15:50 - 000008046 _____ C:\WINDOWS\ntbtlog.txt
2021-02-24 08:25 - 2021-02-24 08:25 - 000000000 ____D C:\NPE
2021-02-24 08:24 - 2021-02-24 08:27 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\NPE
2021-02-24 08:24 - 2021-02-24 08:24 - 000000000 ____D C:\ProgramData\Norton
2021-02-24 08:23 - 2021-02-24 08:23 - 009645984 _____ (NortonLifeLock Inc.) C:\Users\AtelierNiederhein\Desktop\NPE.exe
2021-02-23 16:50 - 2021-02-23 16:50 - 000059863 _____ C:\Users\AtelierNiederhein\Documents\Liste_Zoll_v2.pdf
2021-02-22 16:53 - 2021-02-22 16:53 - 000022502 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_6VY63898CDB4_1_Herr_Thomas_Leonhardy.pdf
2021-02-22 16:38 - 2021-02-22 16:38 - 000191744 _____ C:\Users\AtelierNiederhein\Desktop\genexport (2).CSV
2021-02-20 14:04 - 2021-02-20 14:05 - 005228592 _____ C:\Users\AtelierNiederhein\Downloads\Deep_dive_on_Amazon_Neptune_DAT361.pdf
2021-02-19 15:30 - 2021-02-19 15:30 - 000693574 _____ C:\Users\AtelierNiederhein\Downloads\warum-2012.pdf
2021-02-19 09:31 - 2021-02-19 09:31 - 004310122 _____ C:\Users\AtelierNiederhein\Downloads\pkg_communitybuilder_2.5.0+build.2021.02.01.21.20.37.ae3d43f4e(1).zip
2021-02-19 09:30 - 2021-02-19 09:30 - 004310122 _____ C:\Users\AtelierNiederhein\Downloads\pkg_communitybuilder_2.5.0+build.2021.02.01.21.20.37.ae3d43f4e.zip
2021-02-18 10:32 - 2021-02-18 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-02-18 09:29 - 2021-02-18 09:29 - 000050434 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_M296EML5ZDZA_1_Frau_Petra_Rappo.pdf
2021-02-18 09:29 - 2021-02-18 09:29 - 000006556 _____ C:\Users\AtelierNiederhein\Downloads\DOF-210218M296EML5ZDZA-0012191914.pdf
2021-02-16 17:13 - 2021-02-16 17:13 - 000024610 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_Y9P3XM464MRB_1_Frau_Sarah_Romaniw.pdf
2021-02-16 17:13 - 2021-02-16 17:13 - 000024457 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_Y9P3XM464MRB_2_Frau_Marina_Mudrytska.pdf
2021-02-15 12:26 - 2021-02-15 12:26 - 000818689 _____ C:\Users\AtelierNiederhein\Downloads\Justizkrimi_ROCO_Raiffeisen_Manager-Magazin_Maerz2018.pdf
2021-02-14 04:12 - 2021-02-14 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-02-14 04:12 - 2021-02-14 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-02-14 04:12 - 2021-02-14 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-02-14 04:12 - 2021-02-14 04:12 - 000044064 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-02-12 16:21 - 2021-02-12 16:21 - 007857864 _____ C:\Users\AtelierNiederhein\Downloads\X20001-136-CatalogueSennelierFR-DE-NL-2019-pagesinterieures-reduc.pdf
2021-02-12 16:08 - 2021-02-12 16:08 - 000024364 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_C39FCNPD4G73_1_Sandra_Krug.pdf
2021-02-12 16:08 - 2021-02-12 16:08 - 000022479 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_C39FCNPD4G73_2_Frau_Peggy_Stein.pdf
2021-02-12 16:08 - 2021-02-12 16:08 - 000022198 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_C39FCNPD4G73_3_Frau_Nicole_Michaloudis.pdf
2021-02-12 12:45 - 2021-02-12 16:10 - 000004691 _____ C:\Users\AtelierNiederhein\.ganttproject
2021-02-12 12:44 - 2021-02-12 12:46 - 000000000 ____D C:\Users\AtelierNiederhein\Documents\GanttProject
2021-02-12 12:44 - 2021-02-12 12:44 - 000002056 _____ C:\ProgramData\Desktop\GanttProject.lnk
2021-02-12 12:44 - 2021-02-12 12:44 - 000000000 ____D C:\Users\AtelierNiederhein\.ganttproject.d
2021-02-12 12:44 - 2021-02-12 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GanttProject
2021-02-12 12:44 - 2021-02-12 12:44 - 000000000 ____D C:\Program Files (x86)\GanttProject-3.0
2021-02-12 12:41 - 2021-02-12 12:44 - 114651200 _____ C:\Users\AtelierNiederhein\Downloads\ganttproject-3.0.3000.exe
2021-02-12 08:43 - 2021-02-12 08:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 08:43 - 2021-02-12 08:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 08:43 - 2021-02-12 08:43 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-12 08:43 - 2021-02-12 08:43 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-12 08:43 - 2021-02-12 08:43 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-10 09:23 - 2021-02-10 09:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-10 08:28 - 2021-02-12 16:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-08 15:03 - 2021-02-08 15:03 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2021-02-06 17:26 - 2021-02-06 17:26 - 000024381 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_LUKHCAQPXPEN_4_Herr_Marc_Tenner.pdf
2021-02-06 17:26 - 2021-02-06 17:26 - 000022525 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_LUKHCAQPXPEN_3_Andreas_Wäldele.pdf
2021-02-06 17:26 - 2021-02-06 17:26 - 000022499 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_LUKHCAQPXPEN_5_Kristina_Neumann.pdf
2021-02-05 16:58 - 2021-02-05 16:58 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\LocalLow\Oracle
2021-02-05 16:39 - 2021-02-05 16:39 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk
2021-02-05 16:39 - 2021-02-05 16:39 - 000001134 _____ C:\ProgramData\Desktop\AusweisApp2.lnk
2021-02-05 16:39 - 2021-02-05 16:39 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\Governikus GmbH & Co. KG
2021-02-05 16:39 - 2021-02-05 16:39 - 000000000 ____D C:\Program Files (x86)\AusweisApp2
2021-02-05 16:38 - 2021-02-05 16:38 - 022896640 _____ C:\Users\AtelierNiederhein\Downloads\AusweisApp2-1.22.0.msi
2021-02-05 08:32 - 2021-02-05 08:32 - 000005689 _____ C:\Users\AtelierNiederhein\Documents\Snipping Tool Print Job.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000041458 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_3_Frau_petra_rappo.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000024538 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_2_Andreas_Wäldele.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000024529 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_1_Heiko_Herbst_.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000024289 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_6_Frau_Gudrun_Doege-Klein.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000022702 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_5_Herr_Matthias_Kindler.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000022531 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_4_Frau_Brigitte_Andritzke-Walter.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000006899 _____ C:\Users\AtelierNiederhein\Downloads\DOF-210203WNBT9UR88PC4-0011834233.pdf
2021-02-03 19:22 - 2021-02-03 19:22 - 000006659 _____ C:\Users\AtelierNiederhein\Downloads\DOF-210203VFDKBKTSEB3M-0011833904.pdf
2021-02-03 19:17 - 2021-02-03 19:17 - 000244723 _____ C:\Users\AtelierNiederhein\Downloads\2kg_coupons_20210114.pdf
2021-02-03 13:45 - 2021-02-03 13:45 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2021.lnk
2021-02-02 17:38 - 2021-02-02 17:38 - 000976969 _____ C:\Users\AtelierNiederhein\Downloads\Archive-2021-02-02-17-38-03.zip
2021-02-02 09:14 - 2021-02-02 09:38 - 000040076 _____ C:\Users\AtelierNiederhein\Downloads\oxarticles.csv
2021-02-01 14:08 - 2021-02-01 14:08 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-02-01 13:19 - 2021-02-01 13:19 - 000115971 _____ C:\Users\AtelierNiederhein\Downloads\invoice_TC9927697177.pdf
2021-02-01 12:35 - 2021-02-01 12:36 - 001756565 _____ C:\Users\AtelierNiederhein\Downloads\Kontoeroeffnung_20210201_600170.pdf
2021-02-01 10:09 - 2021-02-01 09:29 - 000020020 _____ C:\Users\AtelierNiederhein\Documents\order_pastell-shop__Standard%20Pastels%20Order%20Spreadsheet-20210126.xls_0.ods
2021-01-29 12:20 - 2021-02-16 12:35 - 000000000 ____D C:\Users\AtelierNiederhein\Downloads\archiv
2021-01-27 15:01 - 2021-01-27 15:01 - 000000000 ____D C:\WINDOWS\SysWOW64\NV
2021-01-27 15:01 - 2021-01-27 15:01 - 000000000 ____D C:\WINDOWS\system32\NV
2021-01-27 14:59 - 2021-01-23 09:57 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-27 14:59 - 2021-01-23 09:57 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-27 14:59 - 2021-01-23 09:57 - 001453720 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-27 14:59 - 2021-01-23 09:57 - 001435872 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-27 14:59 - 2021-01-23 09:57 - 001435872 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-27 14:59 - 2021-01-23 09:57 - 001094872 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-27 14:59 - 2021-01-23 09:57 - 001094872 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-27 14:59 - 2021-01-23 09:57 - 000948960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-27 14:59 - 2021-01-23 09:57 - 000948960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-27 14:59 - 2021-01-23 09:56 - 001193112 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-27 14:59 - 2021-01-23 09:54 - 001512104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-27 14:59 - 2021-01-23 09:54 - 001164968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-27 14:59 - 2021-01-23 09:54 - 000680088 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-27 14:59 - 2021-01-23 09:54 - 000672936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-27 14:59 - 2021-01-23 09:54 - 000558248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-27 14:59 - 2021-01-23 09:54 - 000547480 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 008262312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 007392920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 004611760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 002731184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 002103448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 001732264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446140.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 001589400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 001491608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446140.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 000813208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 000657048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-27 14:59 - 2021-01-23 09:50 - 006070848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-26 11:56 - 2021-02-02 10:35 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2021.lnk
2021-01-26 11:56 - 2021-02-02 10:35 - 000002254 _____ C:\ProgramData\Desktop\SteuerSparErklärung 2021.lnk
2021-01-26 11:56 - 2021-02-02 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2021
2021-01-26 11:56 - 2021-01-26 11:56 - 000002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Ratgeber 2020-2021.lnk
2021-01-26 11:56 - 2021-01-26 11:56 - 000002309 _____ C:\ProgramData\Desktop\Steuer-Ratgeber 2020-2021.lnk
2021-01-26 11:56 - 2021-01-26 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Ratgeber 2020-2021
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-02-25 16:15 - 2020-09-25 16:13 - 001590256 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-25 16:15 - 2019-12-07 15:50 - 000684966 _____ C:\WINDOWS\system32\perfh007.dat
2021-02-25 16:15 - 2019-12-07 15:50 - 000141424 _____ C:\WINDOWS\system32\perfc007.dat
2021-02-25 16:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-25 16:13 - 2017-02-25 20:36 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-25 16:12 - 2016-11-20 16:10 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\LocalLow\Mozilla
2021-02-25 16:11 - 2020-11-02 14:30 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-25 16:11 - 2017-02-25 17:41 - 000000000 ___RD C:\Users\AtelierNiederhein\Creative Cloud Files
2021-02-25 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-25 16:10 - 2017-07-12 17:41 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-25 16:09 - 2015-12-20 08:54 - 000000000 ___RD C:\Users\AtelierNiederhein\OneDrive
2021-02-25 16:08 - 2020-09-25 18:05 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2021-02-25 16:08 - 2020-09-25 16:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-25 16:08 - 2020-09-25 16:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-25 16:08 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-25 16:08 - 2017-07-12 17:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-25 16:08 - 2015-12-19 17:36 - 000000000 __SHD C:\Users\AtelierNiederhein\IntelGraphicsProfiles
2021-02-25 14:15 - 2017-09-29 06:49 - 000001456 _____ C:\Users\AtelierNiederhein\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2021-02-25 12:41 - 2020-09-25 16:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-25 07:46 - 2019-11-06 05:57 - 000000000 ___HD C:\adobeTemp
2021-02-25 07:46 - 2017-02-25 17:40 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-02-24 15:22 - 2020-09-25 16:18 - 000003710 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-02-24 09:38 - 2020-08-21 13:07 - 000000000 ____D C:\Projekte
2021-02-24 08:51 - 2017-04-25 04:57 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2021-02-24 08:51 - 2017-04-25 04:57 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-02-24 08:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-23 15:18 - 2017-02-25 16:21 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\Adobe
2021-02-23 15:18 - 2014-07-10 19:50 - 000000000 ____D C:\Users\AtelierNiederhein\Documents\Adobe
2021-02-23 09:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-22 16:48 - 2020-06-17 09:17 - 000007862 _____ C:\Users\AtelierNiederhein\Desktop\oxarticles.csv
2021-02-22 14:03 - 2020-08-21 10:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-22 09:16 - 2014-03-27 21:38 - 000000000 ___RD C:\Users\AtelierNiederhein\Dropbox
2021-02-22 08:14 - 2017-03-02 05:48 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\FileZilla
2021-02-20 13:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-19 12:59 - 2014-05-11 16:05 - 000000000 ____D C:\Users\AtelierNiederhein\Documents\Steuerfälle
2021-02-19 08:35 - 2020-06-15 06:41 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-19 08:35 - 2020-06-15 06:41 - 000002330 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-18 14:13 - 2017-02-25 17:30 - 000000000 ____D C:\Program Files\Adobe
2021-02-18 14:07 - 2017-03-07 17:01 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\CrashDumps
2021-02-18 10:32 - 2017-02-26 08:22 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-02-17 15:47 - 2020-07-18 13:18 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\Code
2021-02-17 09:58 - 2020-11-09 11:06 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\pyinstaller
2021-02-17 09:50 - 2020-07-18 13:57 - 000000000 ____D C:\Users\AtelierNiederhein\.pylint.d
2021-02-17 08:26 - 2019-04-28 07:38 - 000002308 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-17 08:26 - 2019-04-28 07:38 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-16 11:30 - 2014-04-03 17:47 - 000000000 ____D C:\Users\AtelierNiederhein\Desktop\tmp
2021-02-15 16:51 - 2017-02-26 10:14 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-02-15 16:51 - 2017-02-26 10:14 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-02-15 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-15 08:27 - 2020-09-25 16:18 - 000003392 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-962593549-1501595251-2753236537-1000
2021-02-15 08:27 - 2020-09-25 16:10 - 000002455 _____ C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-12 16:39 - 2020-09-25 16:09 - 010187680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-12 16:39 - 2017-02-25 17:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 16:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-12 16:10 - 2020-09-25 16:10 - 000000000 ____D C:\Users\AtelierNiederhein
2021-02-12 12:20 - 2020-07-18 13:18 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2021-02-12 08:38 - 2017-02-25 18:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 08:35 - 2017-02-25 18:33 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-11 07:42 - 2020-09-25 16:18 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-11 07:42 - 2020-09-25 16:18 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-10 16:07 - 2018-12-16 11:38 - 000000600 _____ C:\Users\AtelierNiederhein\AppData\Local\PUTTY.RND
2021-02-10 09:22 - 2020-07-23 12:41 - 000000000 ____D C:\Program Files (x86)\PUBGLite
2021-02-10 09:22 - 2017-02-25 20:40 - 000001284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-10 08:59 - 2019-11-18 22:14 - 000074552 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2021-02-09 15:39 - 2020-09-25 16:18 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-06 12:20 - 2020-09-25 16:18 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-06 12:20 - 2020-09-25 16:18 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-05 20:04 - 2020-02-20 08:56 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2020-08-21 10:35 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-02-03 18:07 - 2020-09-25 16:18 - 000003782 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
2021-01-29 11:50 - 2017-02-26 08:22 - 000001258 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-01-29 11:50 - 2017-02-26 08:22 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-01-27 15:50 - 2017-06-30 09:28 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\NVIDIA
2021-01-26 14:24 - 2017-12-08 09:17 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\Packages
2021-01-26 12:17 - 2017-02-28 18:17 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\AAV
2021-01-26 11:56 - 2017-02-28 18:17 - 000000000 ____D C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2017-03-10 16:07 - 2018-10-21 11:41 - 000000033 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\AdobeWLCMCache.dat
2017-05-13 05:47 - 2020-11-07 16:23 - 000010120 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\ContactSheetII.log
2017-05-13 05:47 - 2020-11-07 16:23 - 000000709 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\Kontaktabzug II.xml
2021-01-02 17:16 - 2021-01-02 17:16 - 000000028 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\kulerdata.json
2017-09-29 06:49 - 2021-02-25 14:15 - 000001456 _____ () C:\Users\AtelierNiederhein\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2018-09-29 02:32 - 2018-09-29 02:32 - 000000000 _____ () C:\Users\AtelierNiederhein\AppData\Local\oobelibMkey.log
2018-12-16 11:38 - 2021-02-10 16:07 - 000000600 _____ () C:\Users\AtelierNiederhein\AppData\Local\PUTTY.RND
2020-08-23 12:04 - 2020-08-23 12:04 - 000008317 _____ () C:\Users\AtelierNiederhein\AppData\Local\recently-used.xbel
2018-08-16 16:14 - 2018-08-16 16:14 - 000007601 _____ () C:\Users\AtelierNiederhein\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
25.02.2021, 16:53
| #2 |
| | Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren Auswirkungen Addition.txt
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-02-2021
durchgeführt von AtelierNiederhein (25-02-2021 16:27:37)
Gestartet von
Windows 10 Home Version 20H2 19042.804 (X64) (2020-09-25 15:18:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-962593549-1501595251-2753236537-500 - Administrator - Disabled)
AtelierNiederhein (S-1-5-21-962593549-1501595251-2753236537-1000 - Administrator - Enabled) => C:\Users\AtelierNiederhein
DefaultAccount (S-1-5-21-962593549-1501595251-2753236537-503 - Limited - Disabled)
Gast (S-1-5-21-962593549-1501595251-2753236537-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-962593549-1501595251-2753236537-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-962593549-1501595251-2753236537-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (HKLM\...\{5737101A-27C4-408A-8A57-D1DC78DF84B4}) (Version: 8.2.1 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20138 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_5_1) (Version: 17.5.1 - Adobe Inc.)
Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0_12) (Version: 13.0.12 - Adobe Inc.)
Adobe Bridge 2021 (HKLM-x32\...\KBRG_11_0) (Version: 11.0 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.0.468 - Adobe Inc.)
Adobe ExtendScript Toolkit CC (HKLM-x32\...\{6297487E-3778-4F72-B458-55690418DB98}) (Version: 4.0.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_1) (Version: 25.1 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_1) (Version: 16.1 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_7) (Version: 14.7 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_1_1) (Version: 22.1.1.138 - Adobe Inc.)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_8) (Version: 14.8 - Adobe Inc.)
Amazon Kindle (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Amazon Kindle) (Version: 1.23.1.50133 - Amazon)
Android Studio (HKLM\...\Android Studio) (Version: 3.4 - Google LLC)
Aptana Studio (HKLM-x32\...\{2D6C1116-78C6-469C-9923-3E549218773F}) (Version: 3.7.2 - Appcelerator) Hidden
Aptana Studio (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Aptana Studio 3.7.2) (Version: 3.7.2 - Appcelerator)
AusweisApp2 (HKLM-x32\...\{F3E22721-7F7E-472F-BBBA-6B5572E15A58}) (Version: 1.22.0 - Governikus GmbH & Co. KG)
Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2101.2070 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.45.15812 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{9F45C615-6D95-47B5-BB0C-D78F6D15DE21}) (Version: 2.0.6.42639 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.10.0.11063 - Avira Operations GmbH & Co. KG) Hidden
Blender (HKLM\...\{A0C803A1-310C-4EFF-B881-CA10CF7CD6A7}) (Version: 2.90.1 - Blender Foundation)
Canon Calibration Tool (HKLM-x32\...\CanonCalibrationTool) (Version: 1.3.0 - Canon Inc.)
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.2.0.18 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.0.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon Kurzwahlprogramm2 (HKLM-x32\...\Speed Dial Utility2) (Version: 2.1.0 - Canon Inc.)
Canon MB2700 series Benutzerregistrierung (HKLM-x32\...\Canon MB2700 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MB2700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MB2700_series) (Version: 1.01 - Canon Inc.)
Canon MB2700 series On-screen Manual (HKLM-x32\...\Canon MB2700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.4.0.15 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.2.0.10 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.3.0.15 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Utility Toolbox (HKLM-x32\...\Quick Toolbox) (Version: 2.3.0 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.7.32 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.7 (HKLM-x32\...\DPP) (Version: 3.7.3.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.3.0.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.6.1.1 - Canon Inc.)
Canon Utilities WFT-E1/E2/E3/E4/E5 Utility (HKLM-x32\...\WFTK) (Version: 3.4.1.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.4.1.11 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.2.11 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version: - getcomposer.org)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell SupportAssistAgent (HKLM\...\{4015CD01-07AB-4354-9E43-E63DFAB5A6A2}) (Version: 2.1.2.7 - Dell)
Discord (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 116.4.368 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.10.4.1203 - Steinberg Media Technologies GmbH)
Express Rip CD-Ripper (HKLM-x32\...\ExpressRip) (Version: 3.01 - NCH Software)
FileZilla Client 3.51.0 (HKLM-x32\...\FileZilla Client) (Version: 3.51.0 - Tim Kosse)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
GanttProject (HKLM-x32\...\GanttProject) (Version: - )
GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
GIMP Updater (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\GIMP Updater) (Version: 2.8.19 - GIMP) <==== ACHTUNG
Git version 2.29.0 (HKLM\...\Git_is1) (Version: 2.29.0 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\GitHubDesktop) (Version: 2.5.6 - GitHub, Inc.)
GitKraken (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\gitkraken) (Version: 7.3.2 - Axosoft, LLC)
GoodGame (HKLM-x32\...\GoodGame.de) (Version: 1.0 - GoodGame) <==== ACHTUNG
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.182 - Google LLC)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.52) (Version: 9.52 - Artifex Software Inc.)
heroku (HKLM-x32\...\heroku) (Version: - Heroku)
HP LJ300-400 color M351-M451 (HKLM-x32\...\{15CA73D8-3C82-4BAE-86CD-945BF9620516}) (Version: 5.0.12200.630 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (HKLM-x32\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM351M451DSService (HKLM-x32\...\{BF2198EB-503D-4E0B-89FB-509AADD6D545}) (Version: 001.001.05164 - Hewlett-Packard) Hidden
HPLaserJet300-400ColorM351-M451Series_HelpLearnCenter_SI (HKLM-x32\...\{BD019D8F-25B9-49D6-B301-07AFF65E35DD}) (Version: 1.02.0000 - Hewlett-Packard)
HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM351-M451 (HKLM-x32\...\{E25710A1-F024-4BAF-898C-32703F047737}) (Version: 1.02.0013 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM351_M451LaserJetService (HKLM-x32\...\{1125FC8E-975D-47BD-943D-0DFE0E2358B9}) (Version: 005.021.00132 - Hewlett-Packard) Hidden
hppToolboxProxyM351 (HKLM-x32\...\{6930AC06-C380-421E-91FE-9CA29D21D83E}) (Version: 035.024.006 - HP) Hidden
hpStatusAlerts (HKLM-x32\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM351_M451 (HKLM-x32\...\{25E11B5A-4817-4296-A260-235AE77B1708}) (Version: 050.034.0131 - Hewlett-Packard) Hidden
Huion Tablet v14.8.95.1136 (HKLM\...\{62047893-F186-48B8-83A5-1C74D8666D19}_is1) (Version: v14.8.95.1136 - )
IJ Network Device Setup Utility (HKLM-x32\...\IJ Network Device Setup Utility) (Version: 1.8.1 - Canon Inc.)
ImageMagick 7.0.3-0 Q16 (64-bit) (2016-09-05) (HKLM\...\ImageMagick 7.0.3 Q16 (64-bit)_is1) (Version: 7.0.3 - ImageMagick Studio LLC)
InstanceFinder (HKLM-x32\...\{32C0FD10-8FB4-427E-A16F-ED57C9343CF0}) (Version: 020.021.004 - HP) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{75299AB0-6BC8-435F-8D62-AA1DDEA1EF2F}) (Version: 7.5.2 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
Maxon Cinema 4D 22 (HKLM\...\Maxon Cinema 4D S22) (Version: S22 - Maxon)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Lync Web App Plug-in (64-bit) (HKLM\...\{78E64466-8E20-40E2-8F77-6FA0C8A0FEB0}) (Version: 15.8.8308.726 - Microsoft Corporation)
Microsoft Lync Web App Plug-in (HKLM\...\{BE6D5464-0B1F-46CC-8973-F9651FE6A45A}) (Version: 15.8.8308.965 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.53.2 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 85.0.2 (x64 de) (HKLM\...\Mozilla Firefox 85.0.2 (x64 de)) (Version: 85.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 85.0.2.7709 - Mozilla)
Mozilla Thunderbird 24.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.0 (x86 de)) (Version: 24.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
NirSoft WhoisThisDomain (HKLM-x32\...\NirSoft WhoisThisDomain) (Version: - )
Node.js (HKLM-x32\...\{2D41A012-35EE-4724-AE8E-E592EDD9F89D}) (Version: 0.10.13 - Joyent, Inc. and other Node contributors)
Node.js (HKLM-x32\...\{EC1A7084-4725-4319-9D35-F204CE7FC2E6}) (Version: 8.11.1 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 3.9.0 (64-bit) (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\{a2a37ca0-8ebd-4d7e-b4b8-e6b1740c2ce0}) (Version: 3.9.150.0 - Python Software Foundation)
Python 3.9.0 Add to Path (64-bit) (HKLM\...\{4F5E962C-96E9-45B9-8F14-9A91748981C6}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Core Interpreter (64-bit) (HKLM\...\{92F322B1-D69A-43D1-82B4-24ADEBE5C650}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Development Libraries (64-bit) (HKLM\...\{E73FE192-7766-49FA-B28A-32F700D98A15}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Documentation (64-bit) (HKLM\...\{35E94198-B9F1-4D1E-A869-636AD5E6BCA8}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Executables (64-bit) (HKLM\...\{A9F718BA-8B5F-4AE7-ADDA-EFFF431948DB}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 pip Bootstrap (64-bit) (HKLM\...\{27FF09D8-6DE6-4F63-A3DD-8758D615D543}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Standard Library (64-bit) (HKLM\...\{42480EE5-670F-4AF3-A619-2E761A398340}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Tcl/Tk Support (64-bit) (HKLM\...\{4460A893-EFF6-4B33-BF21-BAA2159F57E6}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Test Suite (64-bit) (HKLM\...\{9141E990-BD45-4F42-BB32-B3012969355D}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Utility Scripts (64-bit) (HKLM\...\{35DC2DFB-0AEA-4DC2-AFA5-4EA2D2612B51}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{E45E56A4-FCDD-4C4A-966A-4FB81C932219}) (Version: 3.9.7217.0 - Python Software Foundation)
Qweb Symbol (HKLM-x32\...\Qweb.de) (Version: 1.1 - Qweb Symbol) <==== ACHTUNG
Recordify 2019 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 4.01 - Abelssoft)
Scribus 1.4.8 (HKLM-x32\...\Scribus 1.4.8) (Version: 1.4.8 - The Scribus Team)
Shotcut (HKLM-x32\...\Shotcut) (Version: - )
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
Startfenster-Replace (HKLM-x32\...\Startfenster-Replace.de) (Version: 1.0.4 - Startfenster-Replace) <==== ACHTUNG
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Caleidoscope Sampler Track Content (HKLM-x32\...\{BD830EFB-4884-422C-8AA0-F564E839FC6F}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Content Updater (HKLM-x32\...\{23BAFE62-0AF0-4D71-98C2-47286139DC45}) (Version: 3.1.0 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 9 (HKLM\...\{E0FA80FD-82A7-4328-ABC3-0DA6A9FA1824}) (Version: 9.0.30 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.11 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.30 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.3.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Rock Pop Toolbox Drums Elements (HKLM-x32\...\{7AC78F55-2066-4EF5-AA6F-AD57FEAE7CBD}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Production Grooves Content (HKLM-x32\...\{F72824BC-4856-4050-A745-D92BC601CCDE}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{0B91CA67-AB51-4FCC-AD05-F4C8DF11D00B}) (Version: 17.01.1 - Wolters Kluwer Deutschland GmbH)
Steuer-Ratgeber 2017-2018 (HKLM-x32\...\{3DAB5687-7252-44BB-99FA-82E9E9AEA9BC}) (Version: 18.01.0 - Wolters Kluwer Deutschland GmbH)
Steuer-Ratgeber 2018-2019 (HKLM-x32\...\{C85C471D-8BA4-4C95-9DD2-64263B5329FD}) (Version: 19.01.0 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerRatgeber 2019-2020 (HKLM-x32\...\{A838952B-CEEC-4AF3-88C3-B4C4374337F7}) (Version: 20.01.9 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerRatgeber 2020-2021 (HKLM-x32\...\{2E5063A0-872A-4B65-8163-168B25E6D50A}) (Version: 20.10.6 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2017 (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.34.85 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2018 (HKLM-x32\...\{A1D1FDBD-02F9-49B6-9EB2-2DC6B1D37E16}) (Version: 23.39.56 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2019 (HKLM-x32\...\{C1274A30-7822-4CAE-A4C8-395E9E687107}) (Version: 24.34.134 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2020 (HKLM-x32\...\{E7E3F711-933D-4D9A-BA51-01F47179F23C}) (Version: 25.31.65 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2021 (HKLM-x32\...\{8C111EC2-454D-4C0B-B0D7-E845F1B3AAAD}) (Version: 26.26.67 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
Synology Cloud Station Drive (remove only) (HKLM\...\Synology Cloud Station Drive) (Version: 4.2.7.4415 - Synology, Inc.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.259142 - TeamViewer)
TextPad 8 (HKLM\...\{861AB1C1-1967-4C4A-BF86-C255E2D2B8FD}) (Version: 8.0.2 - Helios)
ToolboxProxy (HKLM-x32\...\{B64E0B43-A452-4B25-93DD-E5C6645A534A}) (Version: 035.024.006 - HP) Hidden
Unity Web Player (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\UnityWebPlayer) (Version: 5.3.8f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Updater (HKLM-x32\...\Updater) (Version: 3.0.8.1 - Updater) <==== ACHTUNG
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VLC Plus Player (HKLM-x32\...\VLC Plus Player) (Version: 3.0.11 - Aller Media e.K.) <==== ACHTUNG
WhatsApp (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\WhatsApp) (Version: 0.4.930 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Subsystem for Linux Update (HKLM\...\{8D646799-DB00-4000-AE7A-756A05A4F1D8}) (Version: 5.4.72 - Microsoft Corporation)
Windows-Treiberpaket - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
WinHTTrack Website Copier 3.49-2 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
XAMPP (HKLM-x32\...\xampp) (Version: 7.3.0-0 - Bitnami)
Yamaha Steinberg USB Driver (HKLM\...\{D6E6D5BA-F07E-4495-A8E4-B735B291C9EF}) (Version: 1.8.7 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{D6E6D5BA-F07E-4495-A8E4-B735B291C9EF}) (Version: 1.8.7 - Yamaha Corporation)
yWriter5 (HKLM-x32\...\yWriter5_is1) (Version: - Spacejock Software)
Zoom (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-09] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-17] (Adobe Systems Incorporated)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-22] (Facebook Inc)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-02-10] (Microsoft Corporation)
Houzz -> C:\Program Files\WindowsApps\0D16BB98.Houzz_1.1.22.0_neutral__gyej1c4xgx4mg [2020-12-29] (Houzz Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.2.837.0_x64__v10z8vjag6ke6 [2021-02-23] (HP Inc.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-22] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-2ED9D4E320EA} -> [Creative Cloud Files] => C:\Users\AtelierNiederhein\Creative Cloud Files [2017-02-25 17:41]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll () [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{539DB5D1-C0C6-11D0-985E-0060970BEC0B}\localserver32 -> C:\Program Files\Adobe\Adobe FrameMaker 2019\FrameMaker.exe /Automation /iconic /nosplash => Keine Datei
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9}\InprocServer32 -> C:\Program Files\TextPad 8\System\ShellExt64.dll (Helios Software Solutions Ltd -> )
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{7ECF6F97-B4F3-4168-9835-F59C06D7875F}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\Microsoft\LWAPlugin\x64\15.8\LWAPluginInProc.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\AtelierNiederhein\Dropbox [2014-03-27 21:38]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-04-21] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-01-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1_S-1-5-21-962593549-1501595251-2753236537-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2018-07-13] () [Datei ist nicht signiert]
ContextMenuHandlers1_S-1-5-21-962593549-1501595251-2753236537-1000: [TextPad8] -> {5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9} => C:\Program Files\TextPad 8\System\ShellExt64.dll [2016-02-28] (Helios Software Solutions Ltd -> )
ContextMenuHandlers6_S-1-5-21-962593549-1501595251-2753236537-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2018-07-13] () [Datei ist nicht signiert]
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [vidc.divx] => C:\Windows\SysWOW64\divx.dll [685056 2009-05-01] (DivX, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\divx.dll [685056 2009-05-01] (DivX, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2008-12-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\SysWOW64\ff_vfw.dll [85504 2009-06-02] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.vp60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.vp61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.vp62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [497664 2009-08-11] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2000-04-01] (Packed With Joy !) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\nodejs\nodevars.bat"
ShortcutWithArgument: C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> hxxps://www.startfenster.de
ShortcutWithArgument: C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> hxxps://www.startfenster.de
ShortcutWithArgument: C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> hxxps://www.startfenster.de
ShortcutWithArgument: C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> hxxps://www.startfenster.de
ShortcutWithArgument: C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxps://www.startfenster.de
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxps://www.startfenster.de
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> hxxps://www.startfenster.de
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> hxxps://www.startfenster.de
ShortcutWithArgument: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> hxxps://www.startfenster.de
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-07-21 08:35 - 2015-07-21 08:35 - 000512000 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll
2019-02-05 20:00 - 2015-09-15 16:07 - 000318464 _____ (CANON INC) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2015-07-21 08:36 - 2015-07-21 08:36 - 000009728 _____ (Canon INC.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Canon\EOS Utility\de\EOS Utility.resources.dll
2015-07-21 08:35 - 2015-07-21 08:35 - 001069056 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\EOS Utility\EdsImage.dll
2019-02-05 20:00 - 2015-09-01 18:11 - 000194560 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2019-02-05 20:00 - 2015-06-17 16:01 - 000008704 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_DEU.DLL
2019-02-05 20:00 - 2015-06-17 16:00 - 000104960 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2019-02-05 20:00 - 2015-05-26 09:44 - 000141312 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnwidsd.dll
2017-10-24 12:43 - 2017-12-07 11:25 - 000219648 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJPLM\CNMPU2.DLL
2019-02-05 20:01 - 2018-05-09 19:00 - 000121344 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnalmmod.dll
2019-02-05 20:01 - 2018-05-09 19:00 - 000016896 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Quick Utility Toolbox\de\cnqtbres.dll
2017-02-25 18:45 - 2015-11-18 05:00 - 000438784 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMXLMD0.DLL
2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hpzjrd01.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000041472 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000073728 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 001222656 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzipm12.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000034816 _____ (HP) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\System32\HPTcpMUI.dll
2018-07-13 12:34 - 2018-07-13 12:34 - 002768896 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\AtelierNiederhein\Anwendungsdaten:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\AtelierNiederhein\Local Settings (1):init [1491545]
AlternateDataStreams: C:\Users\AtelierNiederhein\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www1.online/?w=RD2124
SearchScopes: HKLM -> DefaultScope {CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA} URL = hxxps://www1.online/?w=RD2124&q={searchTerms}
SearchScopes: HKLM -> {CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA} URL = hxxps://www1.online/?w=RD2124&q={searchTerms}
SearchScopes: HKU\S-1-5-21-962593549-1501595251-2753236537-1000 -> DefaultScope {CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA} URL = hxxps://www1.online/?w=RD2124&q={searchTerms}
SearchScopes: HKU\S-1-5-21-962593549-1501595251-2753236537-1000 -> {CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA} URL = hxxps://www1.online/?w=RD2124&q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-02-25 16:08 - 2017-02-25 16:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2020-09-25 19:14 - 2020-11-12 16:50 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.26.64.1 Atelier_PC.mshome.net # 2025 11 2 11 15 50 0 587
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files\ImageMagick-7.0.3-Q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\nodejs\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\PuTTY\;C:\xampp\php;C:\ProgramData\ComposerSetup\bin;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{84FCC611-09BE-42ED-B8A0-C2BF63E75DD8}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{7C0C2F48-0225-402F-9C36-9D4948732054}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => Keine Datei
FirewallRules: [{90EFA8FF-5A64-4BD6-961F-195E3021C848}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2BF73297-7F78-4FF0-B733-1F77B03D5706}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{49BFECF6-5ADB-4F1C-9837-C5425C217C47}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{31A8AD45-4E78-4F04-B413-6FD7191837CE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0C695600-5A12-4B9A-B024-81638A00F462}] => (Allow) C:\Users\AtelierNiederhein\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{11130003-085A-4266-A4D4-B8653E7807EC}] => (Allow) C:\Users\AtelierNiederhein\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{9A632E6A-BF73-42D2-AECC-957B6D26735C}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{C932265D-FE63-4799-84EF-ED4A72A2043B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{80D8A77F-1F56-4FEE-B622-989BBAFB8C96}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{51997B05-FB5C-4E9F-A65C-C303971C4B1A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{39671CF0-E089-42BD-AFE7-453B6F31FA37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => Keine Datei
FirewallRules: [{0DA7A56E-5B74-413D-A3FF-37CEE86E5383}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => Keine Datei
FirewallRules: [UDP Query User{47C80A70-6FDF-411D-9CD1-D89FE8DE3FED}C:\users\atelierniederhein\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\atelierniederhein\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{DAE8790E-5F96-42F0-9590-DD4258614060}C:\users\atelierniederhein\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\atelierniederhein\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{9376E755-BB61-4E25-9D9E-E8D3A2559134}C:\users\atelierniederhein\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\atelierniederhein\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C58EA3E3-6CEC-49AD-B034-C07BF82B55AC}C:\users\atelierniederhein\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\atelierniederhein\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99E6B323-E607-48D9-8735-DA9D04D7EA6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A6F1347-53FE-45EA-AF72-0CAAE9FA4287}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A0178A0-0F0C-4E0D-8EC6-13FD583427EB}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (CANON INC.) [Datei ist nicht signiert]
FirewallRules: [{6B0E60D1-BA1C-4972-9A29-1E778DBFE7A1}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (CANON INC.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{1EB06CEB-C47E-47E2-BA4E-E549057F7CEE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D55FAE90-57AD-4836-8ECA-4687A355E28E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F6CDF389-ECC5-489F-91DC-B7108862F5AE}] => (Allow) LPort=1900
FirewallRules: [{2FCF398D-DD8D-4BE0-B969-8835B9721AFD}] => (Allow) LPort=2869
FirewallRules: [{3EFBBBA4-0047-4AEE-B553-589D05995858}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{14BC79C8-6E2B-4A52-8189-E3265CE115EA}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [TCP Query User{868A8BA8-1A11-40E8-A265-3DCDE7FA1493}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [{0C18421A-BF3E-4D98-A895-44F7D46ED5C0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{17580A3B-AAF6-4FD8-A58E-293C62706060}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{34F31BA7-E7E5-4688-BDB8-46063D372A88}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A47D90C5-3703-4E77-9A68-BCD9B35CAA72}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0D000170-8F9B-4952-9042-C30047D87ACE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2FE96A9E-A298-4473-B73D-EE492C9E3418}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe => Keine Datei
FirewallRules: [UDP Query User{E0EB5A11-6002-4CAB-8A19-6B8A84F79DE1}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe => Keine Datei
FirewallRules: [{58CA85D7-700A-4836-873B-FFC8B93E9078}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{79AAF4E3-B238-4A49-8770-61A8FA30FFA6}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{0BA3FDA2-1333-4752-BFEC-8B6A38E31911}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{CFB366DE-0CB1-42CE-BA0B-84A8D410C19A}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{5D4FB98B-7EF9-4EE3-B9D4-42D142ADAF10}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{CF603A51-CAD1-4994-9E1E-41A6FCD0AAEF}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [{9E28A17B-93FA-4E5A-A63C-9E2AD49E59F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C79B3122-3544-416C-9E53-4FC6AF263F4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CE0BF954-8F12-4022-B33E-73D95A1DF0F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => Keine Datei
FirewallRules: [{7BC477BE-666F-4852-9FCF-036568AF6D90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A05D895-9AB8-4899-B1B8-124D8C0D095A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{658F1A2B-4D5B-413A-BB79-352894E2EBBE}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [UDP Query User{54DFB830-12CA-4B1D-8E99-4D6B546D6210}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [TCP Query User{FA3C583F-E198-4D51-B705-97D7A0BC077E}C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe => Keine Datei
FirewallRules: [UDP Query User{E188FFDD-38A3-4017-9612-F38AC9EF43ED}C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe => Keine Datei
FirewallRules: [{76FF9CAE-11CD-4E4A-A78F-48B7B26CBBF1}] => (Block) C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe => Keine Datei
FirewallRules: [{DE2A4B23-5167-4BA5-B7BE-F9F6F25B4DE0}] => (Block) C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe => Keine Datei
FirewallRules: [TCP Query User{665F8518-5826-4DC2-8B3E-16ED27E5E5A3}C:\users\atelierniederhein\appdata\roaming\appcelerator\aptana studio\aptanastudio3.exe] => (Allow) C:\users\atelierniederhein\appdata\roaming\appcelerator\aptana studio\aptanastudio3.exe => Keine Datei
FirewallRules: [UDP Query User{84A73FBF-59D2-49CD-975D-2CC1F508B9DB}C:\users\atelierniederhein\appdata\roaming\appcelerator\aptana studio\aptanastudio3.exe] => (Allow) C:\users\atelierniederhein\appdata\roaming\appcelerator\aptana studio\aptanastudio3.exe => Keine Datei
FirewallRules: [{0B2B8011-82C0-4880-8E30-A00CD8C2407D}] => (Allow) C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{5E304959-046E-4CA7-87E4-9469EBCF68C1}] => (Allow) C:\Program Files (x86)\Canon\IJ Network Device Setup Utility\cnwidadr.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{66EDED6A-1AA1-4CCC-94FD-90E73C1976D7}] => (Allow) C:\Program Files (x86)\Canon\IJ Network Device Setup Utility\cnwiddsu\cnwiddsu.exe (Canon Inc. -> CANON INC.)
FirewallRules: [TCP Query User{BE3CF35B-A1C5-49C9-99B3-32FC972F05B5}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [UDP Query User{E27795D1-B0DD-42C4-AF29-774B7CE7D5F4}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [TCP Query User{2A49DBA0-7596-4F70-BA42-BC5EAC632B01}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{D23B6274-25BC-497A-8FFE-91806628AE64}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{69C5B773-93F5-4FDE-9B70-739A4E929148}C:\program files (x86)\aptana\aptanastudio3.exe] => (Allow) C:\program files (x86)\aptana\aptanastudio3.exe (APPCELERATOR, INC. -> )
FirewallRules: [UDP Query User{D139CCDE-AE63-4E70-8888-84432DC211AA}C:\program files (x86)\aptana\aptanastudio3.exe] => (Allow) C:\program files (x86)\aptana\aptanastudio3.exe (APPCELERATOR, INC. -> )
FirewallRules: [{679082F8-6018-41AA-9C24-C8D41AD7473F}] => (Block) C:\program files (x86)\aptana\aptanastudio3.exe (APPCELERATOR, INC. -> )
FirewallRules: [{8411B95E-EBD2-4F17-9805-9F9A9C301324}] => (Block) C:\program files (x86)\aptana\aptanastudio3.exe (APPCELERATOR, INC. -> )
FirewallRules: [TCP Query User{CFA7E475-A24B-45A8-8ED2-DFDC4884E16F}C:\users\atelierniederhein\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\atelierniederhein\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{EB2CC056-A87B-450A-A312-253AC0797165}C:\users\atelierniederhein\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\atelierniederhein\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A43FED45-36DA-4F39-9870-8E199E0B0EAE}] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => Keine Datei
FirewallRules: [{E857E96B-B54A-4C65-95A7-C8EB955F2143}] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => Keine Datei
FirewallRules: [{51DB877E-B062-4842-A3CD-4A5D374A87B3}] => (Allow) C:\Program Files (x86)\PUBGLite\Launcher.exe => Keine Datei
FirewallRules: [{069FE4DC-03D1-4087-A03E-41F5A592DB50}] => (Allow) C:\Program Files (x86)\PUBGLite\Launcher.exe => Keine Datei
FirewallRules: [{0FF39C26-1163-491B-827E-CB2DBC14B891}] => (Allow) C:\Program Files (x86)\PUBGLite\Launcher.exe => Keine Datei
FirewallRules: [{2D4D5350-1BDB-4997-8C03-D68218E42869}] => (Allow) C:\Program Files (x86)\PUBGLite\Launcher.exe => Keine Datei
FirewallRules: [{5E84A3CD-9CDC-4AC8-A4E3-E39BF53C0157}] => (Allow) C:\Program Files (x86)\PUBGLite\LauncherAgent.exe => Keine Datei
FirewallRules: [{A4CCC749-D0AC-45D6-8CE2-A9A78D5BAE7C}] => (Allow) C:\Program Files (x86)\PUBGLite\LauncherAgent.exe => Keine Datei
FirewallRules: [{71B6DF3E-5DE3-49CE-89C1-D42FAD5F9E62}] => (Allow) C:\Program Files (x86)\PUBGLite\LauncherAgent.exe => Keine Datei
FirewallRules: [{2AB0FB76-6278-4531-80B6-CECA078E340B}] => (Allow) C:\Program Files (x86)\PUBGLite\LauncherAgent.exe => Keine Datei
FirewallRules: [{B435871E-D40B-4DEC-901F-31CDC8AE3D09}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A873B6B-5175-462F-84C4-ABD86EB07B6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65BB0CF5-7A30-4C33-A4F5-80C1400745C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7255C36C-222E-43E0-B9CD-C060778EABF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2C6E0A99-5432-4225-909B-ADA3962B2DC8}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\15CA73D8-3C82-4BAE-86CD-945BF9620516\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{14922505-5E18-4F42-843B-2B9E57933748}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\15CA73D8-3C82-4BAE-86CD-945BF9620516\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [TCP Query User{B2C83F9D-5AB1-4C11-A287-42DC739A7A69}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{8C4CAB35-5D9C-43C5-9347-3D36B0966E76}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{52969622-5843-4AB1-ADCE-10A349B61B75}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{477C64C6-3A1F-4BAE-8CCB-B25441AEA1A6}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [{94B21823-0CF2-4C88-8785-E353CADDCF1F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E32E3C3-CB09-4003-95A2-9CF0EB009C14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{07164D0A-EF39-4B8D-8FC3-B9F3BD83F120}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6BC5DEF0-944B-406A-AD77-FA39A97B6EA0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9AA5B3BE-0DAF-4851-ADDF-BB003D960C71}] => (Allow) C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [{FD3CDE74-2266-4214-AB88-AA80ACE9942B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3383187E-BC7F-475D-8D87-A9D0F5F925AF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5353CF13-57D0-427C-AD11-84EE3AC8D783}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{46318F51-A326-4811-928A-DC0F96D09781}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{80A97E64-2D8E-4B45-B28F-62731FF5AD94}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{29304329-8278-4E45-92E5-35C7730FC6E4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{92190EFB-9867-4472-AFC1-320C211762BF}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{434B5627-DC23-4B8B-9436-E4410689D581}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{B0E7D65A-8DBB-48D2-8D86-B20DA58B6B0C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (02/25/2021 04:09:06 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).
Error: (02/25/2021 03:16:41 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Error: (02/25/2021 03:16:39 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Error: (02/25/2021 03:16:39 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Error: (02/25/2021 07:43:36 AM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Error: (02/24/2021 06:42:33 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Error: (02/24/2021 06:42:33 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Error: (02/24/2021 08:26:00 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).
Systemfehler:
=============
Error: (02/25/2021 04:08:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelHaxm" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (02/25/2021 04:08:49 PM) (Source: IntelHaxm) (EventID: 3) (User: )
Description: HAXM Failed to init VMX
Error: (02/25/2021 04:08:49 PM) (Source: IntelHaxm) (EventID: 6) (User: )
Description: HAXM can't work on system without VT support
Error: (02/25/2021 04:08:04 PM) (Source: DCOM) (EventID: 10010) (User: Atelier_PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/25/2021 04:08:04 PM) (Source: DCOM) (EventID: 10010) (User: Atelier_PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/25/2021 04:08:04 PM) (Source: DCOM) (EventID: 10010) (User: Atelier_PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/25/2021 04:08:03 PM) (Source: DCOM) (EventID: 10010) (User: Atelier_PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/25/2021 04:08:03 PM) (Source: DCOM) (EventID: 10010) (User: Atelier_PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===============
Date: 2020-12-03 14:35:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. F1 10/16/2013
Hauptplatine: Gigabyte Technology Co., Ltd. G1.Sniper Z87
Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 16266.99 MB
Verfügbarer physikalischer RAM: 9325.39 MB
Summe virtueller Speicher: 18698.99 MB
Verfügbarer virtueller Speicher: 10080.01 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:222.98 GB) (Free:25.29 GB) NTFS
Drive d: () (CDROM) (Total:0 GB) (Free:0 GB)
Drive e: (Seagate Expansion Drive) (Fixed) (Total:1863.01 GB) (Free:1257.18 GB) NTFS
\\?\Volume{8d3f0743-b5ab-11e3-900b-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{bff46629-0000-0000-0000-30c537000000}\ () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: BFF46629)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=500 MB) - (Type=27)
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: B99B5FC4)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
|
|
25.02.2021, 19:04
| #3 |
| /// TB-Ausbilder   | Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren Auswirkungen Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen. Ich analysiere gerade dein System und melde mich in Kürze mit weiteren Anweisungen. |
|
25.02.2021, 19:09
| #4 | |
| /// TB-Ausbilder | Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren AuswirkungenZitat:
Es hat zwar diesen Exploit entdeckt, aber die ganze Adware/PUP, die sich auf deinem Rechner befindet, erkennt es nicht.  Du lädst dir Software vom "erstbesten Link" herunter, oder? Bitte mal den Lesestoff zu Geüte führen!   Schlechte Downloadquellen - so kommt Schadsoftware auf deinen PC Lade keine Software von Chip.de, Softonic.de, sourceforge.net, openoffice.de, VLC.de, audacity.de, gimp24.de oder updatestar.com. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software (Potentially Unwanted Programs, kurz PUP) oder Adware installiert. Auf manchen Seiten wird direkt PUP / Adware zum Download angeboten. Für Windows gibt es seit einiger Zeit einen brauchbaren Paketmanager, der mit einfachen Befehlen es erlaubt, automatisiert Software herunterzuladen und zu installieren. Das erspart eine Menge Arbeit, denn ohne einen Paketmanager muss man jedes Programm selbst prüfen und separat manuell updaten, vorher manuell noch runterladen etc. pp. - siehe auch --> chocolatey Paketmanager für Windows Wir empfehlen dringend, alle Programme, sofern verfügbar, über chocolatey zu installieren. Falls du schon mit Linux zu tun hattest, wird dir die Syntax sehr vertraut sein. Die FAQs zu choco findest du da --> Chocolatey: Häufig gestellte Fragen (englisch) Selbstverständlich darfst du auch Fragen zu chocolatey im o.g. Thread zu chocolatey stellen. Für den seltenen Fall, dass du das benötigte Programm nicht im repository von chocolatey findest: Lade diese Software immer direkt beim jeweiligen Hersteller / Entwickler. Schritt 1 Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 2 Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 3
Bitte poste mit deiner nächsten Antwort:
|
|
26.02.2021, 12:38
| #5 |
| | Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren Auswirkungen Hallo Matthias, schon mal vielen Dank für Deine Hilfe! Ja, ich gestehe, dass ich in Sachen PC-Hygiene sehr schlampig bin und es mir sicher viel zu oft zu einfach mache. Sicher verwunderlich, dass ich mir bisher nichts Schlimmeres eingefangen habe. Die Anweisungen habe ich ausgeführt und im Folgenden die Logs.... Vielen Dank! Michael Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 26.02.21
Scan-Zeit: 11:51
Protokolldatei: 88872f04-7820-11eb-8055-74d43585b2ed.json
-Softwaredaten-
Version: 4.3.0.98
Komponentenversion: 1.0.1173
Version des Aktualisierungspakets: 1.0.37509
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19042.804)
CPU: x64
Dateisystem: NTFS
Benutzer: Atelier_PC\AtelierNiederhein
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 343948
Erkannte Bedrohungen: 90
In die Quarantäne verschobene Bedrohungen: 90
Abgelaufene Zeit: 5 Min., 0 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 14
PUP.Optional.StartPage.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA}, In Quarantäne, 6916, 396863, , , , , ,
PUP.Optional.StartPage.ShrtCln, HKU\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA}, In Quarantäne, 6916, 396863, 1.0.37509, , ame, , ,
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Startfenster-Replace.de, In Quarantäne, 8265, 350112, , , , , ,
PUP.Optional.GoodGame.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GoodGame.de, In Quarantäne, 8946, 401580, , , , , ,
PUP.Optional.StartPage, HKLM\SOFTWARE\Websuche, In Quarantäne, 571, 463409, 1.0.37509, , ame, , ,
PUP.Optional.StartFenster.ShrtCln, HKU\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\AM, In Quarantäne, 8259, 401432, 1.0.37509, , ame, , ,
PUP.Optional.StartFenster, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Startfenster-Replace.exe, In Quarantäne, 8265, 350115, 1.0.37509, , ame, , ,
PUP.Optional.GimpUpdaterDe.ShrtCln, HKU\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GIMP Updater, In Quarantäne, 13870, 728127, 1.0.37509, , ame, , ,
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\djhangopedggnlnicpbjklghlckmndge, In Quarantäne, 8265, 354303, 1.0.37509, , ame, , ,
PUP.Optional.GreatDealz, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\lobonlhedgiilkfmbbbfhkaoefacipgj, In Quarantäne, 8685, 466866, 1.0.37509, , ame, , ,
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Startfenster-Replace.exe, In Quarantäne, 8265, 350115, 1.0.37509, , ame, , ,
PUP.Optional.QwebDe, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Qweb.de, In Quarantäne, 9667, 478742, , , , , ,
Adware.KeenValue, HKLM\SOFTWARE\WOW6432NODE\Updater, In Quarantäne, 3526, 212959, 1.0.37509, , ame, , ,
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Updater, In Quarantäne, 8265, 541219, , , , , ,
Registrierungswert: 10
PUP.Optional.StartPage.ShrtCln, HKU\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA}|FAVICONURL, In Quarantäne, 6916, 396863, 1.0.37509, , ame, , ,
PUP.Optional.StartPage.ShrtCln, HKU\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA}|URL, In Quarantäne, 6916, 396863, 1.0.37509, , ame, , ,
PUP.Optional.StartFenster.ShrtCln, HKU\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\AM|STARTFENSTER SYMBOL, In Quarantäne, 8259, 401432, 1.0.37509, , ame, , ,
PUP.Optional.StartFenster.ShrtCln, HKU\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\AM|STARTFENSTER-REPLACE, In Quarantäne, 8259, 401432, 1.0.37509, , ame, , ,
PUP.Optional.GoodGame.ShrtCln, HKU\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\AM|GOODGAME, In Quarantäne, 8946, 401601, 1.0.37509, , ame, , ,
PUP.Optional.GimpUpdaterDe.ShrtCln, HKU\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GIMP UPDATER, In Quarantäne, 13870, 728126, 1.0.37509, , ame, , ,
PUP.Optional.GreatDealz, HKU\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|LOBONLHEDGIILKFMBBBFHKAOEFACIPGJ, In Quarantäne, 8685, 466866, , , , , ,
PUP.Optional.StartPage.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA}|FAVICONURL, In Quarantäne, 6916, 396862, 1.0.37509, , ame, , ,
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Updater, In Quarantäne, 8265, 541219, , , , , ,
PUP.Optional.StartPage.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA}|URL, In Quarantäne, 6916, 396862, 1.0.37509, , ame, , ,
Registrierungsdaten: 1
PUP.Optional.StartPage.ShrtCln, HKU\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Ersetzt, 6916, 395422, 1.0.37509, , ame, , ,
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 12
PUP.Optional.StartFenster, C:\PROGRAM FILES (X86)\STARTFENSTER-REPLACE, In Quarantäne, 8265, 350112, 1.0.37509, , ame, , ,
PUP.Optional.GoodGame.ShrtCln, C:\PROGRAM FILES (X86)\GOODGAME, In Quarantäne, 8946, 401580, 1.0.37509, , ame, , ,
PUP.Optional.VLCUpdaterDE, C:\PROGRAM FILES (X86)\VLC UPDATER, In Quarantäne, 8336, 353751, 1.0.37509, , ame, , ,
PUP.Optional.GreatDealz, C:\PROGRAM FILES (X86)\GREATDEALZ, In Quarantäne, 8685, 388477, 1.0.37509, , ame, , ,
PUP.Optional.QwebDe, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\QWEB SYMBOL, In Quarantäne, 9667, 478741, 1.0.37509, , ame, , ,
PUP.Optional.QwebDe, C:\PROGRAM FILES (X86)\QWEB SYMBOL, In Quarantäne, 9667, 478742, 1.0.37509, , ame, , ,
Trojan.Banker, C:\RECYCLER\S-1-5-21-0243556031-888888379-781862338-1968138750, In Quarantäne, 25, 506854, 1.0.37509, , ame, , ,
PUP.Optional.StartFenster, C:\PROGRAMDATA\UPDATER, In Quarantäne, 8265, 541219, 1.0.37509, , ame, , ,
PUP.Optional.QwebDe.ShrtCln, C:\USERS\ATELIERNIEDERHEIN\APPDATA\ROAMING\GIMP UPDATER, In Quarantäne, 11022, 728125, 1.0.37509, , ame, , ,
PUP.Optional.StartFenster, C:\USERS\ATELIERNIEDERHEIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, In Quarantäne, 8265, 455286, , , , , ,
PUP.Optional.StartFenster, C:\USERS\ATELIERNIEDERHEIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, In Quarantäne, 8265, 455286, , , , , ,
PUP.Optional.StartFenster, C:\USERS\ATELIERNIEDERHEIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, In Quarantäne, 8265, 455286, , , , , ,
Datei: 53
PUP.Optional.StartFenster.ShrtCln, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\STARTFENSTER.LNK, In Quarantäne, 8259, 349853, 1.0.37509, , ame, , AF388855D2264546E3C332ADB25A22D9, 145F6A3FB58A8EB6392C59BD5BEE69E05A6D1E5AD49EC22AFB82D9BD04B9A1D0
PUP.Optional.StartFenster, C:\USERS\ATELIERNIEDERHEIN\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\USER PINNED\TASKBAR\STARTFENSTER SYMBOL.LNK, In Quarantäne, 8265, 350108, 1.0.37509, , ame, , 4335E2A9C86EAF6F50605D66F53C0CD5, 42B6DAAEAA4448DB13BAE495105AD122C368B30972E064A681220DAFC04BBE0C
PUP.Optional.StartFenster, C:\PROGRAM FILES (X86)\STARTFENSTER-REPLACE\LOGO.ICO, In Quarantäne, 8265, 350112, 1.0.37509, , ame, , BDCF63C89B22A44CDF5B1BE184714A26, C333C15AC24C7820F8E613E6878F1823514E15618CBBFE16161405CDE5270A39
PUP.Optional.StartFenster, C:\Program Files (x86)\Startfenster-Replace\uninstall.exe, In Quarantäne, 8265, 350112, , , , , 453CD208DDE29DF341C2D8C3754D23BC, 12C1395B92058BF0EEE1375B5A7A8E71EC2EF0E1C20165AC367E05C4DDFA5B06
PUP.Optional.GoodGame.ShrtCln, C:\PROGRAM FILES (X86)\GOODGAME\SETUP.ICO, In Quarantäne, 8946, 401580, 1.0.37509, , ame, , 58E4B64420F84EFA71F0CE29CD50429E, BA306550D41BE6E77BB836384504AC1979F467320295E6BE2A2F39433DF7A7A6
PUP.Optional.GoodGame.ShrtCln, C:\Program Files (x86)\GoodGame\bigfarm.ico, In Quarantäne, 8946, 401580, , , , , 45B821EB95557B6B7E00289F22C1BA24, 4C02D9BF5497A4CCA25F054311C0C12E64495E9AC2EA235A6E8787029ED99CBF
PUP.Optional.GoodGame.ShrtCln, C:\Program Files (x86)\GoodGame\empire.ico, In Quarantäne, 8946, 401580, , , , , 58A5323B66D3334572DA30572A369CE9, AE64EBDD1309C30F4778244330EEC7ED6EEEB96A363426586519E3C4356CC67A
PUP.Optional.GoodGame.ShrtCln, C:\Program Files (x86)\GoodGame\uninstall.exe, In Quarantäne, 8946, 401580, , , , , 48FF80E435CDE88CE8640F836CBBA91D, 9BEB37DF3BD5974ABC51B7BF35F0A38D6B6F7C94026238F58815E95CCE55CBE4
PUP.Optional.GoodGame.ShrtCln, C:\USERS\ATELIERNIEDERHEIN\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\USER PINNED\TASKBAR\GOODGAME.LNK, In Quarantäne, 8946, 401586, 1.0.37509, , ame, , EA120EBBF3C266CAC8EFD91C524A74E1, CF72108120A7831F4210E149C6973D8C0343D286A4391693FFAC9094A8CC6C9C
PUP.Optional.GoodGame.ShrtCln, C:\USERS\PUBLIC\DESKTOP\GoodGame BigFarm spielen.lnk, In Quarantäne, 8946, 401592, 1.0.37509, , ame, , EA120EBBF3C266CAC8EFD91C524A74E1, CF72108120A7831F4210E149C6973D8C0343D286A4391693FFAC9094A8CC6C9C
PUP.Optional.GoodGame.ShrtCln, C:\USERS\PUBLIC\DESKTOP\GoodGame Empire spielen.lnk, In Quarantäne, 8946, 401592, 1.0.37509, , ame, , 30D7D37DA3C02E97A295E72191EEBFBE, 354D9C3E0CD86706FA59045EE6441CF57A97B7A413FE2D80C40CB4063814E63E
PUP.Optional.GoodGame.ShrtCln, C:\USERS\ATELIERNIEDERHEIN\FAVORITES\LINKS\GoodGame BigFarm spielen.lnk, In Quarantäne, 8946, 401583, 1.0.37509, , ame, , EA120EBBF3C266CAC8EFD91C524A74E1, CF72108120A7831F4210E149C6973D8C0343D286A4391693FFAC9094A8CC6C9C
PUP.Optional.GoodGame.ShrtCln, C:\USERS\ATELIERNIEDERHEIN\FAVORITES\LINKS\GoodGame Empire spielen.lnk, In Quarantäne, 8946, 401583, 1.0.37509, , ame, , 30D7D37DA3C02E97A295E72191EEBFBE, 354D9C3E0CD86706FA59045EE6441CF57A97B7A413FE2D80C40CB4063814E63E
PUP.Optional.GoodGame.ShrtCln, C:\USERS\ATELIERNIEDERHEIN\FAVORITES\GoodGame BigFarm spielen.lnk, In Quarantäne, 8946, 401584, 1.0.37509, , ame, , EA120EBBF3C266CAC8EFD91C524A74E1, CF72108120A7831F4210E149C6973D8C0343D286A4391693FFAC9094A8CC6C9C
PUP.Optional.GoodGame.ShrtCln, C:\USERS\ATELIERNIEDERHEIN\FAVORITES\GoodGame Empire spielen.lnk, In Quarantäne, 8946, 401584, 1.0.37509, , ame, , 30D7D37DA3C02E97A295E72191EEBFBE, 354D9C3E0CD86706FA59045EE6441CF57A97B7A413FE2D80C40CB4063814E63E
PUP.Optional.GoodGame.ShrtCln, C:\USERS\ATELIERNIEDERHEIN\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\GoodGame BigFarm spielen.lnk, In Quarantäne, 8946, 401585, 1.0.37509, , ame, , EA120EBBF3C266CAC8EFD91C524A74E1, CF72108120A7831F4210E149C6973D8C0343D286A4391693FFAC9094A8CC6C9C
PUP.Optional.GoodGame.ShrtCln, C:\USERS\ATELIERNIEDERHEIN\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\GoodGame Empire spielen.lnk, In Quarantäne, 8946, 401585, 1.0.37509, , ame, , 30D7D37DA3C02E97A295E72191EEBFBE, 354D9C3E0CD86706FA59045EE6441CF57A97B7A413FE2D80C40CB4063814E63E
PUP.Optional.VLCUpdaterDE, C:\PROGRAM FILES (X86)\VLC UPDATER\SETUP.ICO, In Quarantäne, 8336, 353751, 1.0.37509, , ame, , 6F7E92FE7E6A62661AC2B41528A78FC6, FD9B5998B98EE0BA86ED7687F215A1CDDE90C00B0B1CD11DC83E3614389CB6AD
PUP.Optional.VLCUpdaterDE, C:\Program Files (x86)\VLC Updater\uninstall.exe, In Quarantäne, 8336, 353751, , , , , 8E387B02090DBCF119EA219AE9425C21, 28E1A7C4178970D87BA3790461B6E1E29C5E91B38C25D3EC6F1C977578ECA0EC
PUP.Optional.VLCUpdaterDE, C:\Program Files (x86)\VLC Updater\vlc-updater.exe, In Quarantäne, 8336, 353751, , , , , 386112C1632557841499A65BA32165D3, 511E5FBBCE302C5A394E7EC41C230687117A382A788D15774325A75E94F886DE
PUP.Optional.GimpUpdaterDe.ShrtCln, C:\USERS\ATELIERNIEDERHEIN\APPDATA\ROAMING\GIMP UPDATER\UPDATER.EXE, In Quarantäne, 13870, 728126, , , , , 18774F18676445FA0B85BEC3037F9CF4, 9646873526A4F5C05267EDBA8D88D6651107B9E67DA6C45D0D3370C49A1E95BE
PUP.Optional.GoodGame.ShrtCln, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\GOODGAME\GoodGame BigFarm spielen.lnk, In Quarantäne, 8946, 401581, 1.0.37509, , ame, , EA120EBBF3C266CAC8EFD91C524A74E1, CF72108120A7831F4210E149C6973D8C0343D286A4391693FFAC9094A8CC6C9C
PUP.Optional.GoodGame.ShrtCln, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\GOODGAME\GoodGame Empire spielen.lnk, In Quarantäne, 8946, 401581, 1.0.37509, , ame, , 30D7D37DA3C02E97A295E72191EEBFBE, 354D9C3E0CD86706FA59045EE6441CF57A97B7A413FE2D80C40CB4063814E63E
PUP.Optional.GoodGame.ShrtCln, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\GoodGame BigFarm spielen.lnk, In Quarantäne, 8946, 401587, 1.0.37509, , ame, , EA120EBBF3C266CAC8EFD91C524A74E1, CF72108120A7831F4210E149C6973D8C0343D286A4391693FFAC9094A8CC6C9C
PUP.Optional.GreatDealz, C:\Program Files (x86)\GreatDealz\lobonlhedgiilkfmbbbfhkaoefacipgj.crx, In Quarantäne, 8685, 388477, , , , , 318FDE27DCD8B40F85B0790DE1B84D98, 26529CDA5F955326AF2ABD49914FCFA50358A2A16ADB5CEB7AD7BE61452C7CB1
PUP.Optional.GoodGame.ShrtCln, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\GoodGame Empire spielen.lnk, In Quarantäne, 8946, 401587, 1.0.37509, , ame, , 30D7D37DA3C02E97A295E72191EEBFBE, 354D9C3E0CD86706FA59045EE6441CF57A97B7A413FE2D80C40CB4063814E63E
PUP.Optional.QwebDe, C:\USERS\ATELIERNIEDERHEIN\FAVORITES\QWEB CONVERTER INSTALLIEREN.LNK, In Quarantäne, 9667, 478748, 1.0.37509, , ame, , 3E9DADC7A69FF007E90069FF81161A96, E207F82B2A0477132651D1B9020035EF9BA2D2FC2ED5236A9CF4728FA3B38933
PUP.Optional.GreatDealz, C:\USERS\ATELIERNIEDERHEIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Ersetzt, 8685, 466866, , , , , C1F1EAA4B9D09A1EB82D48D486517766, 321F4C1C078AA4DC5ABC154D60A79B49A0268830F08AB58391A08C7F3310024E
PUP.Optional.QwebDe, C:\USERS\ATELIERNIEDERHEIN\FAVORITES\LINKS\QWEB CONVERTER INSTALLIEREN.LNK, In Quarantäne, 9667, 478749, 1.0.37509, , ame, , 3E9DADC7A69FF007E90069FF81161A96, E207F82B2A0477132651D1B9020035EF9BA2D2FC2ED5236A9CF4728FA3B38933
PUP.Optional.QwebDe, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\QWEB CONVERTER INSTALLIEREN.LNK, In Quarantäne, 9667, 478744, 1.0.37509, , ame, , 3E9DADC7A69FF007E90069FF81161A96, E207F82B2A0477132651D1B9020035EF9BA2D2FC2ED5236A9CF4728FA3B38933
PUP.Optional.QwebDe, C:\USERS\ATELIERNIEDERHEIN\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\USER PINNED\TASKBAR\QWEB SYMBOL.LNK, In Quarantäne, 9667, 496142, 1.0.37509, , ame, , 3E9DADC7A69FF007E90069FF81161A96, E207F82B2A0477132651D1B9020035EF9BA2D2FC2ED5236A9CF4728FA3B38933
PUP.Optional.QwebDe, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qweb Symbol\ deinstallieren.lnk, In Quarantäne, 9667, 478741, , , , , 161228C0F0003C55D74FCCA07BC694BA, D75B2FC452B96255F38C8FDC8595049ED022E087C889CCE81B71F5669B9A410F
PUP.Optional.QwebDe, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qweb Symbol\Qweb Converter installieren.lnk, In Quarantäne, 9667, 478741, , , , , 3E9DADC7A69FF007E90069FF81161A96, E207F82B2A0477132651D1B9020035EF9BA2D2FC2ED5236A9CF4728FA3B38933
PUP.Optional.QwebDe, C:\USERS\ATELIERNIEDERHEIN\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\QWEB CONVERTER INSTALLIEREN.LNK, In Quarantäne, 9667, 478746, 1.0.37509, , ame, , 3E9DADC7A69FF007E90069FF81161A96, E207F82B2A0477132651D1B9020035EF9BA2D2FC2ED5236A9CF4728FA3B38933
PUP.Optional.QwebDe, C:\Program Files (x86)\Qweb Symbol\qweb.ico, In Quarantäne, 9667, 478742, , , , , 36D4D68344A3095BDFAB1FA5FE030795, ED9E540371968B4A63CE0705B31CAFA00AC8F5540413C4557F07C26C3D6CF0F2
PUP.Optional.QwebDe, C:\Program Files (x86)\Qweb Symbol\uninstall.exe, In Quarantäne, 9667, 478742, , , , , 364C38809CDD45188621EEE377B23FCF, DFE5A4739A068E39BB887FBB6FDCCE4A448E4751EBDFA9E326F5F609A66887BD
PUP.Optional.StartFenster, C:\PROGRAMDATA\UPDATER\CHECK-UPDATE.EXE, In Quarantäne, 8265, 541219, 1.0.37509, , ame, , 470F3664CB71A971177593422280713B, 2C1E83A4F17CE641878B4625BA7D46E9EA5C415D084A5D9161FADB619CAD4A6F
PUP.Optional.StartFenster, C:\ProgramData\Updater\setup.ico, In Quarantäne, 8265, 541219, , , , , A60B9AFB2DBC13DBFCFE4172325D1712, B2199B7933227655475B64C50AFE09E1DB10D511A248283DDD8EE88EF794A680
PUP.Optional.StartFenster, C:\ProgramData\Updater\uninstall.exe, In Quarantäne, 8265, 541219, , , , , 261B2499F1F5D36B46F3B730FFDB4996, 1D94DF3DB02E6067E936BFACC0D10FC27464DD635F6D8E0665721AE6D6F9A724
PUP.Optional.QwebDe.ShrtCln, C:\USERS\ATELIERNIEDERHEIN\APPDATA\ROAMING\GIMP UPDATER\GIMP.ICO, In Quarantäne, 11022, 728125, 1.0.37509, , ame, , 3A502781380607A40C507EB316BB5D96, 9165E8721AC00B0E2235F018181B2383F42BA1451B8365A918BDFC82F6E0B63E
PUP.Optional.QwebDe.ShrtCln, C:\Users\AtelierNiederhein\AppData\Roaming\GIMP Updater\uninst.exe, In Quarantäne, 11022, 728125, , , , , BA40B063B7C51AF1C254ED18B32DC86E, 18459F7E2F32D68075172F190E8B6F91D058A6DB225CE8E8C4392B5F6D0FDA85
PUP.Optional.ChipDe, C:\USERS\ATELIERNIEDERHEIN\DOWNLOADS\HIJACKTHIS - CHIP-INSTALLER VOM 24.02.2021 456E5770BF506EB7D7B3888D815AD1B5.EXE, In Quarantäne, 9554, 557991, 1.0.37509, C2BF7BCB91C3F9EDC4D26450, dds, 01133428, 5F5B877DFAC2A4EC5AF890F33D7801C6, 5C3022D3CEDD37473E7FA598742CA27DA5B07C1E658A801CC64686F2E1FCB729
PUP.Optional.StartFenster, C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, In Quarantäne, 8265, 455286, , , , , 87A2838AE6CBF992A379B8A811786412, E42EDAEF21E97C70113290032164317E8F73F5C7C4BBC455643600B09C930E67
PUP.Optional.StartFenster, C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000113.log, In Quarantäne, 8265, 455286, , , , , 8443299947279799FBB908AC4F7D0350, 841F10BA21C4B6EFA535919F95C12B5B5C197C8A2D966E2466B349E2768FFC6E
PUP.Optional.StartFenster, C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000115.ldb, In Quarantäne, 8265, 455286, , , , , 165F91051B914EAA5BA0B0BA311792D4, 9F81BA32B14F907E69E9C01628F850E332E114F71AD4C7B4FE9780604AA4A733
PUP.Optional.StartFenster, C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, In Quarantäne, 8265, 455286, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.StartFenster, C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, In Quarantäne, 8265, 455286, , , , , ,
PUP.Optional.StartFenster, C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, In Quarantäne, 8265, 455286, , , , , 90A43EDB8B2B2E50F1FD9EB008681DA5, 73A93845703D4E7594F4BE0695BF392CE798DE6847EB1597DF7F6157B3492CB0
PUP.Optional.StartFenster, C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, In Quarantäne, 8265, 455286, , , , , 0A23996397857C10CD0C21EA62E3706B, D5EA8700EA252FBA80E4E04F442FF105401AE0B006928E6A183E00F0014438F3
PUP.Optional.StartFenster, C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, In Quarantäne, 8265, 455286, , , , , 21E48FC9828C99A45F5D4927CAB9B16E, 65070D1C73DDEAF7B693D20B895C1DC96B87B132D9CF8E5C180541E3AE201844
PUP.Optional.StartFenster, C:\USERS\ATELIERNIEDERHEIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 8265, 455286, 1.0.37509, , ame, , 5883D038EAF12922D81DEC733D7C5BC7, 223DDF01FE0A2CD3A5444966A88B985B963FB526A7EA9A2ADF877CDF67DCCC3B
PUP.Optional.StartFenster, C:\USERS\ATELIERNIEDERHEIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 8265, 455286, 1.0.37509, , ame, , 5883D038EAF12922D81DEC733D7C5BC7, 223DDF01FE0A2CD3A5444966A88B985B963FB526A7EA9A2ADF877CDF67DCCC3B
PUP.Optional.StartFenster, C:\USERS\ATELIERNIEDERHEIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Ersetzt, 8265, 455286, 1.0.37509, , ame, , 5883D038EAF12922D81DEC733D7C5BC7, 223DDF01FE0A2CD3A5444966A88B985B963FB526A7EA9A2ADF877CDF67DCCC3B
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-26-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 21
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\VLC Plus Player
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodGame
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player
Deleted C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC UPDATER
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startfenster.lnk
Deleted C:\Users\Public\Desktop\VLC Plus Player.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\GIMP Updater
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA92FC08-40B9-4490-A1F6-CEEFCFD54526}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA92FC08-40B9-4490-A1F6-CEEFCFD54526}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4015CD01-07AB-4354-9E43-E63DFAB5A6A2}
Deleted Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Program Files\DELL\SUPPORTASSISTAGENT
*************************
AdwCleaner[S00].txt - [3566 octets] - [26/02/2021 12:14:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2021
durchgeführt von AtelierNiederhein (Administrator) auf ATELIER_PC (Gigabyte Technology Co., Ltd. G1.Sniper Z87) (26-02-2021 12:20:25)
Gestartet von C:\Users\AtelierNiederhein\Downloads
Geladene Profile: AtelierNiederhein
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe
(Canon INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\116.4.368\QtWebEngineProcess.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) [Datei ist nicht signiert] C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) [Datei ist nicht signiert] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\AtelierNiederhein\Downloads\adwcleaner_8.1.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\AtelierNiederhein\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <6>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Notepad++ -> Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Synology Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-10-09] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992336 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickToolbox] => C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe [2340768 2018-05-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-05] (Adobe Inc. -> )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680720 2021-02-18] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [TabletDriver] => C:\Huion Tablet\x64\TabletDriverCore.exe [334056 2019-12-28] (Shenzhen Huion Animation Technology Co.,LTD -> )
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [AusweisApp2] => C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe [2405504 2020-11-30] (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [] => [X]
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\MountPoints2: {994bdb3c-1515-11eb-ab19-74d43585b2ed} - "E:\Autorun.exe"
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4708328 2021-01-17] (Microsoft Windows -> Microsoft Corporation) <==== ACHTUNG
HKLM\...\Windows x64\Print Processors\Canon MB2700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDD0.DLL [30720 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP640 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA2.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpcpp120: C:\Windows\System32\spool\prtprocs\x64\hpcpp120.DLL [342016 2012-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MB2700 series: C:\WINDOWS\system32\CNCALD0.DLL [254464 2015-11-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MB2700 series: C:\WINDOWS\system32\CNMLMD0.DLL [436736 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MB2700 series XPS: C:\WINDOWS\system32\CNMXLMD0.DLL [438784 2015-11-18] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-26] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Huion Tablet.lnk [2020-12-27]
ShortcutTarget: Huion Tablet.lnk -> C:\Huion Tablet\Huion Tablet.exe (Shenzhen Huion Animation Technology Co.,LTD -> )
Startup: C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-10-15]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) [Datei ist nicht signiert]
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0BDFD991-F8B5-4BEE-8530-45660E0017B2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {10D8BCA2-0BE0-467B-9D4B-A897FCB0A99C} - System32\Tasks\BundleApplicationRepairToolLauncherTask => C:\Users\AtelierNiederhein\AppData\Roaming\PCDr\Repair\BundleApplicationRepairTool.exe [625024 2018-01-22] (PC-Doctor, Inc. -> )
Task: {12F6F9F7-2275-45BB-95E7-2114EA65FF67} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {1CFF7823-78EF-46B3-A9DC-7E09FBC06883} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe [152128 2020-10-19] (Johannes Schindelin -> The Git Development Community)
Task: {1E1AA683-1EEF-4264-8968-7EA37A1A3969} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1E8503BB-182C-4B7C-96D7-CA1396FDCF21} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2220FFED-725D-45AC-804A-B0D1840B9931} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {40963EC1-283A-4F9B-A04D-ADD40F8398D5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44130ECF-C77E-4F05-8443-7EDB691A4EB3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A31CF7F-82DF-4288-9EEC-00C0D39806B3} - System32\Tasks\AdobeAAMUpdater-1.0-Atelier_PC-AtelierNiederhein => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5C4C9D73-63F6-40D1-B10A-51E01301ADEF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {62A0F4F7-4327-4235-9042-94D34B32495B} - System32\Tasks\Red Giant Link => C:\Program [Argument = Files (x86)\Red Giant Link\Red Giant Link.exe]
Task: {64151D08-FB32-4417-B741-0119D3ECB8E1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {65323232-04B3-4D1B-A73A-60CCB8464652} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {661367E9-26A1-411C-B42B-F962A4C04EDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-28] (Google Inc -> Google LLC)
Task: {781E23ED-CF39-4361-8B26-31C6AE6EA57D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {8B5250F2-E991-4F5D-9797-DFC5242918F3} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {9E36B745-5CA5-4EAD-A9B9-9A080FD510EF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B1B91048-64C2-4F64-A07C-48DF270D5FB9} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {BF9DFB29-744A-44C4-B75A-36CDBD359B87} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {CCCB4A12-FE2E-4E47-9019-FC85F691113D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D2D4D365-8A40-48B8-848E-BFDA0B54BB7E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-28] (Google Inc -> Google LLC)
Task: {DB3F2604-FE62-482E-9851-B4ABC5799615} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E8636D29-32DE-412D-A15D-971827532F7F} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {ECB9FE9C-C4C5-4722-A736-1903CFB243D0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F6B38547-7C6F-4A89-AEA2-6D87DAF88FD7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F8BF1748-421D-4457-9146-E1B158630EE3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4f89c9de-8a11-4370-a3fc-a9199241aa6a}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\AtelierNiederhein\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-26]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: xspktsq9.default-1575993033040
FF ProfilePath: C:\Users\AtelierNiederhein\AppData\Roaming\Mozilla\Firefox\Profiles\xspktsq9.default-1575993033040 [2021-02-26]
FF Homepage: Mozilla\Firefox\Profiles\xspktsq9.default-1575993033040 -> www.google.de
FF Notifications: Mozilla\Firefox\Profiles\xspktsq9.default-1575993033040 -> hxxps://www.facebook.com
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-10-09] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll [2008-10-15] (CANON INC.) [Datei ist nicht signiert]
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\WINDOWS\system32\C2MP\npdivx32.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.9.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @vlc.de/vlc,version=3.0.11 -> C:\Program Files (x86)\VLC Plus Player\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-02-15] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-10-09] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-962593549-1501595251-2753236537-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\AtelierNiederhein\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-03-09] (Unity Technologies SF -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-962593549-1501595251-2753236537-1000: LWA64Plugin15.8 -> C:\Users\AtelierNiederhein\AppData\Roaming\Mozilla\Plugins\npLWA64Plugin15.8.dll [2013-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-962593549-1501595251-2753236537-1000: LWAPlugin15.8 -> C:\Users\AtelierNiederhein\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2013-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\AtelierNiederhein\AppData\Roaming\mozilla\plugins\npLWA64Plugin15.8.dll [2018-05-25]
FF Plugin ProgramFiles/Appdata: C:\Users\AtelierNiederhein\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll [2018-05-25]
Chrome:
=======
CHR Profile: C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default [2021-02-25]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.instagram.com
CHR StartupUrls: Default -> "hxxps://calendar.google.com/calendar/r?tab=wc"
CHR Extension: (Präsentationen) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-28]
CHR Extension: (Docs) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-28]
CHR Extension: (Google Drive) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (YouTube) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-28]
CHR Extension: (Adobe Acrobat) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-18]
CHR Extension: (Tabellen) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-28]
CHR Extension: (Google Docs Offline) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Google Mail) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-10-09] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8404720 2019-11-09] (BattlEye Innovations e.K. -> )
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2018-05-18] (Synology Inc. -> ) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [113152 2016-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44064 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc -> Dell Inc.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397256 2018-11-19] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-26] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-11-30] (Dell Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10967832 2021-02-05] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-12-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1064968 2016-12-13] (Creative Technology Ltd -> Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-26] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-26] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-02-26] (Malwarebytes Inc -> Malwarebytes)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 wacomhidfilter; C:\WINDOWS\System32\drivers\wacomhidfilter.sys [12968 2008-08-27] (Wacom Technology Corp. -> Wacom Technology)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2021-02-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-02-26 12:17 - 2021-02-26 12:17 - 000003770 _____ C:\Users\AtelierNiederhein\Desktop\AdwCleaner[C00].txt
2021-02-26 12:16 - 2021-02-26 12:16 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-26 12:16 - 2021-02-26 12:16 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-26 12:16 - 2021-02-26 12:16 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-02-26 12:16 - 2021-02-26 12:16 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\LocalLow\IGDump
2021-02-26 12:13 - 2021-02-26 12:15 - 000000000 ____D C:\AdwCleaner
2021-02-26 12:10 - 2021-02-26 12:10 - 008463216 _____ (Malwarebytes) C:\Users\AtelierNiederhein\Downloads\adwcleaner_8.1.exe
2021-02-26 12:08 - 2021-02-26 12:08 - 000020274 _____ C:\Users\AtelierNiederhein\Desktop\malwareScan.txt
2021-02-26 11:58 - 2021-02-26 11:58 - 000000000 ____H C:\ProgramData\rebootpending.txt
2021-02-26 11:58 - 2021-02-26 11:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2021-02-26 11:50 - 2021-02-26 11:50 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-26 11:50 - 2021-02-26 11:50 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-26 11:50 - 2021-02-26 11:50 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-02-26 11:49 - 2021-02-26 12:16 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-26 11:49 - 2021-02-26 11:49 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-02-26 11:49 - 2021-02-26 11:49 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-02-26 11:21 - 2021-02-26 11:21 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\mbam
2021-02-26 11:20 - 2021-02-26 11:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-26 11:18 - 2021-02-26 11:18 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-26 11:16 - 2021-02-26 11:16 - 002084016 _____ (Malwarebytes) C:\Users\AtelierNiederhein\Downloads\MBSetup.exe
2021-02-26 08:53 - 2021-02-26 08:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-26 07:38 - 2021-02-26 12:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-25 16:27 - 2021-02-25 16:28 - 000083593 _____ C:\Users\AtelierNiederhein\Downloads\Addition.txt
2021-02-25 16:25 - 2021-02-26 12:20 - 000033795 _____ C:\Users\AtelierNiederhein\Downloads\FRST.txt
2021-02-25 16:25 - 2021-02-26 12:20 - 000000000 ____D C:\FRST
2021-02-25 16:25 - 2021-02-25 16:25 - 002301440 _____ (Farbar) C:\Users\AtelierNiederhein\Downloads\FRST64.exe
2021-02-25 16:08 - 2021-02-25 16:08 - 000000000 ____D C:\WINDOWS\Panther
2021-02-24 18:02 - 2021-02-24 18:02 - 000022749 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_QTZQMX4WFQAB_1_Frau_Annette_Bohrloch.pdf
2021-02-24 15:10 - 2021-02-24 15:11 - 001029393 _____ C:\Users\AtelierNiederhein\Downloads\MWS_Integrators_ListingCreation_UK._V272404261_.pdf
2021-02-24 11:04 - 2021-02-24 11:04 - 005541016 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\AtelierNiederhein\Downloads\hijackthis.exe
2021-02-24 09:33 - 2021-02-24 09:34 - 001471893 _____ C:\Users\AtelierNiederhein\Downloads\f111-Vollmacht.pdf
2021-02-24 08:35 - 2021-02-25 15:50 - 000008046 _____ C:\WINDOWS\ntbtlog.txt
2021-02-24 08:25 - 2021-02-24 08:25 - 000000000 ____D C:\NPE
2021-02-24 08:24 - 2021-02-24 08:27 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\NPE
2021-02-24 08:24 - 2021-02-24 08:24 - 000000000 ____D C:\ProgramData\Norton
2021-02-24 08:23 - 2021-02-24 08:23 - 009645984 _____ (NortonLifeLock Inc.) C:\Users\AtelierNiederhein\Desktop\NPE.exe
2021-02-23 16:50 - 2021-02-23 16:50 - 000059863 _____ C:\Users\AtelierNiederhein\Documents\Liste_Zoll_v2.pdf
2021-02-22 16:53 - 2021-02-22 16:53 - 000022502 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_6VY63898CDB4_1_Herr_Thomas_Leonhardy.pdf
2021-02-22 16:38 - 2021-02-22 16:38 - 000191744 _____ C:\Users\AtelierNiederhein\Desktop\genexport (2).CSV
2021-02-20 14:04 - 2021-02-20 14:05 - 005228592 _____ C:\Users\AtelierNiederhein\Downloads\Deep_dive_on_Amazon_Neptune_DAT361.pdf
2021-02-19 15:30 - 2021-02-19 15:30 - 000693574 _____ C:\Users\AtelierNiederhein\Downloads\warum-2012.pdf
2021-02-19 09:31 - 2021-02-19 09:31 - 004310122 _____ C:\Users\AtelierNiederhein\Downloads\pkg_communitybuilder_2.5.0+build.2021.02.01.21.20.37.ae3d43f4e(1).zip
2021-02-19 09:30 - 2021-02-19 09:30 - 004310122 _____ C:\Users\AtelierNiederhein\Downloads\pkg_communitybuilder_2.5.0+build.2021.02.01.21.20.37.ae3d43f4e.zip
2021-02-18 10:32 - 2021-02-18 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-02-18 09:29 - 2021-02-18 09:29 - 000050434 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_M296EML5ZDZA_1_Frau_Petra_Rappo.pdf
2021-02-18 09:29 - 2021-02-18 09:29 - 000006556 _____ C:\Users\AtelierNiederhein\Downloads\DOF-210218M296EML5ZDZA-0012191914.pdf
2021-02-16 17:13 - 2021-02-16 17:13 - 000024610 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_Y9P3XM464MRB_1_Frau_Sarah_Romaniw.pdf
2021-02-16 17:13 - 2021-02-16 17:13 - 000024457 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_Y9P3XM464MRB_2_Frau_Marina_Mudrytska.pdf
2021-02-15 12:26 - 2021-02-15 12:26 - 000818689 _____ C:\Users\AtelierNiederhein\Downloads\Justizkrimi_ROCO_Raiffeisen_Manager-Magazin_Maerz2018.pdf
2021-02-14 04:12 - 2021-02-14 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-02-14 04:12 - 2021-02-14 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-02-14 04:12 - 2021-02-14 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-02-14 04:12 - 2021-02-14 04:12 - 000044064 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-02-12 16:21 - 2021-02-12 16:21 - 007857864 _____ C:\Users\AtelierNiederhein\Downloads\X20001-136-CatalogueSennelierFR-DE-NL-2019-pagesinterieures-reduc.pdf
2021-02-12 16:08 - 2021-02-12 16:08 - 000024364 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_C39FCNPD4G73_1_Sandra_Krug.pdf
2021-02-12 16:08 - 2021-02-12 16:08 - 000022479 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_C39FCNPD4G73_2_Frau_Peggy_Stein.pdf
2021-02-12 16:08 - 2021-02-12 16:08 - 000022198 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_C39FCNPD4G73_3_Frau_Nicole_Michaloudis.pdf
2021-02-12 12:45 - 2021-02-12 16:10 - 000004691 _____ C:\Users\AtelierNiederhein\.ganttproject
2021-02-12 12:44 - 2021-02-12 12:46 - 000000000 ____D C:\Users\AtelierNiederhein\Documents\GanttProject
2021-02-12 12:44 - 2021-02-12 12:44 - 000002056 _____ C:\ProgramData\Desktop\GanttProject.lnk
2021-02-12 12:44 - 2021-02-12 12:44 - 000000000 ____D C:\Users\AtelierNiederhein\.ganttproject.d
2021-02-12 12:44 - 2021-02-12 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GanttProject
2021-02-12 12:44 - 2021-02-12 12:44 - 000000000 ____D C:\Program Files (x86)\GanttProject-3.0
2021-02-12 12:41 - 2021-02-12 12:44 - 114651200 _____ C:\Users\AtelierNiederhein\Downloads\ganttproject-3.0.3000.exe
2021-02-12 08:43 - 2021-02-12 08:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 08:43 - 2021-02-12 08:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 08:43 - 2021-02-12 08:43 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-12 08:43 - 2021-02-12 08:43 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-12 08:43 - 2021-02-12 08:43 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-08 15:03 - 2021-02-08 15:03 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2021-02-06 17:26 - 2021-02-06 17:26 - 000024381 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_LUKHCAQPXPEN_4_Herr_Marc_Tenner.pdf
2021-02-06 17:26 - 2021-02-06 17:26 - 000022525 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_LUKHCAQPXPEN_3_Andreas_Wäldele.pdf
2021-02-06 17:26 - 2021-02-06 17:26 - 000022499 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_LUKHCAQPXPEN_5_Kristina_Neumann.pdf
2021-02-05 16:58 - 2021-02-05 16:58 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\LocalLow\Oracle
2021-02-05 16:39 - 2021-02-05 16:39 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk
2021-02-05 16:39 - 2021-02-05 16:39 - 000001134 _____ C:\ProgramData\Desktop\AusweisApp2.lnk
2021-02-05 16:39 - 2021-02-05 16:39 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\Governikus GmbH & Co. KG
2021-02-05 16:39 - 2021-02-05 16:39 - 000000000 ____D C:\Program Files (x86)\AusweisApp2
2021-02-05 16:38 - 2021-02-05 16:38 - 022896640 _____ C:\Users\AtelierNiederhein\Downloads\AusweisApp2-1.22.0.msi
2021-02-05 08:32 - 2021-02-05 08:32 - 000005689 _____ C:\Users\AtelierNiederhein\Documents\Snipping Tool Print Job.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000041458 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_3_Frau_petra_rappo.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000024538 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_2_Andreas_Wäldele.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000024529 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_1_Heiko_Herbst_.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000024289 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_6_Frau_Gudrun_Doege-Klein.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000022702 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_5_Herr_Matthias_Kindler.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000022531 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_4_Frau_Brigitte_Andritzke-Walter.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000006899 _____ C:\Users\AtelierNiederhein\Downloads\DOF-210203WNBT9UR88PC4-0011834233.pdf
2021-02-03 19:22 - 2021-02-03 19:22 - 000006659 _____ C:\Users\AtelierNiederhein\Downloads\DOF-210203VFDKBKTSEB3M-0011833904.pdf
2021-02-03 19:17 - 2021-02-03 19:17 - 000244723 _____ C:\Users\AtelierNiederhein\Downloads\2kg_coupons_20210114.pdf
2021-02-03 13:45 - 2021-02-03 13:45 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2021.lnk
2021-02-02 17:38 - 2021-02-02 17:38 - 000976969 _____ C:\Users\AtelierNiederhein\Downloads\Archive-2021-02-02-17-38-03.zip
2021-02-02 09:14 - 2021-02-02 09:38 - 000040076 _____ C:\Users\AtelierNiederhein\Downloads\oxarticles.csv
2021-02-01 14:08 - 2021-02-01 14:08 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-02-01 13:19 - 2021-02-01 13:19 - 000115971 _____ C:\Users\AtelierNiederhein\Downloads\invoice_TC9927697177.pdf
2021-02-01 12:35 - 2021-02-01 12:36 - 001756565 _____ C:\Users\AtelierNiederhein\Downloads\Kontoeroeffnung_20210201_600170.pdf
2021-02-01 10:09 - 2021-02-01 09:29 - 000020020 _____ C:\Users\AtelierNiederhein\Documents\order_pastell-shop__Standard%20Pastels%20Order%20Spreadsheet-20210126.xls_0.ods
2021-01-29 12:20 - 2021-02-16 12:35 - 000000000 ____D C:\Users\AtelierNiederhein\Downloads\archiv
2021-01-27 15:01 - 2021-01-27 15:01 - 000000000 ____D C:\WINDOWS\SysWOW64\NV
2021-01-27 15:01 - 2021-01-27 15:01 - 000000000 ____D C:\WINDOWS\system32\NV
2021-01-27 14:59 - 2021-01-23 09:57 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-27 14:59 - 2021-01-23 09:57 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-27 14:59 - 2021-01-23 09:57 - 001453720 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-27 14:59 - 2021-01-23 09:57 - 001435872 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-27 14:59 - 2021-01-23 09:57 - 001435872 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-27 14:59 - 2021-01-23 09:57 - 001094872 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-27 14:59 - 2021-01-23 09:57 - 001094872 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-27 14:59 - 2021-01-23 09:57 - 000948960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-27 14:59 - 2021-01-23 09:57 - 000948960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-27 14:59 - 2021-01-23 09:56 - 001193112 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-27 14:59 - 2021-01-23 09:54 - 001512104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-27 14:59 - 2021-01-23 09:54 - 001164968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-27 14:59 - 2021-01-23 09:54 - 000680088 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-27 14:59 - 2021-01-23 09:54 - 000672936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-27 14:59 - 2021-01-23 09:54 - 000558248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-27 14:59 - 2021-01-23 09:54 - 000547480 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 008262312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 007392920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 004611760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 002731184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 002103448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 001732264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446140.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 001589400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 001491608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446140.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 000813208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-27 14:59 - 2021-01-23 09:53 - 000657048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-27 14:59 - 2021-01-23 09:50 - 006070848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-02-26 12:18 - 2017-07-12 17:41 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-26 12:18 - 2017-02-25 20:36 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-26 12:17 - 2020-11-02 14:30 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-26 12:17 - 2017-02-25 17:41 - 000000000 ___RD C:\Users\AtelierNiederhein\Creative Cloud Files
2021-02-26 12:17 - 2016-11-20 16:10 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\LocalLow\Mozilla
2021-02-26 12:16 - 2020-09-25 18:05 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2021-02-26 12:16 - 2020-09-25 16:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-26 12:16 - 2020-09-25 16:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-26 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-26 12:16 - 2017-07-12 17:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-26 12:16 - 2015-12-20 08:54 - 000000000 ___RD C:\Users\AtelierNiederhein\OneDrive
2021-02-26 12:16 - 2015-12-19 17:36 - 000000000 __SHD C:\Users\AtelierNiederhein\IntelGraphicsProfiles
2021-02-26 12:15 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-26 12:09 - 2020-09-25 16:13 - 001590256 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-26 12:09 - 2019-12-07 15:50 - 000684966 _____ C:\WINDOWS\system32\perfh007.dat
2021-02-26 12:09 - 2019-12-07 15:50 - 000141424 _____ C:\WINDOWS\system32\perfc007.dat
2021-02-26 12:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-26 12:05 - 2020-09-25 16:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-26 12:05 - 2017-02-25 17:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-26 11:59 - 2017-02-25 16:39 - 000000000 ____D C:\ProgramData\Avira
2021-02-26 11:59 - 2017-02-25 16:39 - 000000000 ____D C:\Program Files (x86)\Avira
2021-02-26 11:58 - 2017-02-25 16:39 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-26 11:57 - 2020-06-15 06:41 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-26 11:57 - 2020-06-15 06:41 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-26 11:57 - 2019-04-28 07:38 - 000002252 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-26 11:57 - 2017-02-25 20:40 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-26 11:49 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-26 09:17 - 2014-05-11 16:05 - 000000000 ____D C:\Users\AtelierNiederhein\Documents\Steuerfälle
2021-02-26 08:32 - 2019-04-28 07:38 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-26 07:37 - 2019-11-06 05:57 - 000000000 ___HD C:\adobeTemp
2021-02-26 07:37 - 2017-02-25 17:40 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-02-25 14:15 - 2017-09-29 06:49 - 000001456 _____ C:\Users\AtelierNiederhein\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2021-02-24 09:38 - 2020-08-21 13:07 - 000000000 ____D C:\Projekte
2021-02-24 08:51 - 2017-04-25 04:57 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2021-02-24 08:51 - 2017-04-25 04:57 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-02-24 08:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-23 15:18 - 2017-02-25 16:21 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\Adobe
2021-02-23 15:18 - 2014-07-10 19:50 - 000000000 ____D C:\Users\AtelierNiederhein\Documents\Adobe
2021-02-23 09:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-22 16:48 - 2020-06-17 09:17 - 000007862 _____ C:\Users\AtelierNiederhein\Desktop\oxarticles.csv
2021-02-22 14:03 - 2020-08-21 10:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-22 09:16 - 2014-03-27 21:38 - 000000000 ___RD C:\Users\AtelierNiederhein\Dropbox
2021-02-22 08:14 - 2017-03-02 05:48 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\FileZilla
2021-02-20 13:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-18 14:13 - 2017-02-25 17:30 - 000000000 ____D C:\Program Files\Adobe
2021-02-18 14:07 - 2017-03-07 17:01 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\CrashDumps
2021-02-18 10:32 - 2017-02-26 08:22 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-02-17 15:47 - 2020-07-18 13:18 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\Code
2021-02-17 09:58 - 2020-11-09 11:06 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\pyinstaller
2021-02-17 09:50 - 2020-07-18 13:57 - 000000000 ____D C:\Users\AtelierNiederhein\.pylint.d
2021-02-16 11:30 - 2014-04-03 17:47 - 000000000 ____D C:\Users\AtelierNiederhein\Desktop\tmp
2021-02-15 16:51 - 2017-02-26 10:14 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-02-15 16:51 - 2017-02-26 10:14 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-02-15 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-15 08:27 - 2020-09-25 16:18 - 000003392 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-962593549-1501595251-2753236537-1000
2021-02-15 08:27 - 2020-09-25 16:10 - 000002455 _____ C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-12 16:39 - 2020-09-25 16:09 - 010187680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 16:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-12 16:10 - 2020-09-25 16:10 - 000000000 ____D C:\Users\AtelierNiederhein
2021-02-12 12:20 - 2020-07-18 13:18 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2021-02-12 08:38 - 2017-02-25 18:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 08:35 - 2017-02-25 18:33 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-11 07:42 - 2020-09-25 16:18 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-11 07:42 - 2020-09-25 16:18 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-10 16:07 - 2018-12-16 11:38 - 000000600 _____ C:\Users\AtelierNiederhein\AppData\Local\PUTTY.RND
2021-02-10 09:22 - 2020-07-23 12:41 - 000000000 ____D C:\Program Files (x86)\PUBGLite
2021-02-10 08:59 - 2019-11-18 22:14 - 000074552 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2021-02-09 15:39 - 2020-09-25 16:18 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-06 12:20 - 2020-09-25 16:18 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-06 12:20 - 2020-09-25 16:18 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-05 20:04 - 2020-02-20 08:56 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2020-08-21 10:35 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-02-02 10:35 - 2021-01-26 11:56 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2021.lnk
2021-02-02 10:35 - 2021-01-26 11:56 - 000002254 _____ C:\ProgramData\Desktop\SteuerSparErklärung 2021.lnk
2021-02-02 10:35 - 2021-01-26 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2021
2021-01-29 11:50 - 2017-02-26 08:22 - 000001258 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-01-29 11:50 - 2017-02-26 08:22 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-01-27 15:50 - 2017-06-30 09:28 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\NVIDIA
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2017-03-10 16:07 - 2018-10-21 11:41 - 000000033 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\AdobeWLCMCache.dat
2017-05-13 05:47 - 2020-11-07 16:23 - 000010120 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\ContactSheetII.log
2017-05-13 05:47 - 2020-11-07 16:23 - 000000709 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\Kontaktabzug II.xml
2021-01-02 17:16 - 2021-01-02 17:16 - 000000028 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\kulerdata.json
2017-09-29 06:49 - 2021-02-25 14:15 - 000001456 _____ () C:\Users\AtelierNiederhein\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2018-09-29 02:32 - 2018-09-29 02:32 - 000000000 _____ () C:\Users\AtelierNiederhein\AppData\Local\oobelibMkey.log
2018-12-16 11:38 - 2021-02-10 16:07 - 000000600 _____ () C:\Users\AtelierNiederhein\AppData\Local\PUTTY.RND
2020-08-23 12:04 - 2020-08-23 12:04 - 000008317 _____ () C:\Users\AtelierNiederhein\AppData\Local\recently-used.xbel
2018-08-16 16:14 - 2018-08-16 16:14 - 000007601 _____ () C:\Users\AtelierNiederhein\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
26.02.2021, 12:40
| #6 |
| | Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren AuswirkungenCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-02-2021
durchgeführt von AtelierNiederhein (26-02-2021 12:21:35)
Gestartet von C:\Users\AtelierNiederhein\Downloads
Windows 10 Home Version 20H2 19042.804 (X64) (2020-09-25 15:18:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-962593549-1501595251-2753236537-500 - Administrator - Disabled)
AtelierNiederhein (S-1-5-21-962593549-1501595251-2753236537-1000 - Administrator - Enabled) => C:\Users\AtelierNiederhein
DefaultAccount (S-1-5-21-962593549-1501595251-2753236537-503 - Limited - Disabled)
Gast (S-1-5-21-962593549-1501595251-2753236537-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-962593549-1501595251-2753236537-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-962593549-1501595251-2753236537-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (HKLM\...\{5737101A-27C4-408A-8A57-D1DC78DF84B4}) (Version: 8.2.1 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20138 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_5_1) (Version: 17.5.1 - Adobe Inc.)
Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0_12) (Version: 13.0.12 - Adobe Inc.)
Adobe Bridge 2021 (HKLM-x32\...\KBRG_11_0) (Version: 11.0 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.0.468 - Adobe Inc.)
Adobe ExtendScript Toolkit CC (HKLM-x32\...\{6297487E-3778-4F72-B458-55690418DB98}) (Version: 4.0.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_1) (Version: 25.1 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_1) (Version: 16.1 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_7) (Version: 14.7 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_1_1) (Version: 22.1.1.138 - Adobe Inc.)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_8) (Version: 14.8 - Adobe Inc.)
Amazon Kindle (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Amazon Kindle) (Version: 1.23.1.50133 - Amazon)
Android Studio (HKLM\...\Android Studio) (Version: 3.4 - Google LLC)
Aptana Studio (HKLM-x32\...\{2D6C1116-78C6-469C-9923-3E549218773F}) (Version: 3.7.2 - Appcelerator) Hidden
Aptana Studio (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Aptana Studio 3.7.2) (Version: 3.7.2 - Appcelerator)
AusweisApp2 (HKLM-x32\...\{F3E22721-7F7E-472F-BBBA-6B5572E15A58}) (Version: 1.22.0 - Governikus GmbH & Co. KG)
Blender (HKLM\...\{A0C803A1-310C-4EFF-B881-CA10CF7CD6A7}) (Version: 2.90.1 - Blender Foundation)
Canon Calibration Tool (HKLM-x32\...\CanonCalibrationTool) (Version: 1.3.0 - Canon Inc.)
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.2.0.18 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.0.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon Kurzwahlprogramm2 (HKLM-x32\...\Speed Dial Utility2) (Version: 2.1.0 - Canon Inc.)
Canon MB2700 series Benutzerregistrierung (HKLM-x32\...\Canon MB2700 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MB2700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MB2700_series) (Version: 1.01 - Canon Inc.)
Canon MB2700 series On-screen Manual (HKLM-x32\...\Canon MB2700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.4.0.15 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.2.0.10 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.3.0.15 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Utility Toolbox (HKLM-x32\...\Quick Toolbox) (Version: 2.3.0 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.7.32 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.7 (HKLM-x32\...\DPP) (Version: 3.7.3.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.3.0.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.6.1.1 - Canon Inc.)
Canon Utilities WFT-E1/E2/E3/E4/E5 Utility (HKLM-x32\...\WFTK) (Version: 3.4.1.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.4.1.11 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.2.11 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version: - getcomposer.org)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 116.4.368 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.10.4.1203 - Steinberg Media Technologies GmbH)
Express Rip CD-Ripper (HKLM-x32\...\ExpressRip) (Version: 3.01 - NCH Software)
FileZilla Client 3.51.0 (HKLM-x32\...\FileZilla Client) (Version: 3.51.0 - Tim Kosse)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
GanttProject (HKLM-x32\...\GanttProject) (Version: - )
GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
Git version 2.29.0 (HKLM\...\Git_is1) (Version: 2.29.0 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\GitHubDesktop) (Version: 2.5.6 - GitHub, Inc.)
GitKraken (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\gitkraken) (Version: 7.3.2 - Axosoft, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.52) (Version: 9.52 - Artifex Software Inc.)
heroku (HKLM-x32\...\heroku) (Version: - Heroku)
HP LJ300-400 color M351-M451 (HKLM-x32\...\{15CA73D8-3C82-4BAE-86CD-945BF9620516}) (Version: 5.0.12200.630 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (HKLM-x32\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM351M451DSService (HKLM-x32\...\{BF2198EB-503D-4E0B-89FB-509AADD6D545}) (Version: 001.001.05164 - Hewlett-Packard) Hidden
HPLaserJet300-400ColorM351-M451Series_HelpLearnCenter_SI (HKLM-x32\...\{BD019D8F-25B9-49D6-B301-07AFF65E35DD}) (Version: 1.02.0000 - Hewlett-Packard)
HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM351-M451 (HKLM-x32\...\{E25710A1-F024-4BAF-898C-32703F047737}) (Version: 1.02.0013 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM351_M451LaserJetService (HKLM-x32\...\{1125FC8E-975D-47BD-943D-0DFE0E2358B9}) (Version: 005.021.00132 - Hewlett-Packard) Hidden
hppToolboxProxyM351 (HKLM-x32\...\{6930AC06-C380-421E-91FE-9CA29D21D83E}) (Version: 035.024.006 - HP) Hidden
hpStatusAlerts (HKLM-x32\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM351_M451 (HKLM-x32\...\{25E11B5A-4817-4296-A260-235AE77B1708}) (Version: 050.034.0131 - Hewlett-Packard) Hidden
Huion Tablet v14.8.95.1136 (HKLM\...\{62047893-F186-48B8-83A5-1C74D8666D19}_is1) (Version: v14.8.95.1136 - )
IJ Network Device Setup Utility (HKLM-x32\...\IJ Network Device Setup Utility) (Version: 1.8.1 - Canon Inc.)
ImageMagick 7.0.3-0 Q16 (64-bit) (2016-09-05) (HKLM\...\ImageMagick 7.0.3 Q16 (64-bit)_is1) (Version: 7.0.3 - ImageMagick Studio LLC)
InstanceFinder (HKLM-x32\...\{32C0FD10-8FB4-427E-A16F-ED57C9343CF0}) (Version: 020.021.004 - HP) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{75299AB0-6BC8-435F-8D62-AA1DDEA1EF2F}) (Version: 7.5.2 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Maxon Cinema 4D 22 (HKLM\...\Maxon Cinema 4D S22) (Version: S22 - Maxon)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Lync Web App Plug-in (64-bit) (HKLM\...\{78E64466-8E20-40E2-8F77-6FA0C8A0FEB0}) (Version: 15.8.8308.726 - Microsoft Corporation)
Microsoft Lync Web App Plug-in (HKLM\...\{BE6D5464-0B1F-46CC-8973-F9651FE6A45A}) (Version: 15.8.8308.965 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.53.2 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 86.0 (x64 de) (HKLM\...\Mozilla Firefox 86.0 (x64 de)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 86.0.0.7723 - Mozilla)
Mozilla Thunderbird 24.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.0 (x86 de)) (Version: 24.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
NirSoft WhoisThisDomain (HKLM-x32\...\NirSoft WhoisThisDomain) (Version: - )
Node.js (HKLM-x32\...\{2D41A012-35EE-4724-AE8E-E592EDD9F89D}) (Version: 0.10.13 - Joyent, Inc. and other Node contributors)
Node.js (HKLM-x32\...\{EC1A7084-4725-4319-9D35-F204CE7FC2E6}) (Version: 8.11.1 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 3.9.0 (64-bit) (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\{a2a37ca0-8ebd-4d7e-b4b8-e6b1740c2ce0}) (Version: 3.9.150.0 - Python Software Foundation)
Python 3.9.0 Add to Path (64-bit) (HKLM\...\{4F5E962C-96E9-45B9-8F14-9A91748981C6}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Core Interpreter (64-bit) (HKLM\...\{92F322B1-D69A-43D1-82B4-24ADEBE5C650}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Development Libraries (64-bit) (HKLM\...\{E73FE192-7766-49FA-B28A-32F700D98A15}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Documentation (64-bit) (HKLM\...\{35E94198-B9F1-4D1E-A869-636AD5E6BCA8}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Executables (64-bit) (HKLM\...\{A9F718BA-8B5F-4AE7-ADDA-EFFF431948DB}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 pip Bootstrap (64-bit) (HKLM\...\{27FF09D8-6DE6-4F63-A3DD-8758D615D543}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Standard Library (64-bit) (HKLM\...\{42480EE5-670F-4AF3-A619-2E761A398340}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Tcl/Tk Support (64-bit) (HKLM\...\{4460A893-EFF6-4B33-BF21-BAA2159F57E6}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Test Suite (64-bit) (HKLM\...\{9141E990-BD45-4F42-BB32-B3012969355D}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Utility Scripts (64-bit) (HKLM\...\{35DC2DFB-0AEA-4DC2-AFA5-4EA2D2612B51}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{E45E56A4-FCDD-4C4A-966A-4FB81C932219}) (Version: 3.9.7217.0 - Python Software Foundation)
Recordify 2019 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 4.01 - Abelssoft)
Scribus 1.4.8 (HKLM-x32\...\Scribus 1.4.8) (Version: 1.4.8 - The Scribus Team)
Shotcut (HKLM-x32\...\Shotcut) (Version: - )
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Caleidoscope Sampler Track Content (HKLM-x32\...\{BD830EFB-4884-422C-8AA0-F564E839FC6F}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Content Updater (HKLM-x32\...\{23BAFE62-0AF0-4D71-98C2-47286139DC45}) (Version: 3.1.0 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 9 (HKLM\...\{E0FA80FD-82A7-4328-ABC3-0DA6A9FA1824}) (Version: 9.0.30 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.11 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.30 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.3.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Rock Pop Toolbox Drums Elements (HKLM-x32\...\{7AC78F55-2066-4EF5-AA6F-AD57FEAE7CBD}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Production Grooves Content (HKLM-x32\...\{F72824BC-4856-4050-A745-D92BC601CCDE}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{0B91CA67-AB51-4FCC-AD05-F4C8DF11D00B}) (Version: 17.01.1 - Wolters Kluwer Deutschland GmbH)
Steuer-Ratgeber 2017-2018 (HKLM-x32\...\{3DAB5687-7252-44BB-99FA-82E9E9AEA9BC}) (Version: 18.01.0 - Wolters Kluwer Deutschland GmbH)
Steuer-Ratgeber 2018-2019 (HKLM-x32\...\{C85C471D-8BA4-4C95-9DD2-64263B5329FD}) (Version: 19.01.0 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerRatgeber 2019-2020 (HKLM-x32\...\{A838952B-CEEC-4AF3-88C3-B4C4374337F7}) (Version: 20.01.9 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerRatgeber 2020-2021 (HKLM-x32\...\{2E5063A0-872A-4B65-8163-168B25E6D50A}) (Version: 20.10.6 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2017 (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.34.85 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2018 (HKLM-x32\...\{A1D1FDBD-02F9-49B6-9EB2-2DC6B1D37E16}) (Version: 23.39.56 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2019 (HKLM-x32\...\{C1274A30-7822-4CAE-A4C8-395E9E687107}) (Version: 24.34.134 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2020 (HKLM-x32\...\{E7E3F711-933D-4D9A-BA51-01F47179F23C}) (Version: 25.31.65 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2021 (HKLM-x32\...\{8C111EC2-454D-4C0B-B0D7-E845F1B3AAAD}) (Version: 26.26.67 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
Synology Cloud Station Drive (remove only) (HKLM\...\Synology Cloud Station Drive) (Version: 4.2.7.4415 - Synology, Inc.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.259142 - TeamViewer)
TextPad 8 (HKLM\...\{861AB1C1-1967-4C4A-BF86-C255E2D2B8FD}) (Version: 8.0.2 - Helios)
ToolboxProxy (HKLM-x32\...\{B64E0B43-A452-4B25-93DD-E5C6645A534A}) (Version: 035.024.006 - HP) Hidden
Unity Web Player (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\UnityWebPlayer) (Version: 5.3.8f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VLC Plus Player (HKLM-x32\...\VLC Plus Player) (Version: 3.0.11 - Aller Media e.K.) <==== ACHTUNG
WhatsApp (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\WhatsApp) (Version: 0.4.930 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Subsystem for Linux Update (HKLM\...\{8D646799-DB00-4000-AE7A-756A05A4F1D8}) (Version: 5.4.72 - Microsoft Corporation)
Windows-Treiberpaket - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
WinHTTrack Website Copier 3.49-2 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
XAMPP (HKLM-x32\...\xampp) (Version: 7.3.0-0 - Bitnami)
Yamaha Steinberg USB Driver (HKLM\...\{D6E6D5BA-F07E-4495-A8E4-B735B291C9EF}) (Version: 1.8.7 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{D6E6D5BA-F07E-4495-A8E4-B735B291C9EF}) (Version: 1.8.7 - Yamaha Corporation)
yWriter5 (HKLM-x32\...\yWriter5_is1) (Version: - Spacejock Software)
Zoom (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-09] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-17] (Adobe Systems Incorporated)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-22] (Facebook Inc)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-02-10] (Microsoft Corporation)
Houzz -> C:\Program Files\WindowsApps\0D16BB98.Houzz_1.1.22.0_neutral__gyej1c4xgx4mg [2020-12-29] (Houzz Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.2.837.0_x64__v10z8vjag6ke6 [2021-02-23] (HP Inc.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-22] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-2ED9D4E320EA} -> [Creative Cloud Files] => C:\Users\AtelierNiederhein\Creative Cloud Files [2017-02-25 17:41]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll () [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{539DB5D1-C0C6-11D0-985E-0060970BEC0B}\localserver32 -> C:\Program Files\Adobe\Adobe FrameMaker 2019\FrameMaker.exe /Automation /iconic /nosplash => Keine Datei
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9}\InprocServer32 -> C:\Program Files\TextPad 8\System\ShellExt64.dll (Helios Software Solutions Ltd -> )
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{7ECF6F97-B4F3-4168-9835-F59C06D7875F}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\Microsoft\LWAPlugin\x64\15.8\LWAPluginInProc.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\AtelierNiederhein\Dropbox [2014-03-27 21:38]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-04-21] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-01-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-962593549-1501595251-2753236537-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2018-07-13] () [Datei ist nicht signiert]
ContextMenuHandlers1_S-1-5-21-962593549-1501595251-2753236537-1000: [TextPad8] -> {5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9} => C:\Program Files\TextPad 8\System\ShellExt64.dll [2016-02-28] (Helios Software Solutions Ltd -> )
ContextMenuHandlers6_S-1-5-21-962593549-1501595251-2753236537-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2018-07-13] () [Datei ist nicht signiert]
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [vidc.divx] => C:\Windows\SysWOW64\divx.dll [685056 2009-05-01] (DivX, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\divx.dll [685056 2009-05-01] (DivX, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2008-12-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\SysWOW64\ff_vfw.dll [85504 2009-06-02] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.vp60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.vp61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.vp62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [497664 2009-08-11] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2000-04-01] (Packed With Joy !) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\nodejs\nodevars.bat"
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-07-21 08:35 - 2015-07-21 08:35 - 000512000 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll
2020-11-11 12:37 - 2020-11-11 12:37 - 000215040 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Notepad++\plugins\ComparePlugin\ComparePlugin.dll
2020-05-13 05:19 - 2020-05-13 05:19 - 002058752 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Notepad++\plugins\XMLTools\XMLTools.dll
2019-02-05 20:00 - 2015-09-15 16:07 - 000318464 _____ (CANON INC) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2015-07-21 08:36 - 2015-07-21 08:36 - 000009728 _____ (Canon INC.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Canon\EOS Utility\de\EOS Utility.resources.dll
2015-07-21 08:35 - 2015-07-21 08:35 - 001069056 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\EOS Utility\EdsImage.dll
2019-02-05 20:00 - 2015-09-01 18:11 - 000194560 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2019-02-05 20:00 - 2015-06-17 16:01 - 000008704 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_DEU.DLL
2019-02-05 20:00 - 2015-06-17 16:00 - 000104960 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2019-02-05 20:00 - 2015-05-26 09:44 - 000141312 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnwidsd.dll
2017-10-24 12:43 - 2017-12-07 11:25 - 000219648 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJPLM\CNMPU2.DLL
2019-02-05 20:01 - 2018-05-09 19:00 - 000121344 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnalmmod.dll
2019-02-05 20:01 - 2018-05-09 19:00 - 000016896 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Quick Utility Toolbox\de\cnqtbres.dll
2017-02-25 18:45 - 2015-11-18 05:00 - 000438784 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMXLMD0.DLL
2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hpzjrd01.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000041472 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000073728 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 001222656 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzipm12.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000034816 _____ (HP) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\System32\HPTcpMUI.dll
2018-07-13 12:34 - 2018-07-13 12:34 - 002768896 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\AtelierNiederhein\Anwendungsdaten:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\AtelierNiederhein\Local Settings (1):init [1491545]
AlternateDataStreams: C:\Users\AtelierNiederhein\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
SearchScopes: HKLM -> DefaultScope {CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA} URL =
SearchScopes: HKU\S-1-5-21-962593549-1501595251-2753236537-1000 -> DefaultScope {CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\localhost -> localhost
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-02-25 16:08 - 2017-02-25 16:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2020-09-25 19:14 - 2020-11-12 16:50 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.26.64.1 Atelier_PC.mshome.net # 2025 11 2 11 15 50 0 587
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files\ImageMagick-7.0.3-Q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\nodejs\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\PuTTY\;C:\xampp\php;C:\ProgramData\ComposerSetup\bin;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{84FCC611-09BE-42ED-B8A0-C2BF63E75DD8}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{7C0C2F48-0225-402F-9C36-9D4948732054}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => Keine Datei
FirewallRules: [{90EFA8FF-5A64-4BD6-961F-195E3021C848}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2BF73297-7F78-4FF0-B733-1F77B03D5706}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{49BFECF6-5ADB-4F1C-9837-C5425C217C47}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{31A8AD45-4E78-4F04-B413-6FD7191837CE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0C695600-5A12-4B9A-B024-81638A00F462}] => (Allow) C:\Users\AtelierNiederhein\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{11130003-085A-4266-A4D4-B8653E7807EC}] => (Allow) C:\Users\AtelierNiederhein\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{9A632E6A-BF73-42D2-AECC-957B6D26735C}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{C932265D-FE63-4799-84EF-ED4A72A2043B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{80D8A77F-1F56-4FEE-B622-989BBAFB8C96}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{51997B05-FB5C-4E9F-A65C-C303971C4B1A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{39671CF0-E089-42BD-AFE7-453B6F31FA37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => Keine Datei
FirewallRules: [{0DA7A56E-5B74-413D-A3FF-37CEE86E5383}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => Keine Datei
FirewallRules: [UDP Query User{47C80A70-6FDF-411D-9CD1-D89FE8DE3FED}C:\users\atelierniederhein\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\atelierniederhein\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{DAE8790E-5F96-42F0-9590-DD4258614060}C:\users\atelierniederhein\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\atelierniederhein\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{9376E755-BB61-4E25-9D9E-E8D3A2559134}C:\users\atelierniederhein\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\atelierniederhein\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C58EA3E3-6CEC-49AD-B034-C07BF82B55AC}C:\users\atelierniederhein\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\atelierniederhein\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99E6B323-E607-48D9-8735-DA9D04D7EA6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A6F1347-53FE-45EA-AF72-0CAAE9FA4287}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A0178A0-0F0C-4E0D-8EC6-13FD583427EB}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (CANON INC.) [Datei ist nicht signiert]
FirewallRules: [{6B0E60D1-BA1C-4972-9A29-1E778DBFE7A1}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (CANON INC.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{1EB06CEB-C47E-47E2-BA4E-E549057F7CEE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D55FAE90-57AD-4836-8ECA-4687A355E28E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F6CDF389-ECC5-489F-91DC-B7108862F5AE}] => (Allow) LPort=1900
FirewallRules: [{2FCF398D-DD8D-4BE0-B969-8835B9721AFD}] => (Allow) LPort=2869
FirewallRules: [{3EFBBBA4-0047-4AEE-B553-589D05995858}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{14BC79C8-6E2B-4A52-8189-E3265CE115EA}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [TCP Query User{868A8BA8-1A11-40E8-A265-3DCDE7FA1493}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [{0C18421A-BF3E-4D98-A895-44F7D46ED5C0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{17580A3B-AAF6-4FD8-A58E-293C62706060}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{34F31BA7-E7E5-4688-BDB8-46063D372A88}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A47D90C5-3703-4E77-9A68-BCD9B35CAA72}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0D000170-8F9B-4952-9042-C30047D87ACE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2FE96A9E-A298-4473-B73D-EE492C9E3418}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe => Keine Datei
FirewallRules: [UDP Query User{E0EB5A11-6002-4CAB-8A19-6B8A84F79DE1}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe => Keine Datei
FirewallRules: [{58CA85D7-700A-4836-873B-FFC8B93E9078}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{79AAF4E3-B238-4A49-8770-61A8FA30FFA6}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{0BA3FDA2-1333-4752-BFEC-8B6A38E31911}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{CFB366DE-0CB1-42CE-BA0B-84A8D410C19A}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{5D4FB98B-7EF9-4EE3-B9D4-42D142ADAF10}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{CF603A51-CAD1-4994-9E1E-41A6FCD0AAEF}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [{9E28A17B-93FA-4E5A-A63C-9E2AD49E59F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C79B3122-3544-416C-9E53-4FC6AF263F4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CE0BF954-8F12-4022-B33E-73D95A1DF0F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => Keine Datei
FirewallRules: [{7BC477BE-666F-4852-9FCF-036568AF6D90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A05D895-9AB8-4899-B1B8-124D8C0D095A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{658F1A2B-4D5B-413A-BB79-352894E2EBBE}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [UDP Query User{54DFB830-12CA-4B1D-8E99-4D6B546D6210}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [TCP Query User{FA3C583F-E198-4D51-B705-97D7A0BC077E}C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe => Keine Datei
FirewallRules: [UDP Query User{E188FFDD-38A3-4017-9612-F38AC9EF43ED}C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe => Keine Datei
FirewallRules: [{76FF9CAE-11CD-4E4A-A78F-48B7B26CBBF1}] => (Block) C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe => Keine Datei
FirewallRules: [{DE2A4B23-5167-4BA5-B7BE-F9F6F25B4DE0}] => (Block) C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe => Keine Datei
FirewallRules: [TCP Query User{665F8518-5826-4DC2-8B3E-16ED27E5E5A3}C:\users\atelierniederhein\appdata\roaming\appcelerator\aptana studio\aptanastudio3.exe] => (Allow) C:\users\atelierniederhein\appdata\roaming\appcelerator\aptana studio\aptanastudio3.exe => Keine Datei
FirewallRules: [UDP Query User{84A73FBF-59D2-49CD-975D-2CC1F508B9DB}C:\users\atelierniederhein\appdata\roaming\appcelerator\aptana studio\aptanastudio3.exe] => (Allow) C:\users\atelierniederhein\appdata\roaming\appcelerator\aptana studio\aptanastudio3.exe => Keine Datei
FirewallRules: [{0B2B8011-82C0-4880-8E30-A00CD8C2407D}] => (Allow) C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{5E304959-046E-4CA7-87E4-9469EBCF68C1}] => (Allow) C:\Program Files (x86)\Canon\IJ Network Device Setup Utility\cnwidadr.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{66EDED6A-1AA1-4CCC-94FD-90E73C1976D7}] => (Allow) C:\Program Files (x86)\Canon\IJ Network Device Setup Utility\cnwiddsu\cnwiddsu.exe (Canon Inc. -> CANON INC.)
FirewallRules: [TCP Query User{BE3CF35B-A1C5-49C9-99B3-32FC972F05B5}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [UDP Query User{E27795D1-B0DD-42C4-AF29-774B7CE7D5F4}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [TCP Query User{2A49DBA0-7596-4F70-BA42-BC5EAC632B01}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{D23B6274-25BC-497A-8FFE-91806628AE64}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{69C5B773-93F5-4FDE-9B70-739A4E929148}C:\program files (x86)\aptana\aptanastudio3.exe] => (Allow) C:\program files (x86)\aptana\aptanastudio3.exe (APPCELERATOR, INC. -> )
FirewallRules: [UDP Query User{D139CCDE-AE63-4E70-8888-84432DC211AA}C:\program files (x86)\aptana\aptanastudio3.exe] => (Allow) C:\program files (x86)\aptana\aptanastudio3.exe (APPCELERATOR, INC. -> )
FirewallRules: [{679082F8-6018-41AA-9C24-C8D41AD7473F}] => (Block) C:\program files (x86)\aptana\aptanastudio3.exe (APPCELERATOR, INC. -> )
FirewallRules: [{8411B95E-EBD2-4F17-9805-9F9A9C301324}] => (Block) C:\program files (x86)\aptana\aptanastudio3.exe (APPCELERATOR, INC. -> )
FirewallRules: [TCP Query User{CFA7E475-A24B-45A8-8ED2-DFDC4884E16F}C:\users\atelierniederhein\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\atelierniederhein\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{EB2CC056-A87B-450A-A312-253AC0797165}C:\users\atelierniederhein\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\atelierniederhein\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A43FED45-36DA-4F39-9870-8E199E0B0EAE}] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => Keine Datei
FirewallRules: [{E857E96B-B54A-4C65-95A7-C8EB955F2143}] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => Keine Datei
FirewallRules: [{51DB877E-B062-4842-A3CD-4A5D374A87B3}] => (Allow) C:\Program Files (x86)\PUBGLite\Launcher.exe => Keine Datei
FirewallRules: [{069FE4DC-03D1-4087-A03E-41F5A592DB50}] => (Allow) C:\Program Files (x86)\PUBGLite\Launcher.exe => Keine Datei
FirewallRules: [{0FF39C26-1163-491B-827E-CB2DBC14B891}] => (Allow) C:\Program Files (x86)\PUBGLite\Launcher.exe => Keine Datei
FirewallRules: [{2D4D5350-1BDB-4997-8C03-D68218E42869}] => (Allow) C:\Program Files (x86)\PUBGLite\Launcher.exe => Keine Datei
FirewallRules: [{5E84A3CD-9CDC-4AC8-A4E3-E39BF53C0157}] => (Allow) C:\Program Files (x86)\PUBGLite\LauncherAgent.exe => Keine Datei
FirewallRules: [{A4CCC749-D0AC-45D6-8CE2-A9A78D5BAE7C}] => (Allow) C:\Program Files (x86)\PUBGLite\LauncherAgent.exe => Keine Datei
FirewallRules: [{71B6DF3E-5DE3-49CE-89C1-D42FAD5F9E62}] => (Allow) C:\Program Files (x86)\PUBGLite\LauncherAgent.exe => Keine Datei
FirewallRules: [{2AB0FB76-6278-4531-80B6-CECA078E340B}] => (Allow) C:\Program Files (x86)\PUBGLite\LauncherAgent.exe => Keine Datei
FirewallRules: [{B435871E-D40B-4DEC-901F-31CDC8AE3D09}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A873B6B-5175-462F-84C4-ABD86EB07B6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65BB0CF5-7A30-4C33-A4F5-80C1400745C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7255C36C-222E-43E0-B9CD-C060778EABF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2C6E0A99-5432-4225-909B-ADA3962B2DC8}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\15CA73D8-3C82-4BAE-86CD-945BF9620516\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{14922505-5E18-4F42-843B-2B9E57933748}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\15CA73D8-3C82-4BAE-86CD-945BF9620516\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [TCP Query User{B2C83F9D-5AB1-4C11-A287-42DC739A7A69}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{8C4CAB35-5D9C-43C5-9347-3D36B0966E76}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{52969622-5843-4AB1-ADCE-10A349B61B75}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{477C64C6-3A1F-4BAE-8CCB-B25441AEA1A6}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert]
FirewallRules: [{94B21823-0CF2-4C88-8785-E353CADDCF1F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E32E3C3-CB09-4003-95A2-9CF0EB009C14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{07164D0A-EF39-4B8D-8FC3-B9F3BD83F120}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6BC5DEF0-944B-406A-AD77-FA39A97B6EA0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9AA5B3BE-0DAF-4851-ADDF-BB003D960C71}] => (Allow) C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [{3383187E-BC7F-475D-8D87-A9D0F5F925AF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5353CF13-57D0-427C-AD11-84EE3AC8D783}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{46318F51-A326-4811-928A-DC0F96D09781}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{80A97E64-2D8E-4B45-B28F-62731FF5AD94}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{29304329-8278-4E45-92E5-35C7730FC6E4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{92190EFB-9867-4472-AFC1-320C211762BF}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{434B5627-DC23-4B8B-9436-E4410689D581}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{B0E7D65A-8DBB-48D2-8D86-B20DA58B6B0C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei
FirewallRules: [{1356C154-84FA-47E2-80AA-83D80CB83446}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Wiederherstellungspunkte =========================
25-02-2021 16:50:33 Geplanter Prüfpunkt
26-02-2021 12:15:21 AdwCleaner_BeforeCleaning_26/02/2021_12:15:21
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (02/26/2021 12:15:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (02/26/2021 12:15:48 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (02/26/2021 12:04:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (02/26/2021 11:43:57 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Das Sicherheitscenter konnte den Aufrufer nicht überprüfen. Der Fehler %1 ist aufgetreten.
Error: (02/25/2021 07:43:21 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Error: (02/25/2021 07:43:19 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Error: (02/25/2021 07:43:18 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Error: (02/25/2021 05:09:47 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Systemfehler:
=============
Error: (02/26/2021 12:16:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelHaxm" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (02/26/2021 12:16:25 PM) (Source: IntelHaxm) (EventID: 3) (User: )
Description: HAXM Failed to init VMX
Error: (02/26/2021 12:16:25 PM) (Source: IntelHaxm) (EventID: 6) (User: )
Description: HAXM can't work on system without VT support
Error: (02/26/2021 12:15:45 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (02/26/2021 12:15:45 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (02/26/2021 12:15:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/26/2021 12:15:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell Data Vault Collector" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/26/2021 12:15:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell Data Vault Processor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
================
Date: 2021-02-26 12:15:45
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.257.313.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.15800.1
Fehlercode: 0x8007045b
Fehlerbeschreibung: Der Computer wird heruntergefahren.
CodeIntegrity:
===============
Date: 2021-02-26 11:58:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-02-26 11:50:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. F1 10/16/2013
Hauptplatine: Gigabyte Technology Co., Ltd. G1.Sniper Z87
Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 16266.99 MB
Verfügbarer physikalischer RAM: 10260.98 MB
Summe virtueller Speicher: 18698.99 MB
Verfügbarer virtueller Speicher: 11606.87 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:222.98 GB) (Free:23.11 GB) NTFS
Drive d: () (CDROM) (Total:0 GB) (Free:0 GB)
Drive e: (Seagate Expansion Drive) (Fixed) (Total:1863.01 GB) (Free:1257.18 GB) NTFS
\\?\Volume{8d3f0743-b5ab-11e3-900b-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{bff46629-0000-0000-0000-30c537000000}\ () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: BFF46629)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=500 MB) - (Type=27)
==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: B99B5FC4)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
|
|
26.02.2021, 20:40
| #7 |
| /// TB-Ausbilder | Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren Auswirkungen Gut gemacht!  Genau so konsequent machen wir jetzt bitte weiter.  Schritt 1 WARNUNG AN ALLE MITLESER !!! Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
Schritt 2
Schritt 3
Bitte poste mit deiner nächsten Antwort:
|
|
28.02.2021, 15:06
| #8 |
| | Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren Auswirkungen Hi, alles ausgeführt. Logs anbei. Es poppt nun nach jedem PC Start eine Meldung auf, die den Download einer cc.png von https://connect.ffc.adobeoobe.com auffordert. Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-02-2021
durchgeführt von AtelierNiederhein (28-02-2021 13:12:20) Run:1
Gestartet von C:\Users\AtelierNiederhein\Downloads
Geladene Profile: AtelierNiederhein
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [] => [X]
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4708328 2021-01-17] (Microsoft Windows -> Microsoft Corporation) <==== ACHTUNG
Task: {8B5250F2-E991-4F5D-9797-DFC5242918F3} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
FF Plugin-x32: @vlc.de/vlc,version=3.0.11 -> C:\Program Files (x86)\VLC Plus Player\npvlc.dll [Keine Datei]
2021-02-26 11:58 - 2021-02-26 11:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2021-02-24 11:04 - 2021-02-24 11:04 - 005541016 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\AtelierNiederhein\Downloads\hijackthis.exe
2021-02-26 11:59 - 2017-02-25 16:39 - 000000000 ____D C:\ProgramData\Avira
2021-02-26 11:59 - 2017-02-25 16:39 - 000000000 ____D C:\Program Files (x86)\Avira
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{539DB5D1-C0C6-11D0-985E-0060970BEC0B}\localserver32 -> C:\Program Files\Adobe\Adobe FrameMaker 2019\FrameMaker.exe /Automation /iconic /nosplash => Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\AtelierNiederhein\Anwendungsdaten:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\AtelierNiederhein\Local Settings (1):init [1491545]
AlternateDataStreams: C:\Users\AtelierNiederhein\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
SearchScopes: HKLM -> DefaultScope {CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA} URL =
CMD: ipconfig /flushdns
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: Bitsadmin /Reset /Allusers
Hosts:
RemoveProxy:
SystemRestore: On
EmptyTemp:
*****************
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => erfolgreich entfernt
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => erfolgreich entfernt
"HKU\S-1-5-21-962593549-1501595251-2753236537-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => erfolgreich entfernt
"HKU\S-1-5-21-962593549-1501595251-2753236537-1000\Software\Microsoft\Windows\CurrentVersion\Run\\" => erfolgreich entfernt
"HKU\S-1-5-21-962593549-1501595251-2753236537-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B5250F2-E991-4F5D-9797-DFC5242918F3}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B5250F2-E991-4F5D-9797-DFC5242918F3}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => nicht gefunden
HKLM\Software\Wow6432Node\MozillaPlugins\@vlc.de/vlc,version=3.0.11 => erfolgreich entfernt
C:\WINDOWS\system32\Tasks\Avira => erfolgreich verschoben
C:\Users\AtelierNiederhein\Downloads\hijackthis.exe => erfolgreich verschoben
C:\ProgramData\Avira => erfolgreich verschoben
C:\Program Files (x86)\Avira => erfolgreich verschoben
"AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}" => erfolgreich entfernt
HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{539DB5D1-C0C6-11D0-985E-0060970BEC0B} => erfolgreich entfernt
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => erfolgreich entfernt
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS erfolgreich entfernt
C:\Users\AtelierNiederhein\Anwendungsdaten => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS erfolgreich entfernt
C:\Users\AtelierNiederhein\Local Settings (1) => ":init" ADS erfolgreich entfernt
"C:\Users\AtelierNiederhein\AppData\Roaming" => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS nicht gefunden.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Wert erfolgreich wiederhergestellt
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
========= netsh advfirewall reset =========
OK.
========= Ende von CMD: =========
========= netsh advfirewall set allprofiles state ON =========
OK.
========= Ende von CMD: =========
========= Bitsadmin /Reset /Allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
{4CCBACA8-D570-4A24-81C9-E1EE824AA55D} canceled.
1 out of 1 jobs canceled.
========= Ende von CMD: =========
C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
========= Ende von RemoveProxy: =========
SystemRestore: On => Fehler -> 8%
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 76723930 B
Java, Flash, Steam htmlcache => 41308584 B
Windows/system/drivers => 35300122 B
Edge => 11702668 B
Chrome => 59123494 B
Firefox => 1154617581 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 293686 B
NetworkService => 302304 B
AtelierNiederhein => 672339783 B
RecycleBin => 330280580 B
EmptyTemp: => 2.2 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 13:37:00 ====
Code:
ATTFilter Farbar Recovery Scan Tool (x64) Version: 24-02-2021
durchgeführt von AtelierNiederhein (28-02-2021 14:27:08)
Gestartet von C:\Users\AtelierNiederhein\Downloads
Start-Modus: Normal
================== Datei-Suche: "SearchAll: Startfenster;GoodGame;Websuche;GIMP Updater;Qweb;VLC UPDATER;VLC Plus Player;Aller Media" =============
Datei:
========
C:\Windows\WinSxS\x86_netfx35linq-linqwebconfig_31bf3856ad364e35_10.0.19041.1_none_b0df27a8cf08799e\LinqWebConfig.exe
[2020-09-25 16:52][2019-12-03 14:04] 000090536 _____ (Microsoft Corporation) E4252A655F6A61A8771BA0F688BA58FE [Datei ist digital signiert]
C:\Windows\WinSxS\Manifests\amd64_netfx35linq-linqwebconfig_31bf3856ad364e35_10.0.19041.1_none_0cfdc32c8765ead4.manifest
[2020-09-25 16:52][2020-09-25 16:52] 000000268 ____N () 68500E66F2AFE24C74AE166919D4C8A3 [Datei ist nicht signiert]
C:\Windows\WinSxS\Manifests\x86_netfx35linq-linqwebconfig_31bf3856ad364e35_10.0.19041.1_none_b0df27a8cf08799e.manifest
[2020-09-25 16:52][2020-09-25 16:52] 000000262 ____N () 6CC53C86DE43D5BA01A90121C42DAA20 [Datei ist nicht signiert]
C:\Windows\WinSxS\amd64_netfx35linq-linqwebconfig_31bf3856ad364e35_10.0.19041.1_none_0cfdc32c8765ead4\LinqWebConfig.exe
[2020-09-25 16:52][2019-11-08 14:44] 000096680 _____ (Microsoft Corporation) 9EC2D5194CB3CF487E808D3599377557 [Datei ist digital signiert]
C:\Users\AtelierNiederhein\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\https___www_qweb_de_funktionen_youtube-converter_from_desktop_html
[2021-02-23 16:10][2021-02-23 16:10] 000037014 _____ () B59C9AE3024DC06C708FE91792289DE5 [Datei ist nicht signiert]
C:\Users\AtelierNiederhein\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\https___www_startfenster_de__id=_programme_
[2021-02-23 16:10][2021-02-23 16:10] 000037014 _____ () 0862D58B8FAE9AC762FBCD4E69011ACA [Datei ist nicht signiert]
C:\Users\AtelierNiederhein\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\https___www_startfenster_de__id=_startmenue_
[2021-02-23 16:10][2021-02-23 16:10] 000037014 _____ () 0862D58B8FAE9AC762FBCD4E69011ACA [Datei ist nicht signiert]
C:\Users\AtelierNiederhein\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\http___www_startfenster_de_bigfarm
[2021-02-23 16:10][2021-02-23 16:10] 000037014 _____ () 1F5DC3D993FD34464F4566B30B1FF4F0 [Datei ist nicht signiert]
C:\Users\AtelierNiederhein\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\http___www_startfenster_de_empire
[2021-02-23 16:10][2021-02-23 16:10] 000037014 _____ () 96102A73D069D69AAAC0EBAA78BA3317 [Datei ist nicht signiert]
C:\Users\AtelierNiederhein\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_Qweb Symbol_uninstall_exe
[2021-02-23 16:10][2021-02-23 16:10] 000037014 _____ () B59C9AE3024DC06C708FE91792289DE5 [Datei ist nicht signiert]
C:\Users\AtelierNiederhein\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_VLC Plus Player_Aller Media e_K_ Website_url
[2021-02-23 16:10][2021-02-23 16:10] 000037014 _____ () BAD093419BE1135CFE9694EA77088C78 [Datei ist nicht signiert]
C:\Users\AtelierNiederhein\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_VLC Plus Player_Documentation_url
[2021-02-23 16:10][2021-02-23 16:10] 000037014 _____ () BAD093419BE1135CFE9694EA77088C78 [Datei ist nicht signiert]
C:\Users\AtelierNiederhein\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_VLC Plus Player_NEWS_txt
[2021-02-23 16:10][2021-02-23 16:10] 000037014 _____ () D9081362F47B8195DF9E81A2DCE024A4 [Datei ist nicht signiert]
C:\Users\AtelierNiederhein\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_VLC Plus Player_vlc_exe
[2021-02-23 16:10][2021-02-23 16:10] 000037014 _____ () 5B33A1DD704062D1DF5794B5FC46FEE5 [Datei ist nicht signiert]
C:\Users\AtelierNiederhein\AppData\Local\Android\Sdk\emulator\lib64\qt\plugins\imageformats\qwebp.dll
[2019-08-06 09:51][2019-08-06 09:51] 005377223 _____ (The Qt Company Ltd.) 1A49AC4B1F80C3305956C06A8B33EE74 [Datei ist nicht signiert]
C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2021\plugins\imageformats\qwebp.dll
[2019-09-04 12:48][2019-09-04 12:48] 000420472 _____ (The Qt Company Ltd.) 98F033EDB1606C0A9AAD30B926F6FD71 [Datei ist digital signiert]
C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2020\plugins\imageformats\qwebp.dll
[2019-09-04 12:48][2019-09-04 12:48] 000420472 _____ (The Qt Company Ltd.) 98F033EDB1606C0A9AAD30B926F6FD71 [Datei ist digital signiert]
C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2019\plugins\designer\qwebview.dll
[2017-07-06 12:25][2017-07-06 12:25] 000023552 _____ (The Qt Company Ltd.) 224883A3CB403F96B5585FA3E47A3C1D [Datei ist nicht signiert]
C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2018\plugins\designer\qwebview.dll
[2017-07-06 12:25][2017-07-06 12:25] 000023552 _____ (The Qt Company Ltd.) 224883A3CB403F96B5585FA3E47A3C1D [Datei ist nicht signiert]
C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2017\plugins\designer\qwebview.dll
[2016-07-05 19:18][2016-07-05 19:18] 000023552 _____ (The Qt Company Ltd) 4A10BDAFE06671807BFA5A9A7D079789 [Datei ist nicht signiert]
C:\Program Files\Shotcut\lib\qt5\imageformats\qwebp.dll
[2016-08-07 19:39][2016-08-07 19:39] 000394240 _____ (The Qt Company Ltd) C99E248523065EADEA01F469F03313F5 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\v1\20210226.121534\6\VLC Plus Player\Aller Media e.K. Website.lnk#26EEFB03A344DB5B
[2020-11-24 09:53][2020-11-24 09:53] 000001223 _____ () 6DA992CCB9EDA555B15C8C7071B626A3 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\v1\20210226.121534\6\VLC Plus Player\VLC Plus Player - reset preferences and cache files.lnk#BD4CF552799D6735
[2020-11-24 09:53][2020-11-24 09:53] 000001208 _____ () 552CE9F4BD41F38BD475D1CA31EAAAA5 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\v1\20210226.121534\6\VLC Plus Player\VLC Plus Player skinned.lnk#0E3CAD0273487192
[2020-11-24 09:53][2020-11-24 09:53] 000001128 _____ () DAE083664615C9F8D3DA5F148324489A [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\v1\20210226.121534\6\VLC Plus Player\VLC Plus Player.lnk#45ADCE8AD34B8250
[2020-11-24 09:53][2020-11-24 09:53] 000001112 _____ () 0904E2AFADDB8CB331649E37F4258470 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\v1\20210226.121534\5\VLC Plus Player\Aller Media e.K. Website.url#B4DD6403E4CB0989
[2020-11-24 09:53][2020-11-24 09:53] 000000045 _____ () 80EBF101E4F469C5C44A9B3F207DA778 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\v1\20210226.121534\20\VLC Plus Player.lnk#45ADCE8AD34B8250
[2021-02-26 12:15][2020-11-24 09:53] 000001094 _____ () 59C698B43605AA39DE69FD7D89790436 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\v1\20210226.121534\17\Startfenster.lnk#59E7DF20017A541E
[2021-02-26 12:15][2020-11-24 09:24] 000001224 _____ () 7F4F3E59B95B7A8632F842181D5AFA6B [Datei ist nicht signiert]
Ordner:
========
2020-09-25 16:52 - 2020-09-25 16:52 _____ C:\Windows\WinSxS\amd64_netfx35linq-linqwebconfig_31bf3856ad364e35_10.0.19041.1_none_0cfdc32c8765ead4
2020-09-25 16:52 - 2020-09-25 16:52 _____ C:\Windows\WinSxS\x86_netfx35linq-linqwebconfig_31bf3856ad364e35_10.0.19041.1_none_b0df27a8cf08799e
2020-11-24 09:53 - 2021-02-26 12:15 _____ C:\AdwCleaner\Quarantine\v1\20210226.121534\6\VLC Plus Player
2020-11-24 09:53 - 2021-02-26 12:15 _____ C:\AdwCleaner\Quarantine\v1\20210226.121534\5\VLC Plus Player
2018-02-11 15:24 - 2018-02-11 15:24 _____ C:\AdwCleaner\Quarantine\v1\20210226.121534\16\VLC UPDATER
2020-11-24 09:24 - 2021-02-26 12:15 _____ C:\AdwCleaner\Quarantine\v1\20210226.121534\14\GoodGame
Registry:
========
===================== Suchergebnis für "Startfenster" ==========
[HKEY_USERS\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\Startfenster Symbol\uninstall.exe"="0x5341435001000000000000000700000028000000F1EC0000FC89020001000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000004000000000000000000000000000000000990B0000000000000100000001000000"
[HKEY_USERS\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\Startfenster-Replace\uninstall.exe"="0x5341435001000000000000000700000028000000DCF80000AAC3020001000000000000000000000A0021000067077CBAC54CD4010000000000000000020000002800000000000000000000400000000000000000000000000000000046110000000000000100000001000000"
===================== Suchergebnis für "GoodGame" ==========
[HKEY_USERS\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\GoodGame\uninstall.exe"="0x534143500100000000000000070000002800000041ED0000E468030001000000000000000000000A0021000067077CBAC54CD4010000000000000000020000002800000000000000000000400000000000000000000000000000000030050000000000000100000001000000"
===================== Suchergebnis für "Websuche" ==========
===================== Suchergebnis für "GIMP Updater" ==========
===================== Suchergebnis für "Qweb" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D7558BD3EE8D497B1540496D9480EFD6]
"686518548F2242D478D24E186A452B03"="C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2017\plugins\designer\qwebview.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D7558BD3EE8D497B1540496D9480EFD6]
"DBDF1D1A9F206B94E92BD26C1B3DE761"="C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2018\plugins\designer\qwebview.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D7558BD3EE8D497B1540496D9480EFD6]
"03A4721C2287EAC44A8C93E5E9861770"="C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2019\plugins\designer\qwebview.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1A8DECE873E181FAE36E19CC33707B8]
"117F3E7ED339A9D4AB15104F17972FC3"="C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2020\plugins\imageformats\qwebp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1A8DECE873E181FAE36E19CC33707B8]
"2CE111C8D454B0C40B7D8E541F3BAADA"="C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2021\plugins\imageformats\qwebp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_netfx35linq-linqwebconfig_31bf3856ad364e35_none_e1df726b7c8b3c8f]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_netfx35linq-linqwebconfig_31bf3856ad364e35_none_85c0d6e7c42dcb59]
===================== Suchergebnis für "VLC UPDATER" ==========
===================== Suchergebnis für "VLC Plus Player" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\vlc.exe]
"FriendlyAppName"="VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\vlc.exe\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AudioCD\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file cdda:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DVD\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file dvd:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DF2BBE39-40A8-433B-A279-073F48DA94B6}\1.0\0\win32]
""="C:\Program Files (x86)\VLC Plus Player\axvlc.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DF2BBE39-40A8-433B-A279-073F48DA94B6}\1.0\HELPDIR]
""="C:\Program Files (x86)\VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3g2\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3g2\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3g2\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3g2\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3g2\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3g2\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3ga\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3ga\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3ga\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3ga\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3ga\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3ga\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gp\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gp\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gp\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gp\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gp\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gp\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gp2\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gp2\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gp2\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gp2\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gp2\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gp2\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gpp\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gpp\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gpp\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gpp\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gpp\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.3gpp\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.669\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.669\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.669\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.669\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.669\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.669\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.a52\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.a52\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.a52\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.a52\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.a52\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.a52\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aac\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aac\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aac\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aac\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aac\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aac\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ac3\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ac3\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ac3\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ac3\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ac3\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ac3\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.adt\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.adt\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.adt\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.adt\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.adt\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.adt\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.adts\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.adts\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.adts\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.adts\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.adts\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.adts\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aif\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aif\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aif\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aif\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aif\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aif\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aifc\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aifc\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aifc\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aifc\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aifc\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aifc\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aiff\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aiff\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aiff\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aiff\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aiff\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aiff\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.amr\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.amr\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.amr\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.amr\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.amr\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.amr\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.amv\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.amv\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.amv\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.amv\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.amv\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.amv\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aob\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aob\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aob\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aob\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aob\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.aob\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ape\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ape\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ape\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ape\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ape\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ape\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.asf\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.asf\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.asf\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.asf\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.asf\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.asf\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.asx\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.asx\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.asx\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.asx\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.asx\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.asx\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.au\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.au\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.au\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.au\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.au\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.au\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.avi\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.avi\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.avi\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.avi\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.avi\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.avi\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.b4s\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.b4s\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.b4s\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.b4s\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.b4s\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.b4s\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.bik\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.bik\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.bik\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.bik\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.bik\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.bik\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.Bluray\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.Bluray\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file bluray:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.caf\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.caf\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.caf\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.caf\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.caf\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.caf\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.cda\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.cda\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.cda\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.cda\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.cda\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.cda\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.CDAudio\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.CDAudio\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file cdda:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.cue\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.cue\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.cue\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.cue\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.cue\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.cue\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.divx\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.divx\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.divx\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.divx\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.divx\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.divx\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.drc\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.drc\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.drc\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.drc\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.drc\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.drc\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dts\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dts\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dts\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dts\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dts\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dts\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dv\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dv\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dv\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dv\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dv\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dv\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.DVDMovie\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.DVDMovie\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file dvd:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dvr-ms\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dvr-ms\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dvr-ms\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dvr-ms\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dvr-ms\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.dvr-ms\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.evo\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.evo\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.evo\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.evo\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.evo\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.evo\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.f4v\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.f4v\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.f4v\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.f4v\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.f4v\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.f4v\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.flac\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.flac\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.flac\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.flac\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.flac\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.flac\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.flv\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.flv\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.flv\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.flv\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.flv\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.flv\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.gvi\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.gvi\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.gvi\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.gvi\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.gvi\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.gvi\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.gxf\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.gxf\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.gxf\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.gxf\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.gxf\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.gxf\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ifo\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ifo\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ifo\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ifo\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ifo\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ifo\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.iso\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.iso\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.iso\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.iso\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.iso\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.iso\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.it\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.it\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.it\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.it\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.it\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.it\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m1v\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m1v\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m1v\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m1v\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m1v\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m1v\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2t\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2t\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2t\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2t\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2t\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2t\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2ts\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2ts\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2ts\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2ts\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2ts\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2ts\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2v\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2v\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2v\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2v\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2v\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m2v\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m3u\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m3u\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m3u\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m3u\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m3u\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m3u\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m3u8\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m3u8\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m3u8\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m3u8\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m3u8\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m3u8\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4a\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4a\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4a\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4a\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4a\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4a\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4p\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4p\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4p\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4p\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4p\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4p\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4v\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4v\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4v\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4v\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4v\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.m4v\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mid\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mid\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mid\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mid\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mid\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mid\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mka\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mka\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mka\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mka\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mka\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mka\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mkv\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mkv\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mkv\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mkv\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mkv\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mkv\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mlp\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mlp\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mlp\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mlp\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mlp\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mlp\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mod\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mod\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mod\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mod\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mod\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mod\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mov\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mov\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mov\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mov\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mov\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mov\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp1\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp1\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp1\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp1\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp1\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp1\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp2\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp2\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp2\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp2\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp2\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp2\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp2v\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp2v\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp2v\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp2v\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp2v\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp2v\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp3\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp3\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp3\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp3\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp3\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp3\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp4\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp4\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp4\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp4\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp4\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp4\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
|
|
28.02.2021, 15:07
| #9 |
| | Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren Auswirkungen Search.txt Teil 2 Code:
ATTFilter
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp4v\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp4v\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp4v\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp4v\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp4v\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mp4v\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpa\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpa\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpa\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpa\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpa\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpa\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpc\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpc\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpc\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpc\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpc\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpc\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpe\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpe\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpe\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpe\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpe\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpe\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg1\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg1\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg1\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg1\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg1\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg1\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg2\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg2\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg2\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg2\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg2\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg2\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg4\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg4\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg4\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg4\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg4\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpeg4\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpg\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpg\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpg\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpg\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpg\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpg\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpga\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpga\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpga\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpga\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpga\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpga\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpv2\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpv2\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpv2\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpv2\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpv2\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mpv2\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mts\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mts\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mts\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mts\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mts\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mts\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mtv\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mtv\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mtv\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mtv\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mtv\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mtv\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mxf\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mxf\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mxf\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mxf\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mxf\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.mxf\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.nsv\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.nsv\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.nsv\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.nsv\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.nsv\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.nsv\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.nuv\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.nuv\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.nuv\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.nuv\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.nuv\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.nuv\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.oga\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.oga\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.oga\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.oga\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.oga\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.oga\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogg\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogg\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogg\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogg\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogg\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogg\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogm\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogm\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogm\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogm\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogm\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogm\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogv\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogv\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogv\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogv\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogv\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogv\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogx\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogx\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogx\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogx\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogx\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ogx\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.oma\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.oma\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.oma\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.oma\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.oma\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.oma\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.OPENFolder\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" %1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.opus\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.opus\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.opus\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.opus\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.opus\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.opus\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.pls\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.pls\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.pls\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.pls\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.pls\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.pls\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.qcp\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.qcp\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.qcp\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.qcp\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.qcp\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.qcp\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ra\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ra\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ra\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ra\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ra\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ra\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ram\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ram\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ram\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ram\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ram\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ram\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rar\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rar\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rar\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rar\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rar\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rar\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rec\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rec\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rec\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rec\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rec\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rec\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rm\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rm\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rm\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rm\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rm\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rm\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rmi\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rmi\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rmi\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rmi\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rmi\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rmi\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rmvb\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rmvb\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rmvb\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rmvb\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rmvb\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rmvb\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rpl\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rpl\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rpl\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rpl\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rpl\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.rpl\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.s3m\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.s3m\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.s3m\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.s3m\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.s3m\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.s3m\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.sdp\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.sdp\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.sdp\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.sdp\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.sdp\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.sdp\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.snd\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.snd\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.snd\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.snd\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.snd\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.snd\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.spx\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.spx\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.spx\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.spx\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.spx\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.spx\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.SVCDMovie\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.SVCDMovie\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file vcd:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.thp\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.thp\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.thp\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.thp\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.thp\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.thp\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tod\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tod\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tod\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tod\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tod\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tod\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tp\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tp\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tp\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tp\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tp\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tp\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ts\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ts\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ts\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ts\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ts\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.ts\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tta\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tta\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tta\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tta\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tta\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tta\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tts\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tts\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tts\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tts\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tts\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.tts\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.VCDMovie\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.VCDMovie\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file vcd:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vlc\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vlc\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vlc\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vlc\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vlc\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vlc\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vlt\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vlt\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" -Iskins --skins2-last "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vob\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vob\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vob\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vob\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vob\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vob\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.voc\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.voc\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.voc\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.voc\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.voc\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.voc\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vqf\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vqf\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vqf\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vqf\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vqf\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vqf\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vro\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vro\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vro\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vro\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vro\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.vro\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.w64\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.w64\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.w64\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.w64\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.w64\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.w64\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wav\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wav\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wav\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wav\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wav\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wav\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.webm\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.webm\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.webm\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.webm\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.webm\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.webm\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wma\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wma\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wma\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wma\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wma\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wma\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wmv\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wmv\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wmv\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wmv\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wmv\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wmv\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wpl\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wpl\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wpl\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wpl\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wpl\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wpl\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wsz\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wsz\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" -Iskins --skins2-last "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wtv\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wtv\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wtv\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wtv\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wtv\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wtv\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wv\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wv\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wv\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wv\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wv\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wv\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wvx\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wvx\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wvx\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wvx\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wvx\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.wvx\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xa\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xa\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xa\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xa\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xa\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xa\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xesc\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xesc\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xesc\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xesc\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xesc\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xesc\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xm\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xm\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xm\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xm\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xm\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xm\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xspf\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xspf\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xspf\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xspf\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xspf\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.xspf\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.zip\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.zip\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.zip\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.zip\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.zip\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.zip\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.zpl\DefaultIcon]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.zpl\shell\AddToPlaylistVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.zpl\shell\AddToPlaylistVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.zpl\shell\Open\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.zpl\shell\PlayWithVLC]
"Icon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VLC.zpl\shell\PlayWithVLC\command]
""=""C:\Program Files (x86)\VLC Plus Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9BE31822-FDAD-461B-AD51-BE1D1C159921}\InprocServer32]
""="C:\Program Files (x86)\VLC Plus Player\axvlc.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9BE31822-FDAD-461B-AD51-BE1D1C159921}\ToolboxBitmap32]
""="C:\Program Files (x86)\VLC Plus Player\axvlc.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\VLC]
""="VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\VLC\Capabilities]
"ApplicationName"="VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\VLC\InstallInfo]
"HideIconsCommand"=""C:\Program Files (x86)\VLC Plus Player\spad-setup.exe" /HideIcons /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\VLC\InstallInfo]
"ShowIconsCommand"=""C:\Program Files (x86)\VLC Plus Player\spad-setup.exe" /ShowIcons /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\VLC\InstallInfo]
"ReinstallCommand"=""C:\Program Files (x86)\VLC Plus Player\spad-setup.exe" /Reinstall /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\vlc.exe]
""="C:\Program Files (x86)\VLC Plus Player\vlc.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\vlc.exe]
"Path"="C:\Program Files (x86)\VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayBlurayOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayBlurayOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayCDAudioOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayCDAudioOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayDVDAudioOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayDVDAudioOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayDVDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayDVDMovieOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayMusicFilesOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayMusicFilesOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlaySVCDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlaySVCDMovieOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayVCDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayVCDMovieOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayVideoFilesOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayVideoFilesOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayBlurayOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayBlurayOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayCDAudioOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayCDAudioOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayDVDAudioOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayDVDAudioOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayDVDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayDVDMovieOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayMusicFilesOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayMusicFilesOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlaySVCDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlaySVCDMovieOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayVCDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayVCDMovieOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayVideoFilesOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\VLC Plus Player\vlc.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayVideoFilesOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC Plus Player]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC Plus Player]
"DisplayName"="VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC Plus Player]
"UninstallString"=""C:\Program Files (x86)\VLC Plus Player\uninstall.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC Plus Player]
"InstallLocation"="C:\Program Files (x86)\VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC Plus Player]
"DisplayIcon"="C:\Program Files (x86)\VLC Plus Player\vlc.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC Plus Player]
"Publisher"="Aller Media e.K."
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\App Paths\vlc.exe]
""="C:\Program Files (x86)\VLC Plus Player\vlc.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\App Paths\vlc.exe]
"Path"="C:\Program Files (x86)\VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\VLCPP\VLC]
"InstallDir"="C:\Program Files (x86)\VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\VLCPP\VLC]
""="C:\Program Files (x86)\VLC Plus Player\vlc.exe"
[HKEY_USERS\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\bdb22a70_0]
""="{2}.\\?\hdaudio#func_01&ven_1102&dev_0011&subsys_1458a026&rev_1009#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\lineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\VLC Plus Player\vlc.exe%b{4533F59D-59EE-00C6-ADB2-C68B501A6655}"
[HKEY_USERS\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\VLC Plus Player\vlc.exe"="1"
[HKEY_USERS\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\VLC Plus Player\vlc.exe"="0x53414350010000000000000007000000280000007058020079EC02000100000000000000000000060001000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000002A249301000000000100000001000000"
[HKEY_USERS\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\VLC Plus Player\vlc.exe.FriendlyAppName"="VLC Plus Player"
[HKEY_USERS\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\VLC Plus Player\vlc.exe.ApplicationCompany"="Aller Media e.K."
===================== Suchergebnis für "Aller Media" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayBlurayOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayCDAudioOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayDVDAudioOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayDVDMovieOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayMusicFilesOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlaySVCDMovieOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayVCDMovieOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayVideoFilesOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayBlurayOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayCDAudioOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayDVDAudioOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayDVDMovieOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayMusicFilesOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlaySVCDMovieOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayVCDMovieOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\VLCPlayVideoFilesOnArrival]
"Provider"="Aller Media e.K. VLC Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC Plus Player]
"Publisher"="Aller Media e.K."
[HKEY_USERS\S-1-5-21-962593549-1501595251-2753236537-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\VLC Plus Player\vlc.exe.ApplicationCompany"="Aller Media e.K."
====== Ende von Suche ======
|
|
28.02.2021, 15:16
| #10 |
| | Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren AuswirkungenCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2021
durchgeführt von AtelierNiederhein (Administrator) auf ATELIER_PC (Gigabyte Technology Co., Ltd. G1.Sniper Z87) (28-02-2021 14:47:38)
Gestartet von C:\Users\AtelierNiederhein\Downloads
Geladene Profile: AtelierNiederhein
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe
(Canon INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\116.4.368\QtWebEngineProcess.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) [Datei ist nicht signiert] C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) [Datei ist nicht signiert] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\AtelierNiederhein\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <7>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Notepad++ -> Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Synology Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-10-09] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992336 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickToolbox] => C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe [2340768 2018-05-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-05] (Adobe Inc. -> )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680720 2021-02-18] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [TabletDriver] => C:\Huion Tablet\x64\TabletDriverCore.exe [334056 2019-12-28] (Shenzhen Huion Animation Technology Co.,LTD -> )
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [AusweisApp2] => C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe [2405504 2020-11-30] (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\MountPoints2: {994bdb3c-1515-11eb-ab19-74d43585b2ed} - "E:\Autorun.exe"
HKLM\...\Windows x64\Print Processors\Canon MB2700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDD0.DLL [30720 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP640 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA2.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpcpp120: C:\Windows\System32\spool\prtprocs\x64\hpcpp120.DLL [342016 2012-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MB2700 series: C:\WINDOWS\system32\CNCALD0.DLL [254464 2015-11-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MB2700 series: C:\WINDOWS\system32\CNMLMD0.DLL [436736 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MB2700 series XPS: C:\WINDOWS\system32\CNMXLMD0.DLL [438784 2015-11-18] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-26] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Huion Tablet.lnk [2020-12-27]
ShortcutTarget: Huion Tablet.lnk -> C:\Huion Tablet\Huion Tablet.exe (Shenzhen Huion Animation Technology Co.,LTD -> )
Startup: C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-10-15]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) [Datei ist nicht signiert]
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0BDFD991-F8B5-4BEE-8530-45660E0017B2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {10D8BCA2-0BE0-467B-9D4B-A897FCB0A99C} - System32\Tasks\BundleApplicationRepairToolLauncherTask => C:\Users\AtelierNiederhein\AppData\Roaming\PCDr\Repair\BundleApplicationRepairTool.exe [625024 2018-01-22] (PC-Doctor, Inc. -> )
Task: {12F6F9F7-2275-45BB-95E7-2114EA65FF67} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {1CFF7823-78EF-46B3-A9DC-7E09FBC06883} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe [152128 2020-10-19] (Johannes Schindelin -> The Git Development Community)
Task: {1E1AA683-1EEF-4264-8968-7EA37A1A3969} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1E8503BB-182C-4B7C-96D7-CA1396FDCF21} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2220FFED-725D-45AC-804A-B0D1840B9931} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {40963EC1-283A-4F9B-A04D-ADD40F8398D5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44130ECF-C77E-4F05-8443-7EDB691A4EB3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A31CF7F-82DF-4288-9EEC-00C0D39806B3} - System32\Tasks\AdobeAAMUpdater-1.0-Atelier_PC-AtelierNiederhein => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5C4C9D73-63F6-40D1-B10A-51E01301ADEF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {62A0F4F7-4327-4235-9042-94D34B32495B} - System32\Tasks\Red Giant Link => C:\Program [Argument = Files (x86)\Red Giant Link\Red Giant Link.exe]
Task: {64151D08-FB32-4417-B741-0119D3ECB8E1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {65323232-04B3-4D1B-A73A-60CCB8464652} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {661367E9-26A1-411C-B42B-F962A4C04EDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-28] (Google Inc -> Google LLC)
Task: {781E23ED-CF39-4361-8B26-31C6AE6EA57D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {9E36B745-5CA5-4EAD-A9B9-9A080FD510EF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B1B91048-64C2-4F64-A07C-48DF270D5FB9} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {BF9DFB29-744A-44C4-B75A-36CDBD359B87} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {CCCB4A12-FE2E-4E47-9019-FC85F691113D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D2D4D365-8A40-48B8-848E-BFDA0B54BB7E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-28] (Google Inc -> Google LLC)
Task: {DB3F2604-FE62-482E-9851-B4ABC5799615} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E8636D29-32DE-412D-A15D-971827532F7F} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {ECB9FE9C-C4C5-4722-A736-1903CFB243D0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F6B38547-7C6F-4A89-AEA2-6D87DAF88FD7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F8BF1748-421D-4457-9146-E1B158630EE3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4f89c9de-8a11-4370-a3fc-a9199241aa6a}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\AtelierNiederhein\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-28]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: xspktsq9.default-1575993033040
FF ProfilePath: C:\Users\AtelierNiederhein\AppData\Roaming\Mozilla\Firefox\Profiles\xspktsq9.default-1575993033040 [2021-02-28]
FF Homepage: Mozilla\Firefox\Profiles\xspktsq9.default-1575993033040 -> www.google.de
FF Notifications: Mozilla\Firefox\Profiles\xspktsq9.default-1575993033040 -> hxxps://www.facebook.com
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-10-09] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll [2008-10-15] (CANON INC.) [Datei ist nicht signiert]
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\WINDOWS\system32\C2MP\npdivx32.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.9.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-02-15] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-10-09] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-962593549-1501595251-2753236537-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\AtelierNiederhein\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-03-09] (Unity Technologies SF -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-962593549-1501595251-2753236537-1000: LWA64Plugin15.8 -> C:\Users\AtelierNiederhein\AppData\Roaming\Mozilla\Plugins\npLWA64Plugin15.8.dll [2013-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-962593549-1501595251-2753236537-1000: LWAPlugin15.8 -> C:\Users\AtelierNiederhein\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2013-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\AtelierNiederhein\AppData\Roaming\mozilla\plugins\npLWA64Plugin15.8.dll [2018-05-25]
FF Plugin ProgramFiles/Appdata: C:\Users\AtelierNiederhein\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll [2018-05-25]
Chrome:
=======
CHR Profile: C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default [2021-02-28]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.instagram.com
CHR StartupUrls: Default -> "hxxps://calendar.google.com/calendar/r?tab=wc"
CHR Extension: (Präsentationen) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-28]
CHR Extension: (Docs) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-28]
CHR Extension: (Google Drive) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (YouTube) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-28]
CHR Extension: (Adobe Acrobat) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-18]
CHR Extension: (Tabellen) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-28]
CHR Extension: (Google Docs Offline) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-02-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Google Mail) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-10-09] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8404720 2019-11-09] (BattlEye Innovations e.K. -> )
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2018-05-18] (Synology Inc. -> ) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [113152 2016-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44064 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc -> Dell Inc.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397256 2018-11-19] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-26] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-11-30] (Dell Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10967832 2021-02-05] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-12-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1064968 2016-12-13] (Creative Technology Ltd -> Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-26] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-26] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-02-28] (Malwarebytes Inc -> Malwarebytes)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 wacomhidfilter; C:\WINDOWS\System32\drivers\wacomhidfilter.sys [12968 2008-08-27] (Wacom Technology Corp. -> Wacom Technology)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2021-02-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-02-28 14:47 - 2021-02-28 14:48 - 000033352 _____ C:\Users\AtelierNiederhein\Downloads\FRST.txt
2021-02-28 14:27 - 2021-02-28 14:42 - 000138639 _____ C:\Users\AtelierNiederhein\Downloads\Search.txt
2021-02-28 13:39 - 2021-02-28 13:39 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-28 13:39 - 2021-02-28 13:39 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-28 13:39 - 2021-02-28 13:39 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-02-28 13:39 - 2021-02-28 13:39 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\LocalLow\IGDump
2021-02-28 13:12 - 2021-02-28 13:37 - 000007135 _____ C:\Users\AtelierNiederhein\Downloads\Fixlog.txt
2021-02-27 17:49 - 2021-02-27 17:49 - 006876455 _____ C:\Users\AtelierNiederhein\Downloads\japanischintonation.pdf
2021-02-27 13:35 - 2021-02-27 13:35 - 000001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2020.lnk
2021-02-27 13:25 - 2021-02-27 13:25 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2021-02-27 12:42 - 2021-02-27 12:42 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk
2021-02-26 16:06 - 2021-02-26 16:06 - 000024532 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_HEXX9BXTA2H3_1_Frau_Sabine_Peth.pdf
2021-02-26 12:17 - 2021-02-26 12:17 - 000003770 _____ C:\Users\AtelierNiederhein\Desktop\AdwCleaner[C00].txt
2021-02-26 12:13 - 2021-02-26 12:15 - 000000000 ____D C:\AdwCleaner
2021-02-26 12:10 - 2021-02-26 12:10 - 008463216 _____ (Malwarebytes) C:\Users\AtelierNiederhein\Downloads\adwcleaner_8.1.exe
2021-02-26 12:08 - 2021-02-26 12:08 - 000020274 _____ C:\Users\AtelierNiederhein\Desktop\malwareScan.txt
2021-02-26 11:58 - 2021-02-26 11:58 - 000000000 ____H C:\ProgramData\rebootpending.txt
2021-02-26 11:50 - 2021-02-26 11:50 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-26 11:50 - 2021-02-26 11:50 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-26 11:50 - 2021-02-26 11:50 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-02-26 11:49 - 2021-02-26 12:16 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-26 11:49 - 2021-02-26 11:49 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-02-26 11:49 - 2021-02-26 11:49 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-02-26 11:21 - 2021-02-26 11:21 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\mbam
2021-02-26 11:20 - 2021-02-26 11:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-26 11:18 - 2021-02-26 11:18 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-26 11:16 - 2021-02-26 11:16 - 002084016 _____ (Malwarebytes) C:\Users\AtelierNiederhein\Downloads\MBSetup.exe
2021-02-26 08:53 - 2021-02-26 08:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-26 07:38 - 2021-02-26 12:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-25 16:27 - 2021-02-26 12:22 - 000080332 _____ C:\Users\AtelierNiederhein\Desktop\Addition.txt
2021-02-25 16:25 - 2021-02-28 14:47 - 000000000 ____D C:\FRST
2021-02-25 16:25 - 2021-02-26 12:22 - 000058392 _____ C:\Users\AtelierNiederhein\Desktop\FRST.txt
2021-02-25 16:25 - 2021-02-25 16:25 - 002301440 _____ (Farbar) C:\Users\AtelierNiederhein\Downloads\FRST64.exe
2021-02-25 16:08 - 2021-02-25 16:08 - 000000000 ____D C:\WINDOWS\Panther
2021-02-24 18:02 - 2021-02-24 18:02 - 000022749 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_QTZQMX4WFQAB_1_Frau_Annette_Bohrloch.pdf
2021-02-24 15:10 - 2021-02-24 15:11 - 001029393 _____ C:\Users\AtelierNiederhein\Downloads\MWS_Integrators_ListingCreation_UK._V272404261_.pdf
2021-02-24 09:33 - 2021-02-24 09:34 - 001471893 _____ C:\Users\AtelierNiederhein\Downloads\f111-Vollmacht.pdf
2021-02-24 08:35 - 2021-02-25 15:50 - 000008046 _____ C:\WINDOWS\ntbtlog.txt
2021-02-24 08:25 - 2021-02-24 08:25 - 000000000 ____D C:\NPE
2021-02-24 08:24 - 2021-02-24 08:27 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\NPE
2021-02-24 08:24 - 2021-02-24 08:24 - 000000000 ____D C:\ProgramData\Norton
2021-02-24 08:23 - 2021-02-24 08:23 - 009645984 _____ (NortonLifeLock Inc.) C:\Users\AtelierNiederhein\Desktop\NPE.exe
2021-02-23 16:50 - 2021-02-23 16:50 - 000059863 _____ C:\Users\AtelierNiederhein\Documents\Liste_Zoll_v2.pdf
2021-02-22 16:53 - 2021-02-22 16:53 - 000022502 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_6VY63898CDB4_1_Herr_Thomas_Leonhardy.pdf
2021-02-22 16:38 - 2021-02-22 16:38 - 000191744 _____ C:\Users\AtelierNiederhein\Desktop\genexport (2).CSV
2021-02-20 14:04 - 2021-02-20 14:05 - 005228592 _____ C:\Users\AtelierNiederhein\Downloads\Deep_dive_on_Amazon_Neptune_DAT361.pdf
2021-02-19 15:30 - 2021-02-19 15:30 - 000693574 _____ C:\Users\AtelierNiederhein\Downloads\warum-2012.pdf
2021-02-19 09:31 - 2021-02-19 09:31 - 004310122 _____ C:\Users\AtelierNiederhein\Downloads\pkg_communitybuilder_2.5.0+build.2021.02.01.21.20.37.ae3d43f4e(1).zip
2021-02-19 09:30 - 2021-02-19 09:30 - 004310122 _____ C:\Users\AtelierNiederhein\Downloads\pkg_communitybuilder_2.5.0+build.2021.02.01.21.20.37.ae3d43f4e.zip
2021-02-18 10:32 - 2021-02-18 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-02-18 09:29 - 2021-02-18 09:29 - 000050434 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_M296EML5ZDZA_1_Frau_Petra_Rappo.pdf
2021-02-18 09:29 - 2021-02-18 09:29 - 000006556 _____ C:\Users\AtelierNiederhein\Downloads\DOF-210218M296EML5ZDZA-0012191914.pdf
2021-02-16 17:13 - 2021-02-16 17:13 - 000024610 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_Y9P3XM464MRB_1_Frau_Sarah_Romaniw.pdf
2021-02-16 17:13 - 2021-02-16 17:13 - 000024457 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_Y9P3XM464MRB_2_Frau_Marina_Mudrytska.pdf
2021-02-15 12:26 - 2021-02-15 12:26 - 000818689 _____ C:\Users\AtelierNiederhein\Downloads\Justizkrimi_ROCO_Raiffeisen_Manager-Magazin_Maerz2018.pdf
2021-02-14 04:12 - 2021-02-14 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-02-14 04:12 - 2021-02-14 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-02-14 04:12 - 2021-02-14 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-02-14 04:12 - 2021-02-14 04:12 - 000044064 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-02-12 16:21 - 2021-02-12 16:21 - 007857864 _____ C:\Users\AtelierNiederhein\Downloads\X20001-136-CatalogueSennelierFR-DE-NL-2019-pagesinterieures-reduc.pdf
2021-02-12 16:08 - 2021-02-12 16:08 - 000024364 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_C39FCNPD4G73_1_Sandra_Krug.pdf
2021-02-12 16:08 - 2021-02-12 16:08 - 000022479 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_C39FCNPD4G73_2_Frau_Peggy_Stein.pdf
2021-02-12 16:08 - 2021-02-12 16:08 - 000022198 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_C39FCNPD4G73_3_Frau_Nicole_Michaloudis.pdf
2021-02-12 12:45 - 2021-02-12 16:10 - 000004691 _____ C:\Users\AtelierNiederhein\.ganttproject
2021-02-12 12:44 - 2021-02-12 12:46 - 000000000 ____D C:\Users\AtelierNiederhein\Documents\GanttProject
2021-02-12 12:44 - 2021-02-12 12:44 - 000002056 _____ C:\ProgramData\Desktop\GanttProject.lnk
2021-02-12 12:44 - 2021-02-12 12:44 - 000000000 ____D C:\Users\AtelierNiederhein\.ganttproject.d
2021-02-12 12:44 - 2021-02-12 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GanttProject
2021-02-12 12:44 - 2021-02-12 12:44 - 000000000 ____D C:\Program Files (x86)\GanttProject-3.0
2021-02-12 12:41 - 2021-02-12 12:44 - 114651200 _____ C:\Users\AtelierNiederhein\Downloads\ganttproject-3.0.3000.exe
2021-02-12 08:43 - 2021-02-12 08:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 08:43 - 2021-02-12 08:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 08:43 - 2021-02-12 08:43 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-12 08:43 - 2021-02-12 08:43 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-12 08:43 - 2021-02-12 08:43 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-06 17:26 - 2021-02-06 17:26 - 000024381 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_LUKHCAQPXPEN_4_Herr_Marc_Tenner.pdf
2021-02-06 17:26 - 2021-02-06 17:26 - 000022525 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_LUKHCAQPXPEN_3_Andreas_Wäldele.pdf
2021-02-06 17:26 - 2021-02-06 17:26 - 000022499 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_LUKHCAQPXPEN_5_Kristina_Neumann.pdf
2021-02-05 16:58 - 2021-02-05 16:58 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\LocalLow\Oracle
2021-02-05 16:39 - 2021-02-05 16:39 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk
2021-02-05 16:39 - 2021-02-05 16:39 - 000001134 _____ C:\ProgramData\Desktop\AusweisApp2.lnk
2021-02-05 16:39 - 2021-02-05 16:39 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\Governikus GmbH & Co. KG
2021-02-05 16:39 - 2021-02-05 16:39 - 000000000 ____D C:\Program Files (x86)\AusweisApp2
2021-02-05 16:38 - 2021-02-05 16:38 - 022896640 _____ C:\Users\AtelierNiederhein\Downloads\AusweisApp2-1.22.0.msi
2021-02-05 08:32 - 2021-02-05 08:32 - 000005689 _____ C:\Users\AtelierNiederhein\Documents\Snipping Tool Print Job.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000041458 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_3_Frau_petra_rappo.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000024538 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_2_Andreas_Wäldele.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000024529 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_1_Heiko_Herbst_.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000024289 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_6_Frau_Gudrun_Doege-Klein.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000022702 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_5_Herr_Matthias_Kindler.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000022531 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_4_Frau_Brigitte_Andritzke-Walter.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000006899 _____ C:\Users\AtelierNiederhein\Downloads\DOF-210203WNBT9UR88PC4-0011834233.pdf
2021-02-03 19:22 - 2021-02-03 19:22 - 000006659 _____ C:\Users\AtelierNiederhein\Downloads\DOF-210203VFDKBKTSEB3M-0011833904.pdf
2021-02-03 19:17 - 2021-02-03 19:17 - 000244723 _____ C:\Users\AtelierNiederhein\Downloads\2kg_coupons_20210114.pdf
2021-02-03 13:45 - 2021-02-03 13:45 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2021.lnk
2021-02-02 17:38 - 2021-02-02 17:38 - 000976969 _____ C:\Users\AtelierNiederhein\Downloads\Archive-2021-02-02-17-38-03.zip
2021-02-02 09:14 - 2021-02-02 09:38 - 000040076 _____ C:\Users\AtelierNiederhein\Downloads\oxarticles.csv
2021-02-01 14:08 - 2021-02-01 14:08 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-02-01 13:19 - 2021-02-01 13:19 - 000115971 _____ C:\Users\AtelierNiederhein\Downloads\invoice_TC9927697177.pdf
2021-02-01 12:35 - 2021-02-01 12:36 - 001756565 _____ C:\Users\AtelierNiederhein\Downloads\Kontoeroeffnung_20210201_600170.pdf
2021-02-01 10:09 - 2021-02-01 09:29 - 000020020 _____ C:\Users\AtelierNiederhein\Documents\order_pastell-shop__Standard%20Pastels%20Order%20Spreadsheet-20210126.xls_0.ods
2021-01-29 12:20 - 2021-02-16 12:35 - 000000000 ____D C:\Users\AtelierNiederhein\Downloads\archiv
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-02-28 14:48 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-28 14:21 - 2020-09-25 16:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-28 13:59 - 2017-02-25 20:36 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-28 13:58 - 2016-11-20 16:10 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\LocalLow\Mozilla
2021-02-28 13:45 - 2020-09-25 16:13 - 001590256 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-28 13:45 - 2019-12-07 15:50 - 000684966 _____ C:\WINDOWS\system32\perfh007.dat
2021-02-28 13:45 - 2019-12-07 15:50 - 000141424 _____ C:\WINDOWS\system32\perfc007.dat
2021-02-28 13:45 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-28 13:42 - 2017-02-25 17:41 - 000000000 ___RD C:\Users\AtelierNiederhein\Creative Cloud Files
2021-02-28 13:40 - 2020-11-02 14:30 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-28 13:40 - 2017-07-12 17:41 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-28 13:40 - 2015-12-20 08:54 - 000000000 ___RD C:\Users\AtelierNiederhein\OneDrive
2021-02-28 13:39 - 2017-07-12 17:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-28 13:39 - 2015-12-19 17:36 - 000000000 __SHD C:\Users\AtelierNiederhein\IntelGraphicsProfiles
2021-02-28 13:38 - 2020-09-25 18:05 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2021-02-28 13:38 - 2020-09-25 16:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-28 13:38 - 2020-09-25 16:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-28 13:38 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-28 13:17 - 2014-03-31 17:00 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\LocalLow\Temp
2021-02-27 13:39 - 2019-11-06 05:57 - 000000000 ___HD C:\adobeTemp
2021-02-27 13:35 - 2017-02-25 17:30 - 000000000 ____D C:\Program Files\Adobe
2021-02-27 13:05 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-27 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-27 12:42 - 2017-02-25 17:40 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-02-27 12:29 - 2017-04-25 04:57 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-02-27 12:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-26 17:51 - 2020-07-18 13:18 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\Code
2021-02-26 17:48 - 2020-06-15 06:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-26 17:48 - 2020-06-15 06:41 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-26 12:05 - 2017-02-25 17:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-26 11:58 - 2017-02-25 16:39 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-26 11:57 - 2019-04-28 07:38 - 000002252 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-26 11:57 - 2017-02-25 20:40 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-26 11:49 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-26 09:17 - 2014-05-11 16:05 - 000000000 ____D C:\Users\AtelierNiederhein\Documents\Steuerfälle
2021-02-26 08:32 - 2019-04-28 07:38 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-25 14:15 - 2017-09-29 06:49 - 000001456 _____ C:\Users\AtelierNiederhein\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2021-02-24 09:38 - 2020-08-21 13:07 - 000000000 ____D C:\Projekte
2021-02-24 08:51 - 2017-04-25 04:57 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2021-02-23 15:18 - 2017-02-25 16:21 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\Adobe
2021-02-23 15:18 - 2014-07-10 19:50 - 000000000 ____D C:\Users\AtelierNiederhein\Documents\Adobe
2021-02-22 16:48 - 2020-06-17 09:17 - 000007862 _____ C:\Users\AtelierNiederhein\Desktop\oxarticles.csv
2021-02-22 14:03 - 2020-08-21 10:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-22 09:16 - 2014-03-27 21:38 - 000000000 ___RD C:\Users\AtelierNiederhein\Dropbox
2021-02-22 08:14 - 2017-03-02 05:48 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\FileZilla
2021-02-18 14:07 - 2017-03-07 17:01 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\CrashDumps
2021-02-18 10:32 - 2017-02-26 08:22 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-02-17 09:58 - 2020-11-09 11:06 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\pyinstaller
2021-02-17 09:50 - 2020-07-18 13:57 - 000000000 ____D C:\Users\AtelierNiederhein\.pylint.d
2021-02-16 11:30 - 2014-04-03 17:47 - 000000000 ____D C:\Users\AtelierNiederhein\Desktop\tmp
2021-02-15 16:51 - 2017-02-26 10:14 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-02-15 16:51 - 2017-02-26 10:14 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-02-15 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-15 08:27 - 2020-09-25 16:18 - 000003392 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-962593549-1501595251-2753236537-1000
2021-02-15 08:27 - 2020-09-25 16:10 - 000002455 _____ C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-12 16:39 - 2020-09-25 16:09 - 010187680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 16:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-12 16:10 - 2020-09-25 16:10 - 000000000 ____D C:\Users\AtelierNiederhein
2021-02-12 12:20 - 2020-07-18 13:18 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2021-02-12 08:38 - 2017-02-25 18:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 08:35 - 2017-02-25 18:33 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-11 07:42 - 2020-09-25 16:18 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-11 07:42 - 2020-09-25 16:18 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-10 16:07 - 2018-12-16 11:38 - 000000600 _____ C:\Users\AtelierNiederhein\AppData\Local\PUTTY.RND
2021-02-10 09:22 - 2020-07-23 12:41 - 000000000 ____D C:\Program Files (x86)\PUBGLite
2021-02-10 08:59 - 2019-11-18 22:14 - 000074552 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2021-02-09 15:39 - 2020-09-25 16:18 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-06 12:20 - 2020-09-25 16:18 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-06 12:20 - 2020-09-25 16:18 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-05 20:04 - 2020-02-20 08:56 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2020-08-21 10:35 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-02-02 10:35 - 2021-01-26 11:56 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2021.lnk
2021-02-02 10:35 - 2021-01-26 11:56 - 000002254 _____ C:\ProgramData\Desktop\SteuerSparErklärung 2021.lnk
2021-02-02 10:35 - 2021-01-26 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2021
2021-01-29 11:50 - 2017-02-26 08:22 - 000001258 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-01-29 11:50 - 2017-02-26 08:22 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2017-03-10 16:07 - 2018-10-21 11:41 - 000000033 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\AdobeWLCMCache.dat
2017-05-13 05:47 - 2020-11-07 16:23 - 000010120 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\ContactSheetII.log
2017-05-13 05:47 - 2020-11-07 16:23 - 000000709 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\Kontaktabzug II.xml
2021-01-02 17:16 - 2021-01-02 17:16 - 000000028 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\kulerdata.json
2017-09-29 06:49 - 2021-02-25 14:15 - 000001456 _____ () C:\Users\AtelierNiederhein\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2018-09-29 02:32 - 2018-09-29 02:32 - 000000000 _____ () C:\Users\AtelierNiederhein\AppData\Local\oobelibMkey.log
2018-12-16 11:38 - 2021-02-10 16:07 - 000000600 _____ () C:\Users\AtelierNiederhein\AppData\Local\PUTTY.RND
2020-08-23 12:04 - 2020-08-23 12:04 - 000008317 _____ () C:\Users\AtelierNiederhein\AppData\Local\recently-used.xbel
2018-08-16 16:14 - 2018-08-16 16:14 - 000007601 _____ () C:\Users\AtelierNiederhein\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-02-2021
durchgeführt von AtelierNiederhein (28-02-2021 14:48:45)
Gestartet von C:\Users\AtelierNiederhein\Downloads
Windows 10 Home Version 20H2 19042.804 (X64) (2020-09-25 15:18:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-962593549-1501595251-2753236537-500 - Administrator - Disabled)
AtelierNiederhein (S-1-5-21-962593549-1501595251-2753236537-1000 - Administrator - Enabled) => C:\Users\AtelierNiederhein
DefaultAccount (S-1-5-21-962593549-1501595251-2753236537-503 - Limited - Disabled)
Gast (S-1-5-21-962593549-1501595251-2753236537-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-962593549-1501595251-2753236537-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-962593549-1501595251-2753236537-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (HKLM\...\{5737101A-27C4-408A-8A57-D1DC78DF84B4}) (Version: 8.2.1 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20138 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_5_1) (Version: 17.5.1 - Adobe Inc.)
Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0_13) (Version: 13.0.13 - Adobe Inc.)
Adobe Bridge 2021 (HKLM-x32\...\KBRG_11_0) (Version: 11.0 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.0.468 - Adobe Inc.)
Adobe ExtendScript Toolkit CC (HKLM-x32\...\{6297487E-3778-4F72-B458-55690418DB98}) (Version: 4.0.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_2) (Version: 25.2 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_1) (Version: 16.1 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_7) (Version: 14.7 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_1_1) (Version: 22.1.1.138 - Adobe Inc.)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_9) (Version: 14.9 - Adobe Inc.)
Amazon Kindle (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Amazon Kindle) (Version: 1.23.1.50133 - Amazon)
Android Studio (HKLM\...\Android Studio) (Version: 3.4 - Google LLC)
Aptana Studio (HKLM-x32\...\{2D6C1116-78C6-469C-9923-3E549218773F}) (Version: 3.7.2 - Appcelerator) Hidden
Aptana Studio (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Aptana Studio 3.7.2) (Version: 3.7.2 - Appcelerator)
AusweisApp2 (HKLM-x32\...\{F3E22721-7F7E-472F-BBBA-6B5572E15A58}) (Version: 1.22.0 - Governikus GmbH & Co. KG)
Blender (HKLM\...\{A0C803A1-310C-4EFF-B881-CA10CF7CD6A7}) (Version: 2.90.1 - Blender Foundation)
Canon Calibration Tool (HKLM-x32\...\CanonCalibrationTool) (Version: 1.3.0 - Canon Inc.)
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.2.0.18 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.0.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon Kurzwahlprogramm2 (HKLM-x32\...\Speed Dial Utility2) (Version: 2.1.0 - Canon Inc.)
Canon MB2700 series Benutzerregistrierung (HKLM-x32\...\Canon MB2700 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MB2700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MB2700_series) (Version: 1.01 - Canon Inc.)
Canon MB2700 series On-screen Manual (HKLM-x32\...\Canon MB2700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.4.0.15 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.2.0.10 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.3.0.15 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Utility Toolbox (HKLM-x32\...\Quick Toolbox) (Version: 2.3.0 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.7.32 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.7 (HKLM-x32\...\DPP) (Version: 3.7.3.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.3.0.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.6.1.1 - Canon Inc.)
Canon Utilities WFT-E1/E2/E3/E4/E5 Utility (HKLM-x32\...\WFTK) (Version: 3.4.1.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.4.1.11 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.2.11 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version: - getcomposer.org)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 116.4.368 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.10.4.1203 - Steinberg Media Technologies GmbH)
Express Rip CD-Ripper (HKLM-x32\...\ExpressRip) (Version: 3.01 - NCH Software)
FileZilla Client 3.51.0 (HKLM-x32\...\FileZilla Client) (Version: 3.51.0 - Tim Kosse)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
GanttProject (HKLM-x32\...\GanttProject) (Version: - )
GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
Git version 2.29.0 (HKLM\...\Git_is1) (Version: 2.29.0 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\GitHubDesktop) (Version: 2.5.6 - GitHub, Inc.)
GitKraken (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\gitkraken) (Version: 7.3.2 - Axosoft, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.52) (Version: 9.52 - Artifex Software Inc.)
heroku (HKLM-x32\...\heroku) (Version: - Heroku)
HP LJ300-400 color M351-M451 (HKLM-x32\...\{15CA73D8-3C82-4BAE-86CD-945BF9620516}) (Version: 5.0.12200.630 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (HKLM-x32\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM351M451DSService (HKLM-x32\...\{BF2198EB-503D-4E0B-89FB-509AADD6D545}) (Version: 001.001.05164 - Hewlett-Packard) Hidden
HPLaserJet300-400ColorM351-M451Series_HelpLearnCenter_SI (HKLM-x32\...\{BD019D8F-25B9-49D6-B301-07AFF65E35DD}) (Version: 1.02.0000 - Hewlett-Packard)
HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM351-M451 (HKLM-x32\...\{E25710A1-F024-4BAF-898C-32703F047737}) (Version: 1.02.0013 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM351_M451LaserJetService (HKLM-x32\...\{1125FC8E-975D-47BD-943D-0DFE0E2358B9}) (Version: 005.021.00132 - Hewlett-Packard) Hidden
hppToolboxProxyM351 (HKLM-x32\...\{6930AC06-C380-421E-91FE-9CA29D21D83E}) (Version: 035.024.006 - HP) Hidden
hpStatusAlerts (HKLM-x32\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM351_M451 (HKLM-x32\...\{25E11B5A-4817-4296-A260-235AE77B1708}) (Version: 050.034.0131 - Hewlett-Packard) Hidden
Huion Tablet v14.8.95.1136 (HKLM\...\{62047893-F186-48B8-83A5-1C74D8666D19}_is1) (Version: v14.8.95.1136 - )
IJ Network Device Setup Utility (HKLM-x32\...\IJ Network Device Setup Utility) (Version: 1.8.1 - Canon Inc.)
ImageMagick 7.0.3-0 Q16 (64-bit) (2016-09-05) (HKLM\...\ImageMagick 7.0.3 Q16 (64-bit)_is1) (Version: 7.0.3 - ImageMagick Studio LLC)
InstanceFinder (HKLM-x32\...\{32C0FD10-8FB4-427E-A16F-ED57C9343CF0}) (Version: 020.021.004 - HP) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{75299AB0-6BC8-435F-8D62-AA1DDEA1EF2F}) (Version: 7.5.2 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Maxon Cinema 4D 22 (HKLM\...\Maxon Cinema 4D S22) (Version: S22 - Maxon)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Lync Web App Plug-in (64-bit) (HKLM\...\{78E64466-8E20-40E2-8F77-6FA0C8A0FEB0}) (Version: 15.8.8308.726 - Microsoft Corporation)
Microsoft Lync Web App Plug-in (HKLM\...\{BE6D5464-0B1F-46CC-8973-F9651FE6A45A}) (Version: 15.8.8308.965 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.53.2 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 86.0 (x64 de) (HKLM\...\Mozilla Firefox 86.0 (x64 de)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 86.0.0.7723 - Mozilla)
Mozilla Thunderbird 24.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.0 (x86 de)) (Version: 24.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
NirSoft WhoisThisDomain (HKLM-x32\...\NirSoft WhoisThisDomain) (Version: - )
Node.js (HKLM-x32\...\{2D41A012-35EE-4724-AE8E-E592EDD9F89D}) (Version: 0.10.13 - Joyent, Inc. and other Node contributors)
Node.js (HKLM-x32\...\{EC1A7084-4725-4319-9D35-F204CE7FC2E6}) (Version: 8.11.1 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 3.9.0 (64-bit) (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\{a2a37ca0-8ebd-4d7e-b4b8-e6b1740c2ce0}) (Version: 3.9.150.0 - Python Software Foundation)
Python 3.9.0 Add to Path (64-bit) (HKLM\...\{4F5E962C-96E9-45B9-8F14-9A91748981C6}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Core Interpreter (64-bit) (HKLM\...\{92F322B1-D69A-43D1-82B4-24ADEBE5C650}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Development Libraries (64-bit) (HKLM\...\{E73FE192-7766-49FA-B28A-32F700D98A15}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Documentation (64-bit) (HKLM\...\{35E94198-B9F1-4D1E-A869-636AD5E6BCA8}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Executables (64-bit) (HKLM\...\{A9F718BA-8B5F-4AE7-ADDA-EFFF431948DB}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 pip Bootstrap (64-bit) (HKLM\...\{27FF09D8-6DE6-4F63-A3DD-8758D615D543}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Standard Library (64-bit) (HKLM\...\{42480EE5-670F-4AF3-A619-2E761A398340}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Tcl/Tk Support (64-bit) (HKLM\...\{4460A893-EFF6-4B33-BF21-BAA2159F57E6}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Test Suite (64-bit) (HKLM\...\{9141E990-BD45-4F42-BB32-B3012969355D}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Utility Scripts (64-bit) (HKLM\...\{35DC2DFB-0AEA-4DC2-AFA5-4EA2D2612B51}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{E45E56A4-FCDD-4C4A-966A-4FB81C932219}) (Version: 3.9.7217.0 - Python Software Foundation)
Recordify 2019 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 4.01 - Abelssoft)
Scribus 1.4.8 (HKLM-x32\...\Scribus 1.4.8) (Version: 1.4.8 - The Scribus Team)
Shotcut (HKLM-x32\...\Shotcut) (Version: - )
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Caleidoscope Sampler Track Content (HKLM-x32\...\{BD830EFB-4884-422C-8AA0-F564E839FC6F}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Content Updater (HKLM-x32\...\{23BAFE62-0AF0-4D71-98C2-47286139DC45}) (Version: 3.1.0 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 9 (HKLM\...\{E0FA80FD-82A7-4328-ABC3-0DA6A9FA1824}) (Version: 9.0.30 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.11 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.30 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.3.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Rock Pop Toolbox Drums Elements (HKLM-x32\...\{7AC78F55-2066-4EF5-AA6F-AD57FEAE7CBD}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Production Grooves Content (HKLM-x32\...\{F72824BC-4856-4050-A745-D92BC601CCDE}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{0B91CA67-AB51-4FCC-AD05-F4C8DF11D00B}) (Version: 17.01.1 - Wolters Kluwer Deutschland GmbH)
Steuer-Ratgeber 2017-2018 (HKLM-x32\...\{3DAB5687-7252-44BB-99FA-82E9E9AEA9BC}) (Version: 18.01.0 - Wolters Kluwer Deutschland GmbH)
Steuer-Ratgeber 2018-2019 (HKLM-x32\...\{C85C471D-8BA4-4C95-9DD2-64263B5329FD}) (Version: 19.01.0 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerRatgeber 2019-2020 (HKLM-x32\...\{A838952B-CEEC-4AF3-88C3-B4C4374337F7}) (Version: 20.01.9 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerRatgeber 2020-2021 (HKLM-x32\...\{2E5063A0-872A-4B65-8163-168B25E6D50A}) (Version: 20.10.6 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2017 (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.34.85 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2018 (HKLM-x32\...\{A1D1FDBD-02F9-49B6-9EB2-2DC6B1D37E16}) (Version: 23.39.56 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2019 (HKLM-x32\...\{C1274A30-7822-4CAE-A4C8-395E9E687107}) (Version: 24.34.134 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2020 (HKLM-x32\...\{E7E3F711-933D-4D9A-BA51-01F47179F23C}) (Version: 25.31.65 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2021 (HKLM-x32\...\{8C111EC2-454D-4C0B-B0D7-E845F1B3AAAD}) (Version: 26.26.67 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
Synology Cloud Station Drive (remove only) (HKLM\...\Synology Cloud Station Drive) (Version: 4.2.7.4415 - Synology, Inc.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.259142 - TeamViewer)
TextPad 8 (HKLM\...\{861AB1C1-1967-4C4A-BF86-C255E2D2B8FD}) (Version: 8.0.2 - Helios)
ToolboxProxy (HKLM-x32\...\{B64E0B43-A452-4B25-93DD-E5C6645A534A}) (Version: 035.024.006 - HP) Hidden
Unity Web Player (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\UnityWebPlayer) (Version: 5.3.8f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VLC Plus Player (HKLM-x32\...\VLC Plus Player) (Version: 3.0.11 - Aller Media e.K.) <==== ACHTUNG
WhatsApp (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\WhatsApp) (Version: 0.4.930 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Subsystem for Linux Update (HKLM\...\{8D646799-DB00-4000-AE7A-756A05A4F1D8}) (Version: 5.4.72 - Microsoft Corporation)
Windows-Treiberpaket - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
WinHTTrack Website Copier 3.49-2 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
XAMPP (HKLM-x32\...\xampp) (Version: 7.3.0-0 - Bitnami)
Yamaha Steinberg USB Driver (HKLM\...\{D6E6D5BA-F07E-4495-A8E4-B735B291C9EF}) (Version: 1.8.7 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{D6E6D5BA-F07E-4495-A8E4-B735B291C9EF}) (Version: 1.8.7 - Yamaha Corporation)
yWriter5 (HKLM-x32\...\yWriter5_is1) (Version: - Spacejock Software)
Zoom (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-09] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-17] (Adobe Systems Incorporated)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-22] (Facebook Inc)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-02-10] (Microsoft Corporation)
Houzz -> C:\Program Files\WindowsApps\0D16BB98.Houzz_1.1.22.0_neutral__gyej1c4xgx4mg [2020-12-29] (Houzz Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.3.838.0_x64__v10z8vjag6ke6 [2021-02-27] (HP Inc.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-22] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-2ED9D4E320EA} -> [Creative Cloud Files] => C:\Users\AtelierNiederhein\Creative Cloud Files [2017-02-25 17:41]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll () [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9}\InprocServer32 -> C:\Program Files\TextPad 8\System\ShellExt64.dll (Helios Software Solutions Ltd -> )
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{7ECF6F97-B4F3-4168-9835-F59C06D7875F}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\Microsoft\LWAPlugin\x64\15.8\LWAPluginInProc.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\AtelierNiederhein\Dropbox [2014-03-27 21:38]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-04-21] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-01-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-962593549-1501595251-2753236537-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2018-07-13] () [Datei ist nicht signiert]
ContextMenuHandlers1_S-1-5-21-962593549-1501595251-2753236537-1000: [TextPad8] -> {5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9} => C:\Program Files\TextPad 8\System\ShellExt64.dll [2016-02-28] (Helios Software Solutions Ltd -> )
ContextMenuHandlers6_S-1-5-21-962593549-1501595251-2753236537-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2018-07-13] () [Datei ist nicht signiert]
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [vidc.divx] => C:\Windows\SysWOW64\divx.dll [685056 2009-05-01] (DivX, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\divx.dll [685056 2009-05-01] (DivX, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2008-12-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\SysWOW64\ff_vfw.dll [85504 2009-06-02] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.vp60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.vp61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.vp62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [497664 2009-08-11] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2000-04-01] (Packed With Joy !) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\nodejs\nodevars.bat"
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-07-21 08:35 - 2015-07-21 08:35 - 000512000 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll
2020-11-11 12:37 - 2020-11-11 12:37 - 000215040 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Notepad++\plugins\ComparePlugin\ComparePlugin.dll
2020-05-13 05:19 - 2020-05-13 05:19 - 002058752 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Notepad++\plugins\XMLTools\XMLTools.dll
2019-02-05 20:00 - 2015-09-15 16:07 - 000318464 _____ (CANON INC) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2015-07-21 08:36 - 2015-07-21 08:36 - 000009728 _____ (Canon INC.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Canon\EOS Utility\de\EOS Utility.resources.dll
2015-07-21 08:35 - 2015-07-21 08:35 - 001069056 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\EOS Utility\EdsImage.dll
2019-02-05 20:00 - 2015-09-01 18:11 - 000194560 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2019-02-05 20:00 - 2015-06-17 16:01 - 000008704 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_DEU.DLL
2019-02-05 20:00 - 2015-06-17 16:00 - 000104960 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2019-02-05 20:00 - 2015-05-26 09:44 - 000141312 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnwidsd.dll
2019-02-05 20:01 - 2018-05-09 19:00 - 000121344 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnalmmod.dll
2019-02-05 20:01 - 2018-05-09 19:00 - 000016896 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Quick Utility Toolbox\de\cnqtbres.dll
2017-02-25 18:45 - 2015-11-18 05:00 - 000438784 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMXLMD0.DLL
2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hpzjrd01.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000041472 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000073728 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 001222656 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzipm12.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000034816 _____ (HP) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\System32\HPTcpMUI.dll
2018-07-13 12:34 - 2018-07-13 12:34 - 002768896 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
SearchScopes: HKU\S-1-5-21-962593549-1501595251-2753236537-1000 -> DefaultScope {CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\localhost -> localhost
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-02-25 16:08 - 2021-02-28 13:12 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2020-09-25 19:14 - 2020-11-12 16:50 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.26.64.1 Atelier_PC.mshome.net # 2025 11 2 11 15 50 0 587
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files\ImageMagick-7.0.3-Q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\nodejs\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\PuTTY\;C:\xampp\php;C:\ProgramData\ComposerSetup\bin;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
25-02-2021 16:50:33 Geplanter Prüfpunkt
26-02-2021 12:15:21 AdwCleaner_BeforeCleaning_26/02/2021_12:15:21
27-02-2021 12:27:44 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (02/28/2021 01:41:30 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[Der Remotename konnte nicht aufgelöst werden: 'downloads.dell.com']]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ bei System.Net.HttpWebRequest.GetResponse()
bei eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="To be filled by O.E.M." SMBIOSMajVer="2" SMBIOSMinVer="7" SMBIOSBIOSVer="F1" SMBIOSPresent="True" Rel_Date="20131016000000.000000+000" DSDVersion="10.0.2.5" Vendor="Gigabyte Technology Co., Ltd." PName="G1.Sniper Z87" Ident_Num="ATELIER_PC" TimeZone="(UTC+01:00) Amsterdam, Berlin, Bern, Rom, Stockholm, Wien" OSName="Microsoft Windows 10 Home"/><HostIP>192.168.1.164</HostIP></Exception>
Error: (02/28/2021 01:38:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (02/28/2021 01:38:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (02/28/2021 01:38:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (02/28/2021 01:38:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (02/28/2021 12:26:19 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007
Error: (02/28/2021 12:26:19 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/27/2021 07:09:10 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Systemfehler:
=============
Error: (02/28/2021 01:40:23 PM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Erstellen der Client-Anmeldeinformationen für TLS. Der interne Fehlerstatus ist 10013.
Error: (02/28/2021 01:38:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelHaxm" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (02/28/2021 01:38:53 PM) (Source: IntelHaxm) (EventID: 3) (User: )
Description: HAXM Failed to init VMX
Error: (02/28/2021 01:38:53 PM) (Source: IntelHaxm) (EventID: 6) (User: )
Description: HAXM can't work on system without VT support
Error: (02/28/2021 01:38:20 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (02/28/2021 01:38:20 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "wuauserv" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (02/28/2021 01:38:07 PM) (Source: DCOM) (EventID: 10010) (User: Atelier_PC)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/28/2021 01:38:01 PM) (Source: DCOM) (EventID: 10010) (User: Atelier_PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
================
Date: 2021-02-28 13:38:22
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.257.313.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.15800.1
Fehlercode: 0x80072f8f
Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten.
Date: 2021-02-28 13:38:22
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.257.313.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.15800.1
Fehlercode: 0x80072f8f
Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten.
Date: 2021-02-28 13:38:22
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.257.313.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.15800.1
Fehlercode: 0x80072f8f
Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten.
Date: 2021-02-28 13:38:20
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.257.313.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.15800.1
Fehlercode: 0x8007045b
Fehlerbeschreibung: Der Computer wird heruntergefahren.
Date: 2021-02-26 12:15:45
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.257.313.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.15800.1
Fehlercode: 0x8007045b
Fehlerbeschreibung: Der Computer wird heruntergefahren.
CodeIntegrity:
===============
Date: 2021-02-26 11:58:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-02-26 11:50:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. F1 10/16/2013
Hauptplatine: Gigabyte Technology Co., Ltd. G1.Sniper Z87
Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 16266.99 MB
Verfügbarer physikalischer RAM: 10193.3 MB
Summe virtueller Speicher: 18698.99 MB
Verfügbarer virtueller Speicher: 10741.94 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:222.98 GB) (Free:17.9 GB) NTFS
Drive d: () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{8d3f0743-b5ab-11e3-900b-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{bff46629-0000-0000-0000-30c537000000}\ () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: BFF46629)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=500 MB) - (Type=27)
==================== Ende von Addition.txt =======================
|
|
28.02.2021, 20:32
| #11 |
| /// TB-Ausbilder | Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren Auswirkungen Du hast dir einen Fake VLC Player heruntergeladen. Den müssen wir entfernen und von der Herstellerseite die legitime und aktuellste Version herunterladen und installieren. Zuvor entfernen wir noch ein paar Reste. Schritt 1 WARNUNG AN ALLE MITLESER !!! Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
Schritt 2 Die folgenden Programme sind veraltet, stören die Bereinigung oder es handelt sich um Werbesoftware (Adware) bzw. unerwünschte Software (PUP) und müssen entfernt werden.
Schritt 3
Bitte poste mit deiner nächsten Antwort:
|
|
01.03.2021, 08:22
| #12 |
| | Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren Auswirkungen VLC ließ sich (vermutlich) sauber deinstallieren. Es taucht zumindest in der App-Liste nicht mehr auf. VLC Player wurde von der angebenen Quelle heruntergeladen und erfolgreich installiert. Die Logs: Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-02-2021
durchgeführt von AtelierNiederhein (01-03-2021 08:03:59) Run:2
Gestartet von C:\Users\AtelierNiederhein\Downloads
Geladene Profile: AtelierNiederhein
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC Plus Player
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\VLCPP
Reboot:
*****************
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC Plus Player => erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\VLCPP => erfolgreich entfernt
Das System musste neu gestartet werden.
==== Ende von Fixlog 08:03:59 ====
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
durchgeführt von AtelierNiederhein (Administrator) auf ATELIER_PC (Gigabyte Technology Co., Ltd. G1.Sniper Z87) (01-03-2021 08:14:21)
Gestartet von C:\Users\AtelierNiederhein\Downloads
Geladene Profile: AtelierNiederhein
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe
(Canon INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\116.4.368\QtWebEngineProcess.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) [Datei ist nicht signiert] C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) [Datei ist nicht signiert] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\AtelierNiederhein\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <6>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Synology Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-10-09] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992336 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickToolbox] => C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnqtbapp.exe [2340768 2018-05-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-05] (Adobe Inc. -> )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680720 2021-03-01] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [TabletDriver] => C:\Huion Tablet\x64\TabletDriverCore.exe [334056 2019-12-28] (Shenzhen Huion Animation Technology Co.,LTD -> )
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Run: [AusweisApp2] => C:\Program Files (x86)\AusweisApp2\AusweisApp2.exe [2405504 2020-11-30] (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\MountPoints2: {994bdb3c-1515-11eb-ab19-74d43585b2ed} - "E:\Autorun.exe"
HKLM\...\Windows x64\Print Processors\Canon MB2700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDD0.DLL [30720 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP640 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA2.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpcpp120: C:\Windows\System32\spool\prtprocs\x64\hpcpp120.DLL [342016 2012-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MB2700 series: C:\WINDOWS\system32\CNCALD0.DLL [254464 2015-11-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MB2700 series: C:\WINDOWS\system32\CNMLMD0.DLL [436736 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MB2700 series XPS: C:\WINDOWS\system32\CNMXLMD0.DLL [438784 2015-11-18] (CANON INC.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-26] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Huion Tablet.lnk [2020-12-27]
ShortcutTarget: Huion Tablet.lnk -> C:\Huion Tablet\Huion Tablet.exe (Shenzhen Huion Animation Technology Co.,LTD -> )
Startup: C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-10-15]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) [Datei ist nicht signiert]
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0BDFD991-F8B5-4BEE-8530-45660E0017B2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {10D8BCA2-0BE0-467B-9D4B-A897FCB0A99C} - System32\Tasks\BundleApplicationRepairToolLauncherTask => C:\Users\AtelierNiederhein\AppData\Roaming\PCDr\Repair\BundleApplicationRepairTool.exe [625024 2018-01-22] (PC-Doctor, Inc. -> )
Task: {12F6F9F7-2275-45BB-95E7-2114EA65FF67} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {1CFF7823-78EF-46B3-A9DC-7E09FBC06883} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe [152128 2020-10-19] (Johannes Schindelin -> The Git Development Community)
Task: {1E1AA683-1EEF-4264-8968-7EA37A1A3969} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1E8503BB-182C-4B7C-96D7-CA1396FDCF21} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2220FFED-725D-45AC-804A-B0D1840B9931} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {40963EC1-283A-4F9B-A04D-ADD40F8398D5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44130ECF-C77E-4F05-8443-7EDB691A4EB3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A31CF7F-82DF-4288-9EEC-00C0D39806B3} - System32\Tasks\AdobeAAMUpdater-1.0-Atelier_PC-AtelierNiederhein => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5C4C9D73-63F6-40D1-B10A-51E01301ADEF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {62A0F4F7-4327-4235-9042-94D34B32495B} - System32\Tasks\Red Giant Link => C:\Program [Argument = Files (x86)\Red Giant Link\Red Giant Link.exe]
Task: {64151D08-FB32-4417-B741-0119D3ECB8E1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {65323232-04B3-4D1B-A73A-60CCB8464652} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {661367E9-26A1-411C-B42B-F962A4C04EDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-28] (Google Inc -> Google LLC)
Task: {781E23ED-CF39-4361-8B26-31C6AE6EA57D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {9E36B745-5CA5-4EAD-A9B9-9A080FD510EF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B1B91048-64C2-4F64-A07C-48DF270D5FB9} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {BF9DFB29-744A-44C4-B75A-36CDBD359B87} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {CCCB4A12-FE2E-4E47-9019-FC85F691113D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D2D4D365-8A40-48B8-848E-BFDA0B54BB7E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-28] (Google Inc -> Google LLC)
Task: {DB3F2604-FE62-482E-9851-B4ABC5799615} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E8636D29-32DE-412D-A15D-971827532F7F} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {ECB9FE9C-C4C5-4722-A736-1903CFB243D0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F6B38547-7C6F-4A89-AEA2-6D87DAF88FD7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F8BF1748-421D-4457-9146-E1B158630EE3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4f89c9de-8a11-4370-a3fc-a9199241aa6a}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\AtelierNiederhein\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-01]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: xspktsq9.default-1575993033040
FF ProfilePath: C:\Users\AtelierNiederhein\AppData\Roaming\Mozilla\Firefox\Profiles\xspktsq9.default-1575993033040 [2021-03-01]
FF Homepage: Mozilla\Firefox\Profiles\xspktsq9.default-1575993033040 -> www.google.de
FF Notifications: Mozilla\Firefox\Profiles\xspktsq9.default-1575993033040 -> hxxps://www.facebook.com
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-10-09] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll [2008-10-15] (CANON INC.) [Datei ist nicht signiert]
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\WINDOWS\system32\C2MP\npdivx32.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=3.0.9.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-02-15] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-10-09] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-962593549-1501595251-2753236537-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\AtelierNiederhein\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-03-09] (Unity Technologies SF -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-962593549-1501595251-2753236537-1000: LWA64Plugin15.8 -> C:\Users\AtelierNiederhein\AppData\Roaming\Mozilla\Plugins\npLWA64Plugin15.8.dll [2013-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-962593549-1501595251-2753236537-1000: LWAPlugin15.8 -> C:\Users\AtelierNiederhein\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2013-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\AtelierNiederhein\AppData\Roaming\mozilla\plugins\npLWA64Plugin15.8.dll [2018-05-25]
FF Plugin ProgramFiles/Appdata: C:\Users\AtelierNiederhein\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll [2018-05-25]
Chrome:
=======
CHR Profile: C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default [2021-02-28]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.instagram.com
CHR StartupUrls: Default -> "hxxps://calendar.google.com/calendar/r?tab=wc"
CHR Extension: (Präsentationen) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-28]
CHR Extension: (Docs) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-28]
CHR Extension: (Google Drive) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (YouTube) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-28]
CHR Extension: (Adobe Acrobat) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-18]
CHR Extension: (Tabellen) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-28]
CHR Extension: (Google Docs Offline) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-02-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Google Mail) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\AtelierNiederhein\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-10-09] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8404720 2019-11-09] (BattlEye Innovations e.K. -> )
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2018-05-18] (Synology Inc. -> ) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [113152 2016-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44064 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc -> Dell Inc.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397256 2018-11-19] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-26] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-11-30] (Dell Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10967832 2021-02-05] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-12-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1064968 2016-12-13] (Creative Technology Ltd -> Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-26] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-26] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-03-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-03-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-03-01] (Malwarebytes Inc -> Malwarebytes)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 wacomhidfilter; C:\WINDOWS\System32\drivers\wacomhidfilter.sys [12968 2008-08-27] (Wacom Technology Corp. -> Wacom Technology)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2021-02-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-03-01 08:13 - 2021-03-01 08:13 - 000000916 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-03-01 08:13 - 2021-03-01 08:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-03-01 08:13 - 2021-03-01 08:13 - 000000000 ____D C:\Program Files\VideoLAN
2021-03-01 08:12 - 2021-03-01 08:13 - 042585440 _____ C:\Users\AtelierNiederhein\Downloads\vlc-3.0.12-win64.exe
2021-03-01 08:09 - 2021-03-01 08:09 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-03-01 08:09 - 2021-03-01 08:09 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\LocalLow\IGDump
2021-03-01 08:08 - 2021-03-01 08:08 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-03-01 08:08 - 2021-03-01 08:08 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-03-01 08:03 - 2021-03-01 08:03 - 000000000 ____D C:\Users\AtelierNiederhein\Downloads\FRST-OlderVersion
2021-02-28 14:48 - 2021-02-28 14:49 - 000062324 _____ C:\Users\AtelierNiederhein\Downloads\Addition.txt
2021-02-28 14:47 - 2021-03-01 08:14 - 000032813 _____ C:\Users\AtelierNiederhein\Downloads\FRST.txt
2021-02-28 14:27 - 2021-02-28 14:42 - 000138639 _____ C:\Users\AtelierNiederhein\Downloads\Search.txt
2021-02-28 13:12 - 2021-03-01 08:03 - 000000815 _____ C:\Users\AtelierNiederhein\Downloads\Fixlog.txt
2021-02-27 17:49 - 2021-02-27 17:49 - 006876455 _____ C:\Users\AtelierNiederhein\Downloads\japanischintonation.pdf
2021-02-27 13:35 - 2021-02-27 13:35 - 000001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2020.lnk
2021-02-27 13:25 - 2021-02-27 13:25 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2021-02-27 12:42 - 2021-02-27 12:42 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk
2021-02-26 16:06 - 2021-02-26 16:06 - 000024532 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_HEXX9BXTA2H3_1_Frau_Sabine_Peth.pdf
2021-02-26 12:17 - 2021-02-26 12:17 - 000003770 _____ C:\Users\AtelierNiederhein\Desktop\AdwCleaner[C00].txt
2021-02-26 12:13 - 2021-02-26 12:15 - 000000000 ____D C:\AdwCleaner
2021-02-26 12:10 - 2021-02-26 12:10 - 008463216 _____ (Malwarebytes) C:\Users\AtelierNiederhein\Downloads\adwcleaner_8.1.exe
2021-02-26 12:08 - 2021-02-26 12:08 - 000020274 _____ C:\Users\AtelierNiederhein\Desktop\malwareScan.txt
2021-02-26 11:58 - 2021-02-26 11:58 - 000000000 ____H C:\ProgramData\rebootpending.txt
2021-02-26 11:50 - 2021-02-26 11:50 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-26 11:50 - 2021-02-26 11:50 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-26 11:50 - 2021-02-26 11:50 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-02-26 11:49 - 2021-02-26 12:16 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-26 11:49 - 2021-02-26 11:49 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-02-26 11:49 - 2021-02-26 11:49 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-02-26 11:21 - 2021-02-26 11:21 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\mbam
2021-02-26 11:20 - 2021-02-26 11:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-26 11:18 - 2021-02-26 11:18 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-26 11:16 - 2021-02-26 11:16 - 002084016 _____ (Malwarebytes) C:\Users\AtelierNiederhein\Downloads\MBSetup.exe
2021-02-26 08:53 - 2021-02-26 08:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-26 07:38 - 2021-02-26 12:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-25 16:27 - 2021-02-26 12:22 - 000080332 _____ C:\Users\AtelierNiederhein\Desktop\Addition.txt
2021-02-25 16:25 - 2021-03-01 08:14 - 000000000 ____D C:\FRST
2021-02-25 16:25 - 2021-03-01 08:03 - 002301440 _____ (Farbar) C:\Users\AtelierNiederhein\Downloads\FRST64.exe
2021-02-25 16:25 - 2021-02-26 12:22 - 000058392 _____ C:\Users\AtelierNiederhein\Desktop\FRST.txt
2021-02-25 16:08 - 2021-02-25 16:08 - 000000000 ____D C:\WINDOWS\Panther
2021-02-24 18:02 - 2021-02-24 18:02 - 000022749 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_QTZQMX4WFQAB_1_Frau_Annette_Bohrloch.pdf
2021-02-24 15:10 - 2021-02-24 15:11 - 001029393 _____ C:\Users\AtelierNiederhein\Downloads\MWS_Integrators_ListingCreation_UK._V272404261_.pdf
2021-02-24 09:33 - 2021-02-24 09:34 - 001471893 _____ C:\Users\AtelierNiederhein\Downloads\f111-Vollmacht.pdf
2021-02-24 08:35 - 2021-02-25 15:50 - 000008046 _____ C:\WINDOWS\ntbtlog.txt
2021-02-24 08:25 - 2021-02-24 08:25 - 000000000 ____D C:\NPE
2021-02-24 08:24 - 2021-02-24 08:27 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\NPE
2021-02-24 08:24 - 2021-02-24 08:24 - 000000000 ____D C:\ProgramData\Norton
2021-02-24 08:23 - 2021-02-24 08:23 - 009645984 _____ (NortonLifeLock Inc.) C:\Users\AtelierNiederhein\Desktop\NPE.exe
2021-02-23 16:50 - 2021-02-23 16:50 - 000059863 _____ C:\Users\AtelierNiederhein\Documents\Liste_Zoll_v2.pdf
2021-02-22 16:53 - 2021-02-22 16:53 - 000022502 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_6VY63898CDB4_1_Herr_Thomas_Leonhardy.pdf
2021-02-22 16:38 - 2021-02-22 16:38 - 000191744 _____ C:\Users\AtelierNiederhein\Desktop\genexport (2).CSV
2021-02-20 14:04 - 2021-02-20 14:05 - 005228592 _____ C:\Users\AtelierNiederhein\Downloads\Deep_dive_on_Amazon_Neptune_DAT361.pdf
2021-02-19 15:30 - 2021-02-19 15:30 - 000693574 _____ C:\Users\AtelierNiederhein\Downloads\warum-2012.pdf
2021-02-19 09:31 - 2021-02-19 09:31 - 004310122 _____ C:\Users\AtelierNiederhein\Downloads\pkg_communitybuilder_2.5.0+build.2021.02.01.21.20.37.ae3d43f4e(1).zip
2021-02-19 09:30 - 2021-02-19 09:30 - 004310122 _____ C:\Users\AtelierNiederhein\Downloads\pkg_communitybuilder_2.5.0+build.2021.02.01.21.20.37.ae3d43f4e.zip
2021-02-18 10:32 - 2021-02-18 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-02-18 09:29 - 2021-02-18 09:29 - 000050434 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_M296EML5ZDZA_1_Frau_Petra_Rappo.pdf
2021-02-18 09:29 - 2021-02-18 09:29 - 000006556 _____ C:\Users\AtelierNiederhein\Downloads\DOF-210218M296EML5ZDZA-0012191914.pdf
2021-02-16 17:13 - 2021-02-16 17:13 - 000024610 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_Y9P3XM464MRB_1_Frau_Sarah_Romaniw.pdf
2021-02-16 17:13 - 2021-02-16 17:13 - 000024457 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_Y9P3XM464MRB_2_Frau_Marina_Mudrytska.pdf
2021-02-15 12:26 - 2021-02-15 12:26 - 000818689 _____ C:\Users\AtelierNiederhein\Downloads\Justizkrimi_ROCO_Raiffeisen_Manager-Magazin_Maerz2018.pdf
2021-02-14 04:12 - 2021-02-14 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-02-14 04:12 - 2021-02-14 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-02-14 04:12 - 2021-02-14 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-02-14 04:12 - 2021-02-14 04:12 - 000044064 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-02-12 16:21 - 2021-02-12 16:21 - 007857864 _____ C:\Users\AtelierNiederhein\Downloads\X20001-136-CatalogueSennelierFR-DE-NL-2019-pagesinterieures-reduc.pdf
2021-02-12 16:08 - 2021-02-12 16:08 - 000024364 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_C39FCNPD4G73_1_Sandra_Krug.pdf
2021-02-12 16:08 - 2021-02-12 16:08 - 000022479 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_C39FCNPD4G73_2_Frau_Peggy_Stein.pdf
2021-02-12 16:08 - 2021-02-12 16:08 - 000022198 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_C39FCNPD4G73_3_Frau_Nicole_Michaloudis.pdf
2021-02-12 12:45 - 2021-02-12 16:10 - 000004691 _____ C:\Users\AtelierNiederhein\.ganttproject
2021-02-12 12:44 - 2021-02-12 12:46 - 000000000 ____D C:\Users\AtelierNiederhein\Documents\GanttProject
2021-02-12 12:44 - 2021-02-12 12:44 - 000002056 _____ C:\ProgramData\Desktop\GanttProject.lnk
2021-02-12 12:44 - 2021-02-12 12:44 - 000000000 ____D C:\Users\AtelierNiederhein\.ganttproject.d
2021-02-12 12:44 - 2021-02-12 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GanttProject
2021-02-12 12:44 - 2021-02-12 12:44 - 000000000 ____D C:\Program Files (x86)\GanttProject-3.0
2021-02-12 12:41 - 2021-02-12 12:44 - 114651200 _____ C:\Users\AtelierNiederhein\Downloads\ganttproject-3.0.3000.exe
2021-02-12 08:43 - 2021-02-12 08:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 08:43 - 2021-02-12 08:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 08:43 - 2021-02-12 08:43 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-12 08:43 - 2021-02-12 08:43 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-12 08:43 - 2021-02-12 08:43 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-06 17:26 - 2021-02-06 17:26 - 000024381 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_LUKHCAQPXPEN_4_Herr_Marc_Tenner.pdf
2021-02-06 17:26 - 2021-02-06 17:26 - 000022525 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_LUKHCAQPXPEN_3_Andreas_Wäldele.pdf
2021-02-06 17:26 - 2021-02-06 17:26 - 000022499 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_LUKHCAQPXPEN_5_Kristina_Neumann.pdf
2021-02-05 16:58 - 2021-02-05 16:58 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\LocalLow\Oracle
2021-02-05 16:39 - 2021-02-05 16:39 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AusweisApp2.lnk
2021-02-05 16:39 - 2021-02-05 16:39 - 000001134 _____ C:\ProgramData\Desktop\AusweisApp2.lnk
2021-02-05 16:39 - 2021-02-05 16:39 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\Governikus GmbH & Co. KG
2021-02-05 16:39 - 2021-02-05 16:39 - 000000000 ____D C:\Program Files (x86)\AusweisApp2
2021-02-05 16:38 - 2021-02-05 16:38 - 022896640 _____ C:\Users\AtelierNiederhein\Downloads\AusweisApp2-1.22.0.msi
2021-02-05 08:32 - 2021-02-05 08:32 - 000005689 _____ C:\Users\AtelierNiederhein\Documents\Snipping Tool Print Job.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000041458 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_3_Frau_petra_rappo.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000024538 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_2_Andreas_Wäldele.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000024529 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_1_Heiko_Herbst_.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000024289 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_6_Frau_Gudrun_Doege-Klein.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000022702 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_5_Herr_Matthias_Kindler.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000022531 _____ C:\Users\AtelierNiederhein\Downloads\DHL-Paketmarke_WNBT9UR88PC4_4_Frau_Brigitte_Andritzke-Walter.pdf
2021-02-03 19:37 - 2021-02-03 19:37 - 000006899 _____ C:\Users\AtelierNiederhein\Downloads\DOF-210203WNBT9UR88PC4-0011834233.pdf
2021-02-03 19:22 - 2021-02-03 19:22 - 000006659 _____ C:\Users\AtelierNiederhein\Downloads\DOF-210203VFDKBKTSEB3M-0011833904.pdf
2021-02-03 19:17 - 2021-02-03 19:17 - 000244723 _____ C:\Users\AtelierNiederhein\Downloads\2kg_coupons_20210114.pdf
2021-02-03 13:45 - 2021-02-03 13:45 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2021.lnk
2021-02-02 17:38 - 2021-02-02 17:38 - 000976969 _____ C:\Users\AtelierNiederhein\Downloads\Archive-2021-02-02-17-38-03.zip
2021-02-02 09:14 - 2021-02-02 09:38 - 000040076 _____ C:\Users\AtelierNiederhein\Downloads\oxarticles.csv
2021-02-01 14:08 - 2021-02-01 14:08 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-02-01 13:19 - 2021-02-01 13:19 - 000115971 _____ C:\Users\AtelierNiederhein\Downloads\invoice_TC9927697177.pdf
2021-02-01 12:35 - 2021-02-01 12:36 - 001756565 _____ C:\Users\AtelierNiederhein\Downloads\Kontoeroeffnung_20210201_600170.pdf
2021-02-01 10:09 - 2021-02-01 09:29 - 000020020 _____ C:\Users\AtelierNiederhein\Documents\order_pastell-shop__Standard%20Pastels%20Order%20Spreadsheet-20210126.xls_0.ods
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-03-01 08:12 - 2017-02-25 20:36 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-01 08:11 - 2019-11-06 05:57 - 000000000 ___HD C:\adobeTemp
2021-03-01 08:11 - 2016-11-20 16:10 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\LocalLow\Mozilla
2021-03-01 08:10 - 2017-07-12 17:41 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-01 08:10 - 2017-02-25 17:41 - 000000000 ___RD C:\Users\AtelierNiederhein\Creative Cloud Files
2021-03-01 08:09 - 2020-11-02 14:30 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-01 08:09 - 2015-12-20 08:54 - 000000000 ___RD C:\Users\AtelierNiederhein\OneDrive
2021-03-01 08:08 - 2020-09-25 18:05 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2021-03-01 08:08 - 2020-09-25 16:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-01 08:08 - 2020-09-25 16:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-01 08:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-01 08:08 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-01 08:08 - 2017-10-24 12:43 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-03-01 08:08 - 2017-07-12 17:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-03-01 08:08 - 2015-12-19 17:36 - 000000000 __SHD C:\Users\AtelierNiederhein\IntelGraphicsProfiles
2021-03-01 08:07 - 2017-02-26 10:01 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2021-03-01 08:00 - 2014-03-27 21:38 - 000000000 ___RD C:\Users\AtelierNiederhein\Dropbox
2021-03-01 07:54 - 2017-02-25 17:30 - 000000000 ____D C:\Program Files\Adobe
2021-02-28 18:06 - 2020-09-25 16:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-28 13:45 - 2020-09-25 16:13 - 001590256 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-28 13:45 - 2019-12-07 15:50 - 000684966 _____ C:\WINDOWS\system32\perfh007.dat
2021-02-28 13:45 - 2019-12-07 15:50 - 000141424 _____ C:\WINDOWS\system32\perfc007.dat
2021-02-28 13:45 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-28 13:17 - 2014-03-31 17:00 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\LocalLow\Temp
2021-02-27 13:05 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-27 13:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-27 12:42 - 2017-02-25 17:40 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-02-27 12:29 - 2017-04-25 04:57 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-02-27 12:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-26 17:51 - 2020-07-18 13:18 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\Code
2021-02-26 17:48 - 2020-06-15 06:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-26 17:48 - 2020-06-15 06:41 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-26 12:05 - 2017-02-25 17:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-26 11:58 - 2017-02-25 16:39 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-26 11:57 - 2019-04-28 07:38 - 000002252 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-26 11:57 - 2017-02-25 20:40 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-26 11:49 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-26 09:17 - 2014-05-11 16:05 - 000000000 ____D C:\Users\AtelierNiederhein\Documents\Steuerfälle
2021-02-26 08:32 - 2019-04-28 07:38 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-25 14:15 - 2017-09-29 06:49 - 000001456 _____ C:\Users\AtelierNiederhein\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2021-02-24 09:38 - 2020-08-21 13:07 - 000000000 ____D C:\Projekte
2021-02-24 08:51 - 2017-04-25 04:57 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2021-02-23 15:18 - 2017-02-25 16:21 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\Adobe
2021-02-23 15:18 - 2014-07-10 19:50 - 000000000 ____D C:\Users\AtelierNiederhein\Documents\Adobe
2021-02-22 16:48 - 2020-06-17 09:17 - 000007862 _____ C:\Users\AtelierNiederhein\Desktop\oxarticles.csv
2021-02-22 14:03 - 2020-08-21 10:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-22 08:14 - 2017-03-02 05:48 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\FileZilla
2021-02-18 14:07 - 2017-03-07 17:01 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Local\CrashDumps
2021-02-18 10:32 - 2017-02-26 08:22 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-02-17 09:58 - 2020-11-09 11:06 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\pyinstaller
2021-02-17 09:50 - 2020-07-18 13:57 - 000000000 ____D C:\Users\AtelierNiederhein\.pylint.d
2021-02-16 12:35 - 2021-01-29 12:20 - 000000000 ____D C:\Users\AtelierNiederhein\Downloads\archiv
2021-02-16 11:30 - 2014-04-03 17:47 - 000000000 ____D C:\Users\AtelierNiederhein\Desktop\tmp
2021-02-15 16:51 - 2017-02-26 10:14 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-02-15 16:51 - 2017-02-26 10:14 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-02-15 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-15 08:27 - 2020-09-25 16:18 - 000003392 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-962593549-1501595251-2753236537-1000
2021-02-15 08:27 - 2020-09-25 16:10 - 000002455 _____ C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-12 16:39 - 2020-09-25 16:09 - 010187680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 16:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-12 16:10 - 2020-09-25 16:10 - 000000000 ____D C:\Users\AtelierNiederhein
2021-02-12 12:20 - 2020-07-18 13:18 - 000000000 ____D C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2021-02-12 08:38 - 2017-02-25 18:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 08:35 - 2017-02-25 18:33 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-11 07:42 - 2020-09-25 16:18 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-11 07:42 - 2020-09-25 16:18 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-10 16:07 - 2018-12-16 11:38 - 000000600 _____ C:\Users\AtelierNiederhein\AppData\Local\PUTTY.RND
2021-02-10 09:22 - 2020-07-23 12:41 - 000000000 ____D C:\Program Files (x86)\PUBGLite
2021-02-10 08:59 - 2019-11-18 22:14 - 000074552 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2021-02-09 15:39 - 2020-09-25 16:18 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-06 12:20 - 2020-09-25 16:18 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-06 12:20 - 2020-09-25 16:18 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-05 20:04 - 2020-02-20 08:56 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2020-08-21 10:35 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-02-02 10:35 - 2021-01-26 11:56 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2021.lnk
2021-02-02 10:35 - 2021-01-26 11:56 - 000002254 _____ C:\ProgramData\Desktop\SteuerSparErklärung 2021.lnk
2021-02-02 10:35 - 2021-01-26 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2021
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2017-03-10 16:07 - 2018-10-21 11:41 - 000000033 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\AdobeWLCMCache.dat
2017-05-13 05:47 - 2020-11-07 16:23 - 000010120 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\ContactSheetII.log
2017-05-13 05:47 - 2020-11-07 16:23 - 000000709 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\Kontaktabzug II.xml
2021-01-02 17:16 - 2021-01-02 17:16 - 000000028 _____ () C:\Users\AtelierNiederhein\AppData\Roaming\kulerdata.json
2017-09-29 06:49 - 2021-02-25 14:15 - 000001456 _____ () C:\Users\AtelierNiederhein\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2018-09-29 02:32 - 2018-09-29 02:32 - 000000000 _____ () C:\Users\AtelierNiederhein\AppData\Local\oobelibMkey.log
2018-12-16 11:38 - 2021-02-10 16:07 - 000000600 _____ () C:\Users\AtelierNiederhein\AppData\Local\PUTTY.RND
2020-08-23 12:04 - 2020-08-23 12:04 - 000008317 _____ () C:\Users\AtelierNiederhein\AppData\Local\recently-used.xbel
2018-08-16 16:14 - 2018-08-16 16:14 - 000007601 _____ () C:\Users\AtelierNiederhein\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-02-2021
durchgeführt von AtelierNiederhein (01-03-2021 08:15:31)
Gestartet von C:\Users\AtelierNiederhein\Downloads
Windows 10 Home Version 20H2 19042.804 (X64) (2020-09-25 15:18:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-962593549-1501595251-2753236537-500 - Administrator - Disabled)
AtelierNiederhein (S-1-5-21-962593549-1501595251-2753236537-1000 - Administrator - Enabled) => C:\Users\AtelierNiederhein
DefaultAccount (S-1-5-21-962593549-1501595251-2753236537-503 - Limited - Disabled)
Gast (S-1-5-21-962593549-1501595251-2753236537-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-962593549-1501595251-2753236537-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-962593549-1501595251-2753236537-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (HKLM\...\{5737101A-27C4-408A-8A57-D1DC78DF84B4}) (Version: 8.2.1 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20138 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_5_1) (Version: 17.5.1 - Adobe Inc.)
Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0_13) (Version: 13.0.13 - Adobe Inc.)
Adobe Bridge 2021 (HKLM-x32\...\KBRG_11_0) (Version: 11.0 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.3.0.468 - Adobe Inc.)
Adobe ExtendScript Toolkit CC (HKLM-x32\...\{6297487E-3778-4F72-B458-55690418DB98}) (Version: 4.0.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_2) (Version: 25.2 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_1) (Version: 16.1 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_7) (Version: 14.7 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_1_1) (Version: 22.1.1.138 - Adobe Inc.)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_9) (Version: 14.9 - Adobe Inc.)
Amazon Kindle (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Amazon Kindle) (Version: 1.23.1.50133 - Amazon)
Android Studio (HKLM\...\Android Studio) (Version: 3.4 - Google LLC)
Aptana Studio (HKLM-x32\...\{2D6C1116-78C6-469C-9923-3E549218773F}) (Version: 3.7.2 - Appcelerator) Hidden
Aptana Studio (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Aptana Studio 3.7.2) (Version: 3.7.2 - Appcelerator)
AusweisApp2 (HKLM-x32\...\{F3E22721-7F7E-472F-BBBA-6B5572E15A58}) (Version: 1.22.0 - Governikus GmbH & Co. KG)
Blender (HKLM\...\{A0C803A1-310C-4EFF-B881-CA10CF7CD6A7}) (Version: 2.90.1 - Blender Foundation)
Canon Calibration Tool (HKLM-x32\...\CanonCalibrationTool) (Version: 1.3.0 - Canon Inc.)
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.2.0.18 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.0.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon Kurzwahlprogramm2 (HKLM-x32\...\Speed Dial Utility2) (Version: 2.1.0 - Canon Inc.)
Canon MB2700 series Benutzerregistrierung (HKLM-x32\...\Canon MB2700 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MB2700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MB2700_series) (Version: 1.01 - Canon Inc.)
Canon MB2700 series On-screen Manual (HKLM-x32\...\Canon MB2700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.4.0.15 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.2.0.10 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.3.0.15 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Utility Toolbox (HKLM-x32\...\Quick Toolbox) (Version: 2.3.0 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.7.32 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.7 (HKLM-x32\...\DPP) (Version: 3.7.3.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.3.0.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.6.1.1 - Canon Inc.)
Canon Utilities WFT-E1/E2/E3/E4/E5 Utility (HKLM-x32\...\WFTK) (Version: 3.4.1.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.4.1.11 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.2.11 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version: - getcomposer.org)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 116.4.368 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.10.4.1203 - Steinberg Media Technologies GmbH)
Express Rip CD-Ripper (HKLM-x32\...\ExpressRip) (Version: 3.01 - NCH Software)
FileZilla Client 3.51.0 (HKLM-x32\...\FileZilla Client) (Version: 3.51.0 - Tim Kosse)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
GanttProject (HKLM-x32\...\GanttProject) (Version: - )
GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
Git version 2.29.0 (HKLM\...\Git_is1) (Version: 2.29.0 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\GitHubDesktop) (Version: 2.5.6 - GitHub, Inc.)
GitKraken (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\gitkraken) (Version: 7.3.2 - Axosoft, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.52) (Version: 9.52 - Artifex Software Inc.)
heroku (HKLM-x32\...\heroku) (Version: - Heroku)
HP LJ300-400 color M351-M451 (HKLM-x32\...\{15CA73D8-3C82-4BAE-86CD-945BF9620516}) (Version: 5.0.12200.630 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (HKLM-x32\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM351M451DSService (HKLM-x32\...\{BF2198EB-503D-4E0B-89FB-509AADD6D545}) (Version: 001.001.05164 - Hewlett-Packard) Hidden
HPLaserJet300-400ColorM351-M451Series_HelpLearnCenter_SI (HKLM-x32\...\{BD019D8F-25B9-49D6-B301-07AFF65E35DD}) (Version: 1.02.0000 - Hewlett-Packard)
HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM351-M451 (HKLM-x32\...\{E25710A1-F024-4BAF-898C-32703F047737}) (Version: 1.02.0013 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM351_M451LaserJetService (HKLM-x32\...\{1125FC8E-975D-47BD-943D-0DFE0E2358B9}) (Version: 005.021.00132 - Hewlett-Packard) Hidden
hppToolboxProxyM351 (HKLM-x32\...\{6930AC06-C380-421E-91FE-9CA29D21D83E}) (Version: 035.024.006 - HP) Hidden
hpStatusAlerts (HKLM-x32\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM351_M451 (HKLM-x32\...\{25E11B5A-4817-4296-A260-235AE77B1708}) (Version: 050.034.0131 - Hewlett-Packard) Hidden
Huion Tablet v14.8.95.1136 (HKLM\...\{62047893-F186-48B8-83A5-1C74D8666D19}_is1) (Version: v14.8.95.1136 - )
IJ Network Device Setup Utility (HKLM-x32\...\IJ Network Device Setup Utility) (Version: 1.8.1 - Canon Inc.)
ImageMagick 7.0.3-0 Q16 (64-bit) (2016-09-05) (HKLM\...\ImageMagick 7.0.3 Q16 (64-bit)_is1) (Version: 7.0.3 - ImageMagick Studio LLC)
InstanceFinder (HKLM-x32\...\{32C0FD10-8FB4-427E-A16F-ED57C9343CF0}) (Version: 020.021.004 - HP) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{75299AB0-6BC8-435F-8D62-AA1DDEA1EF2F}) (Version: 7.5.2 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Maxon Cinema 4D 22 (HKLM\...\Maxon Cinema 4D S22) (Version: S22 - Maxon)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Lync Web App Plug-in (64-bit) (HKLM\...\{78E64466-8E20-40E2-8F77-6FA0C8A0FEB0}) (Version: 15.8.8308.726 - Microsoft Corporation)
Microsoft Lync Web App Plug-in (HKLM\...\{BE6D5464-0B1F-46CC-8973-F9651FE6A45A}) (Version: 15.8.8308.965 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.53.2 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 86.0 (x64 de) (HKLM\...\Mozilla Firefox 86.0 (x64 de)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 86.0.0.7723 - Mozilla)
Mozilla Thunderbird 24.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.0 (x86 de)) (Version: 24.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
NirSoft WhoisThisDomain (HKLM-x32\...\NirSoft WhoisThisDomain) (Version: - )
Node.js (HKLM-x32\...\{2D41A012-35EE-4724-AE8E-E592EDD9F89D}) (Version: 0.10.13 - Joyent, Inc. and other Node contributors)
Node.js (HKLM-x32\...\{EC1A7084-4725-4319-9D35-F204CE7FC2E6}) (Version: 8.11.1 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 3.9.0 (64-bit) (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\{a2a37ca0-8ebd-4d7e-b4b8-e6b1740c2ce0}) (Version: 3.9.150.0 - Python Software Foundation)
Python 3.9.0 Add to Path (64-bit) (HKLM\...\{4F5E962C-96E9-45B9-8F14-9A91748981C6}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Core Interpreter (64-bit) (HKLM\...\{92F322B1-D69A-43D1-82B4-24ADEBE5C650}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Development Libraries (64-bit) (HKLM\...\{E73FE192-7766-49FA-B28A-32F700D98A15}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Documentation (64-bit) (HKLM\...\{35E94198-B9F1-4D1E-A869-636AD5E6BCA8}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Executables (64-bit) (HKLM\...\{A9F718BA-8B5F-4AE7-ADDA-EFFF431948DB}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 pip Bootstrap (64-bit) (HKLM\...\{27FF09D8-6DE6-4F63-A3DD-8758D615D543}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Standard Library (64-bit) (HKLM\...\{42480EE5-670F-4AF3-A619-2E761A398340}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Tcl/Tk Support (64-bit) (HKLM\...\{4460A893-EFF6-4B33-BF21-BAA2159F57E6}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Test Suite (64-bit) (HKLM\...\{9141E990-BD45-4F42-BB32-B3012969355D}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python 3.9.0 Utility Scripts (64-bit) (HKLM\...\{35DC2DFB-0AEA-4DC2-AFA5-4EA2D2612B51}) (Version: 3.9.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{E45E56A4-FCDD-4C4A-966A-4FB81C932219}) (Version: 3.9.7217.0 - Python Software Foundation)
Recordify 2019 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 4.01 - Abelssoft)
Scribus 1.4.8 (HKLM-x32\...\Scribus 1.4.8) (Version: 1.4.8 - The Scribus Team)
Shotcut (HKLM-x32\...\Shotcut) (Version: - )
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Caleidoscope Sampler Track Content (HKLM-x32\...\{BD830EFB-4884-422C-8AA0-F564E839FC6F}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Content Updater (HKLM-x32\...\{23BAFE62-0AF0-4D71-98C2-47286139DC45}) (Version: 3.1.0 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 9 (HKLM\...\{E0FA80FD-82A7-4328-ABC3-0DA6A9FA1824}) (Version: 9.0.30 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.11 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.30 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.3.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Rock Pop Toolbox Drums Elements (HKLM-x32\...\{7AC78F55-2066-4EF5-AA6F-AD57FEAE7CBD}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Production Grooves Content (HKLM-x32\...\{F72824BC-4856-4050-A745-D92BC601CCDE}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{0B91CA67-AB51-4FCC-AD05-F4C8DF11D00B}) (Version: 17.01.1 - Wolters Kluwer Deutschland GmbH)
Steuer-Ratgeber 2017-2018 (HKLM-x32\...\{3DAB5687-7252-44BB-99FA-82E9E9AEA9BC}) (Version: 18.01.0 - Wolters Kluwer Deutschland GmbH)
Steuer-Ratgeber 2018-2019 (HKLM-x32\...\{C85C471D-8BA4-4C95-9DD2-64263B5329FD}) (Version: 19.01.0 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerRatgeber 2019-2020 (HKLM-x32\...\{A838952B-CEEC-4AF3-88C3-B4C4374337F7}) (Version: 20.01.9 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerRatgeber 2020-2021 (HKLM-x32\...\{2E5063A0-872A-4B65-8163-168B25E6D50A}) (Version: 20.10.6 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2017 (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.34.85 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2018 (HKLM-x32\...\{A1D1FDBD-02F9-49B6-9EB2-2DC6B1D37E16}) (Version: 23.39.56 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2019 (HKLM-x32\...\{C1274A30-7822-4CAE-A4C8-395E9E687107}) (Version: 24.34.134 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2020 (HKLM-x32\...\{E7E3F711-933D-4D9A-BA51-01F47179F23C}) (Version: 25.31.65 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
SteuerSparErklärung 2021 (HKLM-x32\...\{8C111EC2-454D-4C0B-B0D7-E845F1B3AAAD}) (Version: 26.26.67 - Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
Synology Cloud Station Drive (remove only) (HKLM\...\Synology Cloud Station Drive) (Version: 4.2.7.4415 - Synology, Inc.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.259142 - TeamViewer)
TextPad 8 (HKLM\...\{861AB1C1-1967-4C4A-BF86-C255E2D2B8FD}) (Version: 8.0.2 - Helios)
ToolboxProxy (HKLM-x32\...\{B64E0B43-A452-4B25-93DD-E5C6645A534A}) (Version: 035.024.006 - HP) Hidden
Unity Web Player (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\UnityWebPlayer) (Version: 5.3.8f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WhatsApp (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\WhatsApp) (Version: 0.4.930 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Subsystem for Linux Update (HKLM\...\{8D646799-DB00-4000-AE7A-756A05A4F1D8}) (Version: 5.4.72 - Microsoft Corporation)
Windows-Treiberpaket - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
WinHTTrack Website Copier 3.49-2 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
XAMPP (HKLM-x32\...\xampp) (Version: 7.3.0-0 - Bitnami)
Yamaha Steinberg USB Driver (HKLM\...\{D6E6D5BA-F07E-4495-A8E4-B735B291C9EF}) (Version: 1.8.7 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{D6E6D5BA-F07E-4495-A8E4-B735B291C9EF}) (Version: 1.8.7 - Yamaha Corporation)
yWriter5 (HKLM-x32\...\yWriter5_is1) (Version: - Spacejock Software)
Zoom (HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-09] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-17] (Adobe Systems Incorporated)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-22] (Facebook Inc)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-02-10] (Microsoft Corporation)
Houzz -> C:\Program Files\WindowsApps\0D16BB98.Houzz_1.1.22.0_neutral__gyej1c4xgx4mg [2020-12-29] (Houzz Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.3.838.0_x64__v10z8vjag6ke6 [2021-02-27] (HP Inc.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-22] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-2ED9D4E320EA} -> [Creative Cloud Files] => C:\Users\AtelierNiederhein\Creative Cloud Files [2017-02-25 17:41]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll () [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9}\InprocServer32 -> C:\Program Files\TextPad 8\System\ShellExt64.dll (Helios Software Solutions Ltd -> )
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{7ECF6F97-B4F3-4168-9835-F59C06D7875F}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\Microsoft\LWAPlugin\x64\15.8\LWAPluginInProc.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\AtelierNiederhein\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\AtelierNiederhein\Dropbox [2014-03-27 21:38]
CustomCLSID: HKU\S-1-5-21-962593549-1501595251-2753236537-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-07-13] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-04-21] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-01-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-24] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-962593549-1501595251-2753236537-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2018-07-13] () [Datei ist nicht signiert]
ContextMenuHandlers1_S-1-5-21-962593549-1501595251-2753236537-1000: [TextPad8] -> {5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9} => C:\Program Files\TextPad 8\System\ShellExt64.dll [2016-02-28] (Helios Software Solutions Ltd -> )
ContextMenuHandlers6_S-1-5-21-962593549-1501595251-2753236537-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2018-07-13] () [Datei ist nicht signiert]
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [vidc.divx] => C:\Windows\SysWOW64\divx.dll [685056 2009-05-01] (DivX, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\divx.dll [685056 2009-05-01] (DivX, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2008-12-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\SysWOW64\ff_vfw.dll [85504 2009-06-02] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.vp60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.vp61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.vp62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [497664 2009-08-11] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2000-04-01] (Packed With Joy !) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\AtelierNiederhein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\nodejs\nodevars.bat"
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-07-21 08:35 - 2015-07-21 08:35 - 000512000 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll
2019-02-05 20:00 - 2015-09-15 16:07 - 000318464 _____ (CANON INC) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2015-07-21 08:36 - 2015-07-21 08:36 - 000009728 _____ (Canon INC.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Canon\EOS Utility\de\EOS Utility.resources.dll
2015-07-21 08:35 - 2015-07-21 08:35 - 001069056 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\EOS Utility\EdsImage.dll
2019-02-05 20:00 - 2015-09-01 18:11 - 000194560 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2019-02-05 20:00 - 2015-06-17 16:01 - 000008704 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_DEU.DLL
2019-02-05 20:00 - 2015-06-17 16:00 - 000104960 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2019-02-05 20:00 - 2015-05-26 09:44 - 000141312 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnwidsd.dll
2017-10-24 12:43 - 2017-12-07 11:25 - 000219648 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJPLM\CNMPU2.DLL
2019-02-05 20:01 - 2018-05-09 19:00 - 000121344 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Quick Utility Toolbox\cnalmmod.dll
2019-02-05 20:01 - 2018-05-09 19:00 - 000016896 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\Quick Utility Toolbox\de\cnqtbres.dll
2017-02-25 18:45 - 2015-11-18 05:00 - 000438784 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMXLMD0.DLL
2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [Datei ist nicht signiert] C:\WINDOWS\System32\hpzjrd01.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000041472 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000073728 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 001222656 _____ (Hewlett-Packard Company) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [Datei ist nicht signiert] c:\windows\system32\hpzipm12.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000034816 _____ (HP) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\System32\HPTcpMUI.dll
2018-07-13 12:34 - 2018-07-13 12:34 - 002768896 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Users\AtelierNiederhein\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
SearchScopes: HKU\S-1-5-21-962593549-1501595251-2753236537-1000 -> DefaultScope {CDFB2166-DF6D-4054-BD68-4FDEEDA24BFA} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-962593549-1501595251-2753236537-1000\...\localhost -> localhost
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-02-25 16:08 - 2021-02-28 13:12 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2020-09-25 19:14 - 2020-11-12 16:50 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.26.64.1 Atelier_PC.mshome.net # 2025 11 2 11 15 50 0 587
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files\ImageMagick-7.0.3-Q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\nodejs\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\PuTTY\;C:\xampp\php;C:\ProgramData\ComposerSetup\bin;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd
HKU\S-1-5-21-962593549-1501595251-2753236537-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (02/28/2021 07:01:29 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Error: (02/28/2021 07:01:26 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Error: (02/28/2021 07:01:26 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
Error: (02/28/2021 01:41:30 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[Der Remotename konnte nicht aufgelöst werden: 'downloads.dell.com']]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ bei System.Net.HttpWebRequest.GetResponse()
bei eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="To be filled by O.E.M." SMBIOSMajVer="2" SMBIOSMinVer="7" SMBIOSBIOSVer="F1" SMBIOSPresent="True" Rel_Date="20131016000000.000000+000" DSDVersion="10.0.2.5" Vendor="Gigabyte Technology Co., Ltd." PName="G1.Sniper Z87" Ident_Num="ATELIER_PC" TimeZone="(UTC+01:00) Amsterdam, Berlin, Bern, Rom, Stockholm, Wien" OSName="Microsoft Windows 10 Home"/><HostIP>192.168.1.164</HostIP></Exception>
Error: (02/28/2021 01:38:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (02/28/2021 01:38:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (02/28/2021 01:38:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (02/28/2021 01:38:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Systemfehler:
=============
Error: (03/01/2021 08:08:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IntelHaxm" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (03/01/2021 08:08:45 AM) (Source: IntelHaxm) (EventID: 3) (User: )
Description: HAXM Failed to init VMX
Error: (03/01/2021 08:08:45 AM) (Source: IntelHaxm) (EventID: 6) (User: )
Description: HAXM can't work on system without VT support
Error: (03/01/2021 08:08:05 AM) (Source: DCOM) (EventID: 10010) (User: Atelier_PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (03/01/2021 08:08:05 AM) (Source: DCOM) (EventID: 10010) (User: Atelier_PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (03/01/2021 08:08:05 AM) (Source: DCOM) (EventID: 10010) (User: Atelier_PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (03/01/2021 08:08:05 AM) (Source: DCOM) (EventID: 10010) (User: Atelier_PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (03/01/2021 08:08:05 AM) (Source: DCOM) (EventID: 10010) (User: Atelier_PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
================
Date: 2021-03-01 08:04:13
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.257.313.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.15800.1
Fehlercode: 0x8007045b
Fehlerbeschreibung: Der Computer wird heruntergefahren.
Date: 2021-02-28 13:38:22
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.257.313.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.15800.1
Fehlercode: 0x80072f8f
Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten.
Date: 2021-02-28 13:38:22
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.257.313.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.15800.1
Fehlercode: 0x80072f8f
Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten.
Date: 2021-02-28 13:38:22
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.257.313.0
Update Source: Microsoft Center zum Schutz vor Schadsoftware
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.15800.1
Fehlercode: 0x80072f8f
Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten.
Date: 2021-02-28 13:38:20
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.257.313.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.15800.1
Fehlercode: 0x8007045b
Fehlerbeschreibung: Der Computer wird heruntergefahren.
CodeIntegrity:
===============
Date: 2021-02-26 11:58:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-02-26 11:50:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. F1 10/16/2013
Hauptplatine: Gigabyte Technology Co., Ltd. G1.Sniper Z87
Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 16266.99 MB
Verfügbarer physikalischer RAM: 10045.7 MB
Summe virtueller Speicher: 18698.99 MB
Verfügbarer virtueller Speicher: 11496.36 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:222.98 GB) (Free:26.51 GB) NTFS
Drive d: () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{8d3f0743-b5ab-11e3-900b-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{bff46629-0000-0000-0000-30c537000000}\ () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: BFF46629)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=500 MB) - (Type=27)
==================== Ende von Addition.txt =======================
|
|
01.03.2021, 11:46
| #13 |
| /// TB-Ausbilder | Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren Auswirkungen Schritt 1
Dann wären wir durch! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Abschließend bitte noch einen Cleanup mit unserem TBCleanUpTool durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt: Wenn Du möchtest, kannst Du hier sagen, ob du mit mir und meiner Hilfe zufrieden warst...  Vielleicht möchtest du das Forum mit einer kleinen Spende  unterstützen.  Hinweis: Bitte gib mir eine kurze Rückmeldung, sobald du die oben verlinkten Informationen gelesen hast, alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
01.03.2021, 17:35
| #14 |
| /// TB-Ausbilder | Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren Auswirkungen Wir sind froh, dass wir helfen konnten  Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
|
| Themen zu Verseuchten Mailanhang (.doc) geöffnet - noch keine merkbaren Auswirkungen |
| .dll, administrator, adobe, antivirus, avg, canon, coupons, defender, desktop, email, firefox, flash player, geforce, google, hijack, home, homepage, internet, mozilla, nvcontainer.exe, nvidia, photoshop, prozesse, registry, rundll, scan, security, windows |
Linear-Darstellung
