|
Log-Analyse und Auswertung: Zip-Datei Word in E-Mail geöffnetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
11.05.2021, 09:19 | #1 |
| Zip-Datei Word in E-Mail geöffnet Guten Tag, leider habe ich in einer stressigen Situation einen unverzeilichen Fehler gemacht und einen Mailanhang .zip geöffnet, obwohl sie auch noch Passwort geschützt war. Das Passwort stand in der Mail. Diese zip hat eine Word-Datei vermutlich mit Makros geöffnet. Es war eine Antwort E-Mail von einem Unternehmen, dass ich um ein Angebot gebeten hatte. Dieses ist schon ein paar Tage her und ich habe bislang keine Fehlermeldung oder Warnung meines Virenprogramms Bitdefender Free bekommen. Dennoch möchte ich jetzt gerne sicher gehen, dass ich mir kein Trojaner emotet oder ähnliches eingefangen habe. Ich bin gerade dabei mit einem Freund ein kleines Unternehmen zu gründen. Bislang haben wir jedoch keine nennenswerten Umsätze und es ist nicht klar, ob es überhaupt weitergeht mit unserer Idee. Den Rechner nutze ich privat und auch dafür. Ich hoffe, dass ich damit bei euch unter die Ausnahme von "Geschäftsleuten" falle. Vielen Dank bereits vorab. Jetzt die Logfiles. FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-05-2021 durchgeführt von Alexander (Administrator) auf WINDELL-788D1Q2 (Dell Inc. XPS 13 9360) (11-05-2021 09:51:32) Gestartet von C:\Users\Alexander\Downloads Geladene Profile: Alexander Platform: Windows 10 Home Version 2004 19041.928 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Opera Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2> (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2> (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2> (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\secd.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Alexander\AppData\Local\WebEx\ciscowebexstart.exe (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Alexander\AppData\Local\WebEx\WebEx\Meetings\atmgr.exe (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Alexander\AppData\Local\WebEx\WebEx\Meetings_01\atmgr.exe (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\121.4.4267\QtWebEngineProcess.exe <3> (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_3f902faa7a5da85d\jhi_service.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0e885955e29b0a55\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0e885955e29b0a55\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0e885955e29b0a55\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0e885955e29b0a55\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.2101.28.0_x64__8wekyb3d8bbwe\Time.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\76.0.4017.107\opera.exe <87> (Opera Software AS -> Opera Software) C:\Program Files\Opera\76.0.4017.107\opera_crashreporter.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_WAVES_SKYLAKE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-07] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-05] (Adobe Inc. -> ) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> ) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680728 2021-05-05] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [Discord] => C:\Users\Alexander\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30885360 2020-03-04] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [PTOneClick] => C:\Users\Alexander\AppData\Local\Webex\Webex\Applications\ptoneclk.exe [7184192 2020-04-12] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-21] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Alexander\AppData\Local\WebEx\ciscowebexstart.exe [3711704 2021-04-30] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2763952 2021-05-07] (Adobe Inc. -> Adobe Inc.) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Uninstall 21.062.0328.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\amd64" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Uninstall 21.062.0328.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\21.062.0328.0001" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Policies\Explorer: [] HKLM\...\Windows x64\Print Processors\Canon TS5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDF.DLL [30720 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-23] (Adobe Inc. -> Adobe Systems Inc) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC) Startup: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2019-02-03] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0C93F72A-6F8E-4DC7-A2A9-7CC09D822904} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {16545A9C-9BBF-4739-90C3-D52AD3C1B751} - System32\Tasks\AdobeAAMUpdater-1.0-WINDELL-788D1Q2-Alexander => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {19141BCC-9300-466C-9758-1BE5F37DBFE9} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4071016 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) Task: {27ED81A3-E23C-4C1D-B463-F7FF65E4FFA6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {33A96379-28BA-479C-A2AA-D467D9A00697} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService Task: {36525BF1-C22C-43F8-A6F6-BBEBCD222162} - System32\Tasks\Opera scheduled assistant Autoupdate 1576835173 => C:\Program Files\Opera\launcher.exe [2199704 2021-05-06] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0) Task: {3880284A-3737-4115-8B6F-0C4168D3F71D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {389BB786-6712-4F94-B108-AF90218D0FB0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) Task: {3E2F6869-CD9F-471D-82C9-B512C28F3F97} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.) Task: {432DA82D-2E8F-4458-A102-BEFBCCB90C52} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-13] (Google Inc -> Google Inc.) Task: {4BBC94E0-A0FB-4F40-BA05-F593065E1E78} - System32\Tasks\Opera scheduled Autoupdate 1509559017 => C:\Program Files\Opera\launcher.exe [2199704 2021-05-06] (Opera Software AS -> Opera Software) Task: {551A3672-B22C-4D83-9A59-45916EBB6540} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1120696 2021-05-03] (Microsoft Corporation -> Microsoft Corporation) Task: {603C9FB2-6B0B-4052-A084-D42F91AEFCB1} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {66E53798-F95C-43C0-9B72-59E6BF3C2BD5} - System32\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.) Task: {72686D95-A891-483A-BBE5-A610D06F474A} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {8C5B4ACF-CD23-4F0D-B5F7-31FE68C66242} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) Task: {9B78D7F5-C5C2-454F-BC6C-8F46150FDD01} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-29] (Mozilla Corporation -> Mozilla Foundation) Task: {A1BB7DE0-DDD7-4857-95D7-70DE9CE09139} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [888232 2021-01-29] (Bitdefender SRL -> Bitdefender) Task: {AC221FF3-5AA7-4B8C-8D9E-01382A0E0A2C} - System32\Tasks\Intel\Intel® Management and Security Status => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\\IMSS\PIconStartup.exe [231400 2019-08-05] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\\IMSS\PrivacyIconClient.exe" 60 Task: {B14BC9B8-C9A1-400C-9D91-ECADA2EEFDB5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {B9D624D1-2F4B-426E-9A68-BF743D83E344} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG Task: {BB06A88E-8A91-44EE-BDFC-91F595D86915} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-05-03] (Microsoft Corporation -> Microsoft Corporation) Task: {C711D884-722A-4478-8749-923B42852DB8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.) Task: {CFB28C91-0A06-474B-BA10-1CB262C24C1F} - System32\Tasks\DropboxUpdateTaskMachineUA1d558491a577788 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.) Task: {D3B225DB-F019-45E5-BCBE-680C8314FB87} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-05-03] (Microsoft Corporation -> Microsoft Corporation) Task: {E5CD3D1D-A4B7-41E3-B1EC-92459A9B4566} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {E6E24F68-D2C2-4B80-8B3A-1D141680A236} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-03-04] (Garmin International, Inc. -> ) Task: {EBB517B3-14A4-4CB2-ACD9-DF5465BD94D6} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.) Task: {EC731A2E-2804-4084-B770-AC2EDECC6A58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-13] (Google Inc -> Google Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d558491a577788.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{0e4f6f48-c261-4dd0-8db2-59bf5a91dfdb}: [DhcpNameServer] 10.106.8.30 Tcpip\..\Interfaces\{19c08f36-edb5-412e-9336-4049871475d5}: [DhcpNameServer] 192.168.0.1 127.0.0.1 128.0.0.1 Tcpip\..\Interfaces\{3f99e3f5-94c9-4ead-8977-2086e6de0d6b}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{ca90329d-3cf3-42e6-a062-13ddf94891df}: [DhcpNameServer] 192.168.0.1 127.0.0.1 128.0.0.1 Edge: ======= Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden] Edge DefaultProfile: Default Edge Profile: C:\Users\Alexander\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-13] FireFox: ======== FF DefaultProfile: ftt3x0f4.default FF DefaultProfile: 2y091unm.default FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Zotero\Zotero\Profiles\ftt3x0f4.default [2021-04-23] FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default [2021-04-20] FF Extension: (Hoxx VPN Proxy) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\@hoxx-vpn.xpi [2021-04-14] FF Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\hotspot-shield@anchorfree.com.xpi [2020-12-15] FF Extension: (Touch VPN – Kostenloses VPN und kostenloser Proxy) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\touch-vpn@anchorfree.com.xpi [2021-01-16] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-07] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-07] (Adobe Inc. -> Adobe Systems) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-07-21] <==== ACHTUNG (Zeigt auf eine *.cfg Datei) FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-07-21] <==== ACHTUNG Chrome: ======= CHR DefaultProfile: Profile 1 CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-15] CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-04-15] CHR Notifications: Profile 1 -> hxxps://app.houseparty.com CHR Extension: (Präsentationen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-12] CHR Extension: (Docs) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-12] CHR Extension: (Redirect Path) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aomidfkchockcldhbkggjokdkkebmdll [2021-02-25] CHR Extension: (Google Drive) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-23] CHR Extension: (YouTube) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-12] CHR Extension: (Adobe Acrobat) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-18] CHR Extension: (Tabellen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-12] CHR Extension: (Google Docs Offline) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-18] CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-29] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Google Mail) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-05] CHR Extension: (Chrome Media Router) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-18] CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-12] CHR HKU\S-1-5-21-648673255-3041033212-2045848966-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Opera: ======= OPR Profile: C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable [2021-05-11] OPR Notifications: Opera Stable -> hxxps://app.houseparty.com; hxxps://book.lufthansa.com; hxxps://business.facebook.com; hxxps://jungesrl.zulipchat.com; hxxps://portal.imice.de; hxxps://web.telegram.org; hxxps://www.facebook.com; hxxps://www.kaufda.de; hxxps://www.laptopmag.com; hxxps://www.wetteronline.de OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Ecosia - Die Suchmaschine, die Bäume pflanzt) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\cjkjohdegdpmepjcgmiafjaanigkkelo [2017-11-01] OPR Extension: (Zotero Connector) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2021-05-05] OPR Extension: (Rich Hints Agent) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-04-20] OPR Extension: (Limit - Set Limits for Distracting Sites) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\idhmmjbmojepanopjakcclphcadaclmk [2020-11-02] OPR Extension: (Install Chrome Extensions) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-12-23] OPR Extension: (Desktop Messenger for Telegram™) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\lamkfhpkhbgfdglofogcdipebpibjbkg [2019-12-16] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk, Inc -> Autodesk Inc.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-07] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) S3 AtcHost; C:\Program Files\Bitdefender Antivirus Free\atchost.exe [1475272 2020-10-02] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA) R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2461792 2021-04-11] (Bitdefender SRL -> Bitdefender) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.) S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2020-08-18] (Dell Inc -> Dell Inc.) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-01-17] (PC-Doctor, Inc. -> PC-Doctor, Inc.) R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2020-08-19] (Dell Inc -> Dell INC.) S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{CDBCEBD6-3610-40F0-A782-B593722A86D0} [21312 2020-10-13] (Microsoft Windows -> Microsoft Corporation) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> ) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-10] (HP Inc. -> HP Inc.) S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73928 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.) R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1775840 2020-04-16] (Rivet Networks LLC -> Rivet Networks) R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2663128 2020-04-16] (Rivet Networks LLC -> Rivet Networks) S3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73928 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-10-13] (Microsoft Windows -> Microsoft Corporation) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1358248 2021-01-29] (Bitdefender SRL -> Bitdefender) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.) R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [236128 2021-04-11] (Bitdefender SRL -> Bitdefender) R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [559200 2021-04-11] (Bitdefender SRL -> Bitdefender) R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [240352 2021-04-11] (Bitdefender SRL -> Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-10-16] (Wondershare Technology Co.,Ltd -> Wondershare) R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2718744 2021-02-26] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA) R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2020-12-08] (Bitdefender SRL -> Bitdefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender) S3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation) R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.) S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation) S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309120 2020-03-05] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R1 Gemma; C:\WINDOWS\System32\DRIVERS\Gemma.sys [488592 2021-02-26] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [187848 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641728 2021-03-10] (Bitdefender SRL -> Bitdefender) R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [386800 2020-12-08] (Bitdefender SRL -> Bitdefender) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2099-07-04 05:39 - 2117-07-04 05:39 - 000000000 _____ C:\WINDOWS\SysWOW64\wsmand.log.lock 2021-05-11 10:00 - 2021-05-11 10:00 - 000002744 _____ C:\Users\Alexander\Desktop\mail.txt 2021-05-11 09:51 - 2021-05-11 09:57 - 000040791 _____ C:\Users\Alexander\Downloads\FRST.txt 2021-05-11 09:49 - 2021-05-11 09:56 - 000000000 ____D C:\FRST 2021-05-11 09:47 - 2021-05-11 09:47 - 002298880 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe 2021-05-10 21:18 - 2021-05-10 21:18 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002) (2).pdf 2021-05-10 21:17 - 2021-05-10 21:17 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002).pdf 2021-05-10 21:17 - 2021-05-10 21:17 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002) (1).pdf 2021-05-10 21:03 - 2021-05-10 21:03 - 000144035 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-05 at 09.30.39.jpeg 2021-05-10 21:02 - 2021-05-10 21:02 - 000156353 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-10 at 21.01.51.jpeg 2021-05-10 21:02 - 2021-05-10 21:02 - 000156353 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-10 at 21.01.51 (1).jpeg 2021-05-10 16:45 - 2021-05-10 16:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2021-05-10 16:45 - 2021-05-10 16:45 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2021-05-10 16:11 - 2021-05-10 16:11 - 000003980 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1509559017 2021-05-10 16:11 - 2021-05-10 16:11 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk 2021-05-10 09:27 - 2021-05-10 09:27 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-648673255-3041033212-2045848966-1001 2021-05-10 09:27 - 2021-05-10 09:27 - 000002398 _____ C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-05-07 09:17 - 2021-05-07 09:17 - 000001407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2021-05-02 11:13 - 2021-05-02 11:13 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk 2021-04-30 08:48 - 2021-04-30 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2021-04-28 23:17 - 2021-04-28 23:17 - 000234959 _____ C:\Users\Alexander\Downloads\Berechnung-Hauskauf_Aktuell.xlsm 2021-04-24 16:07 - 2021-04-24 16:07 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2021-04-24 16:07 - 2021-04-24 16:07 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2021-04-24 12:55 - 2021-04-24 12:55 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2021-04-23 14:24 - 2021-04-23 14:24 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-04-22 13:52 - 2021-04-22 13:52 - 000372051 _____ C:\Users\Alexander\Downloads\Satzung_158.PDF 2021-04-21 10:17 - 2021-04-21 10:17 - 001427677 _____ C:\Users\Alexander\Downloads\Kurzbericht_Welt_Erbe_Haus_zur_Barrierefreiheit.PDF 2021-04-20 15:56 - 2021-05-07 09:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2021-04-19 20:03 - 2021-04-19 20:03 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-04-19 20:03 - 2021-04-19 20:03 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-04-19 20:03 - 2021-04-19 20:03 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-04-18 13:55 - 2021-04-18 13:55 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2021.lnk 2021-04-18 13:51 - 2021-04-18 13:51 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2021.lnk 2021-04-18 13:46 - 2021-04-18 13:46 - 000001134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Rush 1.5.lnk 2021-04-18 13:35 - 2021-04-18 13:35 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk 2021-04-16 15:58 - 2021-04-16 15:58 - 000048902 _____ C:\Users\Alexander\Downloads\DINPro Bold.zip 2021-04-16 15:56 - 2021-04-16 15:56 - 000017216 _____ C:\Users\Alexander\Downloads\DIN Bold.zip 2021-04-16 15:56 - 2021-04-16 15:56 - 000017216 _____ C:\Users\Alexander\Downloads\DIN Bold (1).zip 2021-04-16 15:55 - 2021-04-16 15:55 - 000000000 ____D C:\Users\Alexander\Downloads\flyer Ordner-20210416T135406Z-001 2021-04-16 15:54 - 2021-04-16 15:54 - 031156564 _____ C:\Users\Alexander\Downloads\flyer Ordner-20210416T135406Z-001.zip 2021-04-16 14:59 - 2021-04-16 14:59 - 000125168 _____ (Zoom Video Communications, Inc.) C:\Users\Alexander\Downloads\Zoom_cm_fo42anktZ9vvrZo4_m47SkS27WCcn4PA0hcQmB23L3OTsAxpSFvcY8@OH9ASUeSMemokc+I_k22b9e1cf54b5db69_.exe 2021-04-14 12:21 - 2021-04-14 12:21 - 000116552 _____ C:\Users\Alexander\Desktop\Snippet_316875325.idms 2021-04-14 10:11 - 2021-04-14 10:11 - 000708273 _____ C:\Users\Alexander\Downloads\HydroTower_Bestellformular und QA_2021.04.14 (1).pdf 2021-04-13 17:35 - 2021-04-13 17:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-04-13 12:06 - 2021-04-13 12:06 - 000612441 _____ C:\Users\Alexander\Downloads\t200605073 (1).pdf 2021-04-13 12:03 - 2021-04-13 12:03 - 000612441 _____ C:\Users\Alexander\Downloads\t200605073.pdf 2021-04-13 10:27 - 2021-04-13 10:27 - 002523013 _____ C:\Users\Alexander\Downloads\37_CleanTube_.pdf 2021-04-13 10:27 - 2021-04-13 10:27 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Forwarding_Tube.pdf 2021-04-13 10:26 - 2021-04-13 10:26 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Sleeve_Tube.pdf 2021-04-13 10:26 - 2021-04-13 10:26 - 000663032 _____ C:\Users\Alexander\Downloads\06_RP_PVC_Collar.pdf 2021-04-12 20:18 - 2021-04-12 20:18 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecsTier2 2021-04-12 18:18 - 2021-04-12 18:18 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Fahrrohr (1).pdf 2021-04-12 18:18 - 2021-04-12 18:18 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Muffenrohr (1).pdf 2021-04-12 18:17 - 2021-04-12 18:17 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Fahrrohr.pdf 2021-04-12 18:17 - 2021-04-12 18:17 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Muffenrohr.pdf 2021-04-12 18:17 - 2021-04-12 18:17 - 000663032 _____ C:\Users\Alexander\Downloads\06_RP_PVC_Muffen.pdf 2021-04-11 12:17 - 2021-04-11 12:17 - 000022976 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-05-11 10:05 - 2019-01-02 13:41 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free 2021-05-11 09:59 - 2017-10-25 14:39 - 000000000 ___RD C:\Users\Alexander\OneDrive 2021-05-11 09:52 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-05-11 09:41 - 2020-04-16 18:48 - 000000000 ____D C:\Users\Alexander\AppData\Local\WebEx 2021-05-11 09:31 - 2020-10-08 14:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-05-11 08:34 - 2019-10-03 22:32 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2021-05-10 21:08 - 2020-11-14 13:35 - 000000000 ____D C:\Users\Alexander\AppData\Local\CrashDumps 2021-05-10 16:11 - 2017-11-01 19:56 - 000000000 ____D C:\Program Files\Opera 2021-05-10 16:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-05-10 10:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-05-10 10:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-05-10 09:29 - 2020-07-07 11:34 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-10 09:29 - 2020-07-07 11:34 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-05-10 09:29 - 2020-07-07 11:34 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2021-05-07 09:18 - 2019-12-16 23:09 - 000000000 ___RD C:\Users\Alexander\Creative Cloud Files 2021-05-07 09:17 - 2017-11-08 19:58 - 000000000 ____D C:\Program Files\Common Files\Adobe 2021-05-07 09:17 - 2017-11-08 19:57 - 000000000 ____D C:\Program Files\Adobe 2021-05-07 09:17 - 2017-10-25 17:21 - 000000000 ____D C:\Program Files (x86)\Adobe 2021-05-07 09:14 - 2021-02-14 01:42 - 000000000 ___RD C:\Users\Alexander\iCloudDrive 2021-05-07 09:14 - 2018-02-12 19:38 - 000000000 ____D C:\Users\Alexander\AppData\LocalLow\Mozilla 2021-05-07 09:13 - 2019-02-05 15:55 - 000000000 ___RD C:\Users\Alexander\Google Drive 2021-05-07 09:12 - 2017-10-25 14:36 - 000000000 __SHD C:\Users\Alexander\IntelGraphicsProfiles 2021-05-06 00:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration 2021-05-05 21:57 - 2018-03-01 19:54 - 000000000 ____D C:\Users\Alexander\AppData\Local\PlaceholderTileLogoFolder 2021-05-05 21:56 - 2020-10-08 15:13 - 000004344 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA1d558491a577788 2021-05-05 21:56 - 2020-10-08 15:13 - 000004112 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18 2021-05-05 21:56 - 2019-08-21 19:51 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d558491a577788.job 2021-05-05 21:56 - 2019-08-21 19:51 - 000001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18.job 2021-05-05 09:40 - 2020-04-16 18:48 - 000000000 ____D C:\Users\Alexander\AppData\LocalLow\WebEx 2021-05-05 08:25 - 2020-10-08 15:08 - 001723002 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-05-05 08:25 - 2019-12-07 16:50 - 000746440 _____ C:\WINDOWS\system32\perfh007.dat 2021-05-05 08:25 - 2019-12-07 16:50 - 000150810 _____ C:\WINDOWS\system32\perfc007.dat 2021-05-05 08:01 - 2020-12-08 16:58 - 000000000 ___HD C:\adobeTemp 2021-05-04 01:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-05-04 00:40 - 2021-02-05 12:34 - 000000000 ____D C:\Users\Alexander\Documents\VW Backup 2021-05-03 23:50 - 2017-10-25 17:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-04-30 08:48 - 2018-06-28 21:34 - 000000000 ____D C:\Program Files (x86)\Dropbox 2021-04-28 23:19 - 2017-11-20 13:33 - 000000000 ____D C:\Users\Alexander\AppData\Local\Packages 2021-04-27 09:06 - 2018-02-12 19:37 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-04-25 15:59 - 2020-10-08 23:12 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d69d73ac60587a 2021-04-25 15:59 - 2020-10-08 15:13 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-23 03:17 - 2021-02-27 05:18 - 000000000 ____D C:\Users\Alexander\Zotero 2021-04-22 06:04 - 2018-06-28 21:37 - 000000000 ____D C:\Users\Alexander\Dropbox 2021-04-21 17:06 - 2020-09-30 21:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-04-21 10:48 - 2018-05-12 19:04 - 000001285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-04-21 10:48 - 2018-02-12 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-04-20 21:14 - 2020-10-08 15:13 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-04-20 21:14 - 2020-10-08 15:13 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-04-20 12:18 - 2017-10-25 14:36 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\Adobe 2021-04-20 10:23 - 2019-02-20 22:13 - 000000000 ____D C:\ProgramData\Mozilla 2021-04-20 10:18 - 2021-03-29 11:21 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-04-20 10:03 - 2021-03-03 11:13 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-20 10:03 - 2020-10-08 15:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-20 10:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-04-20 10:03 - 2017-10-03 08:03 - 000000000 ____D C:\Intel 2021-04-20 03:46 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2021-04-20 03:45 - 2021-03-03 11:13 - 000671504 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-04-20 03:45 - 2021-02-27 05:16 - 000000000 ____D C:\Program Files (x86)\Zotero 2021-04-20 03:45 - 2019-12-07 11:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-04-19 20:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-19 20:03 - 2020-10-08 14:58 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-04-19 19:57 - 2017-10-30 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-04-19 19:55 - 2017-10-30 15:39 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-04-16 18:47 - 2019-12-08 14:42 - 000000000 ____D C:\Users\Alexander\Documents\SRL 2021-04-16 15:55 - 2020-09-18 17:22 - 000000000 ____D C:\Users\Alexander\Documents\HydroTower 2021-04-16 00:38 - 2018-12-25 17:13 - 000000000 ____D C:\Program Files (x86)\Steam 2021-04-15 23:24 - 2020-03-15 21:41 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\discord 2021-04-13 17:35 - 2018-02-12 19:37 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-04-13 17:04 - 2017-11-19 19:24 - 000000000 ____D C:\Users\Alexander\Documents\Textures 2021-04-13 16:54 - 2017-10-25 14:52 - 000000000 ____D C:\Users\Alexander\AppData\Local\Comms 2021-04-13 01:33 - 2020-10-08 15:00 - 000000000 ____D C:\Users\Alexander 2021-04-13 00:50 - 2020-11-25 17:08 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\Apple Computer 2021-04-12 20:15 - 2018-05-31 21:40 - 000000000 ____D C:\Users\Alexander\AppData\Local\D3DSCache ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2020-01-09 18:45 - 2020-01-09 18:45 - 000000033 _____ () C:\Users\Alexander\AppData\Roaming\AdobeWLCMCache.dat 2018-06-24 13:49 - 2020-10-16 13:37 - 000000028 _____ () C:\Users\Alexander\AppData\Roaming\kulerdata.json 2020-10-05 13:18 - 2021-02-14 20:20 - 000001456 _____ () C:\Users\Alexander\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2018-10-02 08:25 - 2018-10-02 08:25 - 000000000 _____ () C:\Users\Alexander\AppData\Local\oobelibMkey.log 2017-11-01 20:40 - 2020-08-24 13:02 - 000007604 _____ () C:\Users\Alexander\AppData\Local\Resmon.ResmonCfg 2017-12-05 16:00 - 2021-02-03 16:26 - 000000287 _____ () C:\Users\Alexander\AppData\Local\VersionChecker_23.xml ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
11.05.2021, 09:21 | #2 |
| Weitere Logs Addition und Shortcut Addition:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-05-2021 durchgeführt von Alexander (11-05-2021 10:06:35) Gestartet von C:\Users\Alexander\Downloads Windows 10 Home Version 2004 19041.928 (X64) (2020-10-08 13:14:02) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-648673255-3041033212-2045848966-500 - Administrator - Disabled) Alexander (S-1-5-21-648673255-3041033212-2045848966-1001 - Administrator - Enabled) => C:\Users\Alexander DefaultAccount (S-1-5-21-648673255-3041033212-2045848966-503 - Limited - Disabled) defaultuser0 (S-1-5-21-648673255-3041033212-2045848966-1000 - Limited - Disabled) => C:\Users\defaultuser0 Gast (S-1-5-21-648673255-3041033212-2045848966-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-648673255-3041033212-2045848966-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E} AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated) Adobe Animate 2021 (HKLM-x32\...\FLPR_21_0_5) (Version: 21.0.5 - Adobe Inc.) Adobe Character Animator 2020 (HKLM-x32\...\CHAR_3_5) (Version: 3.5 - Adobe Inc.) Adobe Character Animator 2021 (HKLM-x32\...\CHAR_4_0) (Version: 4.0 - Adobe Inc.) Adobe Connect (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Adobe Connect App) (Version: 2020.1.5.32 - Adobe Systems Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe) Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_2_3) (Version: 25.2.3 - Adobe Inc.) Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_1) (Version: 16.1 - Adobe Inc.) Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_2) (Version: 10.2 - Adobe Inc.) Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_9) (Version: 14.9 - Adobe Inc.) Adobe Media Encoder 2021 (HKLM-x32\...\AME_15_1) (Version: 15.1 - Adobe Inc.) Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_3_1) (Version: 22.3.1.122 - Adobe Inc.) Adobe Premiere Rush (HKLM-x32\...\RUSH_1_5_58) (Version: 1.5.58 - Adobe Inc.) ANT Drivers Installer x64 (HKLM\...\{9A9FF300-3725-4934-A0D7-86F109A88ACF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Application Support (32-Bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.61.1 - Asmedia Technology) AutoCAD 2018 - Deutsch (German) (HKLM\...\{28B89EEF-1001-0407-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk) Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk) Autodesk AutoCAD 2018 - Deutsch (German) (HKLM\...\AutoCAD 2018 - Deutsch (German)) (Version: 22.0.49.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk) Autodesk Desktop-App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.378 - Autodesk) Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk) Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.) Backuptrans Android WhatsApp to iPhone Transfer (x64) 3.2.148 (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Backuptrans Android WhatsApp to iPhone Transfer (x64)) (Version: 3.2.148 - Backuptrans) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender) Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.14.74 - Bitdefender) Cisco Webex Meetings (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\ActiveTouchMeetingClient) (Version: 41.5.3 - Cisco Webex LLC) Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP) Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.7.0 - Dell Inc.) Dell SupportAssist (HKLM\...\{C5A70974-2F89-4BE0-90F7-749E62468C4D}) (Version: 3.8.1.23 - Dell Inc.) Dell SupportAssist Remediation (HKLM\...\{6B991B44-B938-4902-BDF3-186CBDC62AD3}) (Version: 5.1.4.11989 - Dell Inc.) Hidden Dell SupportAssist Remediation (HKLM-x32\...\{34685541-a19e-4537-97c9-082238790346}) (Version: 5.1.4.11989 - Dell Inc.) Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.) Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.1.0 - Dell Inc.) Discord (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 121.4.4267 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden Elevated Installer (HKLM-x32\...\{9427DAC2-91FD-418E-87D4-8914B437CC06}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{0934EADA-3DAF-4A21-829D-1BB3C315DCB4}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{d3b4366e-9163-44f4-a381-d431031c2841}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC) Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google) iCloud Outlook (HKLM\...\{BF2241BF-20CC-490B-B7BE-761B80E20114}) (Version: 11.6.0.32 - Apple Inc.) Image Resizer for Windows (64 bit) (HKLM\...\{2A1F3759-5792-469B-B895-7E29680F02F1}) (Version: 3.1.1.0 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{92916BDF-74CB-479C-B69E-32EACB074FFE}) (Version: 3.1.1.0 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{c624f5da-779e-4ccb-9ce1-34bc5ef0a6b9}) (Version: 3.1.1.0 - Brice Lambson) Intel Processor Diagnostic Tool 64bit (HKLM\...\{D011AAF9-F756-43AB-8E91-47ADF0D86394}) (Version: 4.0.0.29 - Intel Corporation) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation) Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.372 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 2.2.1.31 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.13929.20296 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.56 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.56 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Mozilla Firefox 87.0 (x64 de) (HKLM\...\Mozilla Firefox 87.0 (x64 de)) (Version: 87.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 87.0.0.7747 - Mozilla) Mozilla Thunderbird 78.10.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 78.10.0 (x86 de)) (Version: 78.10.0 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden Opera Stable 76.0.4017.107 (HKLM-x32\...\Opera 76.0.4017.107) (Version: 76.0.4017.107 - Opera Software) Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.825 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.21313 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.) Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.250 - Realtek Semiconductor Corp.) Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.39.518.2020 - Realtek) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 - Samsung Electronics Co., Ltd.) SketchUp 2017 (HKLM\...\{C711666A-E8CC-4E2A-802F-BAA35E76045F}) (Version: 17.2.2555 - Trimble Navigation Limited) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20013.2 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20013.2 - Samsung Electronics Co., Ltd.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Steuer-Ratgeber 2017-2018 (HKLM-x32\...\{09578E80-CE8C-47E6-A055-8C49C616541F}) (Version: 18.05.1 - Wolters Kluwer Deutschland GmbH) Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Updater (HKLM-x32\...\Updater) (Version: 1.0 - Updater) <==== ACHTUNG Vectorworks 2018 (HKLM\...\Vectorworks 2018 SP1 23.0.0) (Version: 23.0.0 - Vectorworks, Inc.) Vectorworks 2021 (HKLM\...\Vectorworks 2021 26.0.2) (Version: 26.0.2 - Vectorworks, Inc.) Verfügbare Autodesk-Apps 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Zoom (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.) Zotero (HKLM-x32\...\Zotero 5.0.96 (x86 en-US)) (Version: 5.0.96 - Corporation for Digital Scholarship) Packages: ========= Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-10] (Adobe Systems Incorporated) Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-11] (Adobe Systems Incorporated) Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_39.0.12.12_x64__adky2gkssdxte [2021-04-18] (Adobe Systems Incorporated) Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.) Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.7.10.0_x64__htrsf667h5kn2 [2020-10-06] (Dell Inc) Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.8.10.0_x64__htrsf667h5kn2 [2021-02-14] (Dell Inc) Dropbox für S Modus -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.4.0_x64__xbfy0k16fey96 [2021-03-19] (Dropbox Inc.) Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-10] (HP Inc.) iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa [2021-05-07] (Apple Inc.) [Startup Task] iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-24] (Apple Inc.) [Startup Task] Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.2.3267.0_x64__rh07ty8m5nkag [2021-01-07] (Rivet Networks LLC) [Startup Task] Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-23] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-10-08] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Studios) [MS Ad] Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.43.41241.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Corporation) [Startup Task] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-12-18] (Adobe Systems Incorporated) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0 [2021-05-04] (Spotify AB) [Startup Task] XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.8.0_x86__xpfg3f7e9an52 [2021-03-19] (New Work SE) ZDFmediathek -> C:\Program Files\WindowsApps\ZDFGemeinntzigeAnstaltdes.ZDFmediathek_4.0.0.0_neutral__h3zwtz978ayka [2020-04-11] (ZDF Gemeinnützige Anstalt des öffentlichen Rechts) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-417AC85DF7F7} -> [Creative Cloud Files] => C:\Users\Alexander\Creative Cloud Files [2019-12-16 23:09] CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Alexander\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{14097043-DE9D-461F-BC24-E07F11A17748} -> [iCloud Drive] => C:\Users\Alexander\iCloudDrive [2021-02-14 01:42] CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2B663ECE-5770-491c-A474-F98603C40681}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2B93DB32-8D98-4438-93B5-5C2CC3441999}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{74562BED-63D6-4234-A386-937DB6FA38AE}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{7C90F737-950A-49eb-B6C1-EE1744C75E97}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{868D9612-74A1-405b-9758-369138103193}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{A6589972-5623-4F20-B23A-ACA747BCE141} -> [iCloud-Fotos] => C:\Users\Alexander\Pictures\iCloud Photos\Photos [2021-02-14 01:42] CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{BB9F1D04-94AB-40b7-ABAE-33D2637F6340}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{CC3BE603-926A-40ae-9570-4258474F0364}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{DD0B2199-F2FD-41eb-B744-B06B100B9A43}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\de-DE\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Alexander\Dropbox [2018-06-28 21:37] CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{F5756047-E218-465a-AC4C-FD04238C4896}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{F9748CB6-1CCB-4557-905E-8D42C83AAEB6}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{FC072C1A-25CB-49e7-8F79-F2A8B8C3289D}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet] ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> ) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google) ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2018-05-26] (Open Source Developer, Brice Lambson -> Brice Lambson) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet] ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0e885955e29b0a55\igfxDTCM.dll [2020-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2015-03-17 02:34 - 2015-03-17 02:34 - 000010240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu 2021-05-07 09:13 - 2021-05-07 09:13 - 000114176 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_ctypes.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000172544 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_elementtree.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 002255872 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_hashlib.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000032256 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_multiprocessing.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000046080 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_psutil_windows.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000047616 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_socket.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 002824704 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_ssl.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000026112 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\_yappi.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000080896 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\bz2.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000015872 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\common.time34.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000007680 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\hashobjs_ext.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000301568 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\PIL._imaging.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000168448 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\pyexpat.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 001084416 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\pysqlite2._sqlite.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000548864 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\pythoncom27.dll 2021-05-07 09:13 - 2021-05-07 09:13 - 000137728 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\pywintypes27.dll 2021-05-07 09:13 - 2021-05-07 09:13 - 000010752 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\select.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000020992 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\thumbnails_ext.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000689664 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\unicodedata.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000119808 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\usb_ext.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000128512 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32api.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000438784 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32com.shell.shell.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000011776 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32crypt.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000023040 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32event.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000149504 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32file.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000223232 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32gui.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000048128 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32inet.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000029696 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32pdh.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000027648 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32pipe.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000044032 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32process.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000020480 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32profile.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000136192 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32security.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000026624 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\win32ts.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\windows.conditional.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000037888 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\windows.connectivity.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000071680 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\windows.device_monitor.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000103936 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\windows.volumes.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000019968 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\windows.winwrap.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 001325056 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wx._controls_.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 001489408 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wx._core_.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 001007104 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wx._gdi_.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000103424 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wx._html2.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 000916992 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wx._misc_.pyd 2021-05-07 09:13 - 2021-05-07 09:13 - 001039872 _____ () [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wx._windows_.pyd 2021-02-02 07:49 - 2021-02-02 07:49 - 000022016 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu 2021-04-12 15:21 - 2021-04-12 15:21 - 000032256 _____ (Dell Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ComponentService\a2519dda3fd763a05a99da465a73aeca\ComponentService.ni.dll 2021-04-12 15:21 - 2021-04-12 15:21 - 000571904 _____ (Dell Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SmbLib\aeca345b8d11f78ad75223b49e0d2127\SmbLib.ni.dll 2021-04-12 15:21 - 2021-04-12 15:21 - 000160768 _____ (Dell Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Utilities\3054ac91e7b446e732a844c998f21f85\Utilities.ni.dll 2019-07-15 11:20 - 2019-07-15 11:20 - 000126976 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll 2021-05-07 09:13 - 2021-05-07 09:13 - 003043328 _____ (Python Software Foundation) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\python27.dll 2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll 2021-05-07 09:13 - 2021-05-07 09:13 - 000202240 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wxbase30u_net_vc90_x64.dll 2021-05-07 09:13 - 2021-05-07 09:13 - 002831872 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wxbase30u_vc90_x64.dll 2021-05-07 09:13 - 2021-05-07 09:13 - 001654784 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wxmsw30u_adv_vc90_x64.dll 2021-05-07 09:13 - 2021-05-07 09:13 - 006542336 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wxmsw30u_core_vc90_x64.dll 2021-05-07 09:13 - 2021-05-07 09:13 - 000773632 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wxmsw30u_html_vc90_x64.dll 2021-05-07 09:13 - 2021-05-07 09:13 - 000137216 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\Alexander\AppData\Local\Temp\_MEI42562\wxmsw30u_webview_vc90_x64.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\Software\Classes\.scr: AutoCADScriptFile => ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-07] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\sharepoint.com -> hxxps://ittuberlin-files.sharepoint.com ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2018-01-29 18:40 - 2019-05-15 11:58 - 000000583 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 192.168.137.1 WINDELL-788D1Q2.mshome.net # 2023 1 6 28 19 50 14 310 ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;%INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL HKU\S-1-5-21-648673255-3041033212-2045848966-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-648673255-3041033212-2045848966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alexander\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\WP_20161123_001.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) MSCONFIG\Services: AdAppMgrSvc => 2 HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "DellSystemDetect" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "GarminExpress" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "PTOneClick" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{E754BBBD-97EA-4E07-9FB1-AAD2BBDA387B}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{80B9C1B4-A921-41FB-8EF0-B94A648EC0DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> ) FirewallRules: [{E087B767-2069-4582-8C83-A1B0EF12A2BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> ) FirewallRules: [{AFF85466-C59C-494D-83E9-7D2C997CF3B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6F0D8AC4-7174-4370-8F55-C4551ACFAECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0A236464-FD3E-46CB-87F4-72894242EE4A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{35CCB881-813F-4540-AF0F-875762A7FF95}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{48006030-7A54-48DD-B058-CC3C3C4F3947}C:\program files\vectorworks 2018\vectorworks2018e.exe] => (Allow) C:\program files\vectorworks 2018\vectorworks2018e.exe (Vectorworks, Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{DD68D86A-7150-47DB-A2EF-5557347A05A9}C:\program files\vectorworks 2018\vectorworks2018e.exe] => (Allow) C:\program files\vectorworks 2018\vectorworks2018e.exe (Vectorworks, Inc.) [Datei ist nicht signiert] FirewallRules: [{F6B0E415-F85F-437A-82FD-AB5D5004A6B5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{EA77759E-B2D3-43B8-93CE-5207C7272500}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{483E5BFB-6D4D-4247-A80A-FBCBCFC31DF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert] FirewallRules: [{6690DE8A-F57A-4C1E-883A-93D7D7627001}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert] FirewallRules: [{CFE88206-3FCB-49A0-8756-5EBF8A74C424}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{F52E2221-4A06-48BD-9282-7330219466DC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{C25F53E3-4342-48B3-A8F3-6B2CE00396A1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{2D271FB1-5269-4B66-BADD-0B67C4F1FCCF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{72AA914A-6EB9-4B07-A461-8DBC44F3AD79}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{3E5D7440-F1E5-4319-9100-99C5F566AF1F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{7DF98843-DE51-462F-94E1-0178AFEFA45F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{1F9AEAF3-976A-4A5B-92B0-CEE354FA968F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{AAB4249F-1C71-47D6-9005-7B299A1AB100}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{222F66A3-40C3-4DBD-8CC3-CD016EEAD05A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0F241C3C-4B22-4C66-84C7-D50DD98C6C29}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{82B5D8AD-60A7-4C1B-BA0D-606A97A2FB22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{934D76D1-06D9-4A10-ACDD-9591906EAC38}C:\program files\vectorworks 2021\vectorworks2021.exe] => (Allow) C:\program files\vectorworks 2021\vectorworks2021.exe (Vectorworks, Inc. -> Vectorworks, Inc.) FirewallRules: [UDP Query User{F1C0FB4F-15D5-4060-B752-52EE18DED36F}C:\program files\vectorworks 2021\vectorworks2021.exe] => (Allow) C:\program files\vectorworks 2021\vectorworks2021.exe (Vectorworks, Inc. -> Vectorworks, Inc.) FirewallRules: [{EA7B77BC-A7F2-4C7A-B292-8B36E7BBA7D0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C404C255-0D04-4380-8EE6-7EE337F0435E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{AA3C7658-CB53-435E-85D8-E2E7E2D885A2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C1ED9B27-2E6F-44A6-A721-EDB8F1A2E289}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4853D7C9-3DF9-42B3-893E-8C0A6ABD402E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E26472D1-F4B4-4AD2-BF4A-FFB62A4F8044}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{CD3BD8CA-5099-4F48-A09E-B9B269333FB8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{416ACCDB-4F04-4F56-8F0A-FAB5EF81A9E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E9C91020-C778-40FF-9C05-5F289F28C466}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{912EA4AD-C128-4B7E-B1D7-580376052815}] => (Allow) C:\Program Files\Opera\75.0.3969.243\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{AE733746-39CC-4EC2-9AD9-6BB4D7C4FE8F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{9A687CCB-9BBC-4D02-8385-6915C4AFB146}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C843FD68-E427-4151-B334-05CF758AF34B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6ADC3378-9FBC-4853-B137-5A36CA3AE6D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1F2CDDFD-68DF-4DCF-8563-A309C7DBD164}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FEDCD465-310A-4E37-80B2-491E66E8A578}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9251C962-E2A1-43F8-A124-1FF45B9D72A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BB2B392C-7B41-498D-B7BB-D5DADA110316}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C2435453-B77D-4FE9-B490-F8D1AF02015A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{685F4A03-C602-4664-8B8F-41ADB4DB7028}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D84C1348-BCCE-4D64-8315-5F622B978D7D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{629965F4-B3DB-4BF1-9EDC-A90239351E03}] => (Allow) C:\Program Files\Opera\76.0.4017.107\opera.exe (Opera Software AS -> Opera Software) ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:475.47 GB) (Free:66.08 GB) (14%) ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (05/11/2021 09:59:44 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: ) Description: Error from DellPowerManager.exe GUI-ATA02 Message: Invalid alert info: 000300000008000700000000 Error: (05/11/2021 09:32:23 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: ) Description: Error from DellPowerManager.exe GUI-ATA02 Message: Invalid alert info: 000300000008000700000000 Error: (05/10/2021 09:08:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 2020.20120.4004.0, Zeitstempel: 0x5fcaab3d Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.906, Zeitstempel: 0x2f2f77bf Ausnahmecode: 0x80131623 Fehleroffset: 0x000000000010b2dc ID des fehlerhaften Prozesses: 0x72e0 Startzeit der fehlerhaften Anwendung: 0x01d7457281e4cab6 Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll Berichtskennung: b07e1f55-5c36-424e-b1f6-0b9b611c26b2 Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App Error: (05/10/2021 09:08:27 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: ) Description: Error from DellPowerManager.exe GUI-ATA02 Message: Invalid alert info: 000300000008000700000000 Error: (05/10/2021 07:00:03 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "M:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006). Error: (05/10/2021 09:28:59 AM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "M:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006). Error: (05/10/2021 09:27:34 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (05/10/2021 09:27:14 AM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "M:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006). Systemfehler: ============= Error: (05/11/2021 09:59:24 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT) Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {2ceb0a22-26c8-4b4d-8045-cd7e34e52689}" ist das Ereignis "74" aufgetreten. Error: (05/11/2021 09:33:24 AM) (Source: DCOM) (EventID: 10010) (User: WINDELL-788D1Q2) Description: Der Server "Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe!App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (05/11/2021 09:31:51 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {2ceb0a22-26c8-4b4d-8045-cd7e34e52689}" ist das Ereignis "74" aufgetreten. Error: (05/10/2021 09:08:18 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {2ceb0a22-26c8-4b4d-8045-cd7e34e52689}" ist das Ereignis "74" aufgetreten. Error: (05/10/2021 09:26:20 AM) (Source: DCOM) (EventID: 10010) (User: WINDELL-788D1Q2) Description: Der Server "microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (05/10/2021 09:25:58 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {2ceb0a22-26c8-4b4d-8045-cd7e34e52689}" ist das Ereignis "74" aufgetreten. Error: (05/07/2021 09:14:54 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Mozilla Maintenance Service" wurde mit folgendem Fehler beendet: Unzulässige Funktion. Error: (05/07/2021 09:12:29 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {2ceb0a22-26c8-4b4d-8045-cd7e34e52689}" ist das Ereignis "74" aufgetreten. CodeIntegrity: =============== Date: 2021-05-11 09:32:44 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider64.dll that did not meet the Windows signing level requirements. Date: 2021-05-11 08:34:25 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider32.dll that did not meet the Microsoft signing level requirements. Date: 2021-05-10 22:29:29 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider32.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== BIOS: Dell Inc. 2.13.0 11/14/2019 Hauptplatine: Dell Inc. 0D4J15 Prozessor: Intel(R) Core(TM) i7-7560U CPU @ 2.40GHz Prozentuale Nutzung des RAM: 62% Installierter physikalischer RAM: 16108.16 MB Verfügbarer physikalischer RAM: 6078.87 MB Summe virtueller Speicher: 28200.2 MB Verfügbarer virtueller Speicher: 10796.55 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:475.47 GB) (Free:66.08 GB) NTFS \\?\Volume{c09336f2-25d2-4235-a503-e804e80b5728}\ (WinRE) (Fixed) (Total:0.39 GB) (Free:0.38 GB) NTFS \\?\Volume{7d4aa265-23a7-40a9-a30c-986b920e2ba9}\ () (Fixed) (Total:0.85 GB) (Free:0.3 GB) NTFS \\?\Volume{03b7b388-dc7a-4570-8cb9-5725c646b0a6}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ======================= |
11.05.2021, 09:22 | #3 |
| Logfile Shortcut Shortcut:
__________________Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 09-05-2021 durchgeführt von Alexander (11-05-2021 10:09:34) Gestartet von C:\Users\Alexander\Downloads Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Public\Desktop\OSGeo4W\OSGeo4W Shell.lnk -> C:\OSGeo4W64\OSGeo4W.bat () Shortcut: C:\Users\Alexander\Links\Desktop.lnk -> C:\Users\Alexander\Desktop () Shortcut: C:\Users\Alexander\Links\Downloads.lnk -> C:\Users\Alexander\Downloads () Shortcut: C:\Users\Alexander\Links\Google Drive.lnk -> C:\Users\Alexander\Google Drive () Shortcut: C:\Users\Alexander\Dropbox\Vasaloppet 2020\OneDrive - Verknüpfung.lnk -> C:\Users\Alexander\OneDrive () Shortcut: C:\Users\Alexander\Documents\cK\cK\2019_03_Kempten im Allgäu\2019_03_Kempten im Allgäu.lnk -> P:\01 Kommunalberatung\K-08-008 Bundestransferstelle Staedtebaulicher Denkmalschutz\Expertengruppe\2019_03_Kempten im Allgäu (Keine Datei) Shortcut: C:\Users\Alexander\Desktop\Adobe Lightroom Classic.lnk -> C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Inc.) Shortcut: C:\Users\Alexander\Desktop\Masterthesis - Verknüpfung.lnk -> C:\Users\Alexander\Documents\Studium TU Berlin\WS_1920\Masterthesis () Shortcut: C:\Users\Alexander\Creative Cloud Files\_Cloud-Dokumente.lnk -> C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe () Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Connect.lnk -> C:\Users\Alexander\AppData\Roaming\Adobe\Connect\connect.exe (Adobe Systems, Inc.) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk -> C:\Program Files\Bitdefender Antivirus Free\bdagent.exe (Bitdefender) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\brain_flower.lnk -> C:\Users\Alexander\Downloads\brain_flower.zip (Keine Datei) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Masterthesis.lnk -> C:\Users\Alexander\Documents\Studium TU Berlin\WS_1920\Masterthesis () Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk -> C:\Windows\System32\fodhelper.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QGIS3.lnk -> C:\OSGeo4W64\bin\qgis-bin.exe () Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schnellzugriff.lnk -> [LFg @U@1SPSU(Ly9K-e)::{679F85CB-0220-4080-B29B-5540CC05AAB6}] Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Zoom.lnk -> C:\Users\Alexander\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc.) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cisco Webex Meetings Desktop-App\Cisco Webex Meetings.lnk -> C:\Users\Alexander\AppData\Local\WebEx\WebEx\Applications\ptoneclk.exe (Cisco Webex LLC) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Backuptrans Android WhatsApp to iPhone Transfer (x64)\Backuptrans Android WhatsApp to iPhone Transfer (x64).lnk -> C:\Users\Alexander\AppData\Local\Backuptrans Android WhatsApp to iPhone Transfer (x64)\androidWhatsAppToiPhoneTransfer.exe (Backuptrans Studio) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Backuptrans Android WhatsApp to iPhone Transfer (x64)\Uninstall.lnk -> C:\Users\Alexander\AppData\Local\Backuptrans Android WhatsApp to iPhone Transfer (x64)\uninst.exe (Backuptrans Studio) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Backuptrans Android WhatsApp to iPhone Transfer (x64)\Website.lnk -> C:\Users\Alexander\AppData\Local\Backuptrans Android WhatsApp to iPhone Transfer (x64)\Backuptrans Android WhatsApp to iPhone Transfer (x64).url () Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Opera-Browser.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera-Browser.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software) Shortcut: C:\Users\Alexander\AppData\Roaming\Autodesk\AutoCAD 2018\R22.0\deu\Plotters\Plot Styles\Assistent zum Hinzufügen einer Plotstiltabelle.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\styshwiz.exe (Autodesk, Inc.) Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Alexander\alexander.*******@campus.tu-berlin.de Creative Cloud Files\_Cloud-Dokumente.lnk -> C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrodist.exe (Adobe Systems Incorporated.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2021.lnk -> C:\Program Files\Adobe\Adobe Animate 2021\Animate.exe (Adobe) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator 2020.lnk -> C:\Program Files\Adobe\Adobe Character Animator 2020\Support Files\Character Animator.exe (Adobe) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator 2021.lnk -> C:\Program Files\Adobe\Adobe Character Animator 2021\Support Files\Character Animator.exe (Adobe) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk -> C:\Program Files\Adobe\Adobe Illustrator 2021\Support Files\Contents\Windows\Illustrator.exe (Adobe Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2021.lnk -> C:\Program Files\Adobe\Adobe InDesign 2021\InDesign.exe (Adobe Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk -> C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2020.lnk -> C:\Program Files\Adobe\Adobe Media Encoder 2020\Adobe Media Encoder.exe (Adobe) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2021.lnk -> C:\Program Files\Adobe\Adobe Media Encoder 2021\Adobe Media Encoder.exe (Adobe) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk -> C:\Program Files\Adobe\Adobe Photoshop 2021\Photoshop.exe (Adobe) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Rush 1.5.lnk -> C:\Program Files\Adobe\Adobe Premiere Rush\Adobe Premiere Rush.exe (Adobe) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk -> C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zotero.lnk -> C:\Program Files (x86)\Zotero\zotero.exe (Corporation for Digital Scholarship) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks 2021\Vectorworks 2021 deinstallieren.lnk -> C:\Program Files\Vectorworks 2021\Uninstall Vectorworks 2021.exe (Vectorworks, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks 2021\Vectorworks 2021.lnk -> C:\Program Files\Vectorworks 2021\Vectorworks2021.exe (Vectorworks, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks 2018 SP1\Uninstall Vectorworks 2018.lnk -> C:\Program Files\Vectorworks 2018\Uninstall Vectorworks 2018.exe (Vectorworks, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks 2018 SP1\Vectorworks 2018.lnk -> C:\Program Files\Vectorworks 2018\Vectorworks2018E.exe (Vectorworks, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Updater\Auf Update prüfen.lnk -> C:\ProgramData\Updater\check-update.exe (Aller Media e.K.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Updater\Software deinstallieren.lnk -> C:\ProgramData\Updater\uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt™ Software\Thunderbolt™ Software.lnk -> C:\Program Files (x86)\Intel\Thunderbolt Software\Thunderbolt.exe (Intel Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Ratgeber 2017-2018\Handbuch.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\Steuer-Ratgeber 2018\hilfe.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017\LayOut.lnk -> C:\Program Files\SketchUp\SketchUp 2017\LayOut\LayOut.exe (Trimble, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017\SketchUp.lnk -> C:\Program Files\SketchUp\SketchUp 2017\SketchUp.exe (Trimble, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017\Style Builder.lnk -> C:\Program Files\SketchUp\SketchUp 2017\Style Builder\Style Builder.exe (Trimble, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\QGIS Desktop 3.14.16 with GRASS 7.8.3.lnk -> C:\OSGeo4W64\bin\qgis-bin-g7.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\QGIS Desktop 3.14.16.lnk -> C:\OSGeo4W64\bin\qgis-bin.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office Language Preferences.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation\Intel Processor Diagnostic Tool 64bit\IntelProcessor Diagnostic Tool 64bit.lnk -> C:\Program Files\Intel Corporation\Intel Processor Diagnostic Tool 64bit\Win-IPDT64.exe (Intel Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Management Engine Components\Intel(R) Management and Security Status.lnk -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk -> C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Digital Delivery.lnk -> C:\Program Files (x86)\Dell Digital Delivery\DeliveryTray.exe (Dell Products, LP) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Update\Dell Update.lnk -> C:\Program Files (x86)\Dell\Update\DellUpdate.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free\Bitdefender Antivirus Free.lnk -> C:\Program Files\Bitdefender Antivirus Free\bdagent.exe (Bitdefender) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google\Backup and Sync from Google.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Uninstall Tool.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\Uninstall Tool\R1\UninstallTool.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk Desktop-App\Autodesk Desktop-App.lnk -> C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Digitale Signaturen zuordnen.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\AcSignApply.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Referenzmanager.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\AdRefMan.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Stapelweise Standardsprüfung.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\DwgCheckStandards.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files (x86)\7-Zip\7zFM.exe (Igor Pavlov) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files (x86)\7-Zip\7-zip.chm () Shortcut: C:\ProgramData\Dell\SARemediation\SystemRepair\Snapshots\Backup\9D5326EAE61DA3A6D71599291AED37A127960123.lnk -> C:\Program Files (x86)\Dell Digital Delivery\DeliveryTray.exe (Dell Products, LP) Shortcut: C:\ProgramData\Dell\SARemediation\SystemRepair\Snapshots\Backup\B77E2F6294A2622B397F91E697BC6D1AA2753897.lnk -> C:\Program Files (x86)\Dell\Update\DellUpdate.exe () Shortcut: C:\Users\Default\Links\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\defaultuser0\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Keine Datei) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\Google Earth Pro.lnk -> C:\Program Files\Google\Google Earth Pro\client\googleearth.exe (Google) Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\Opera-Browser.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software) Shortcut: C:\Users\Public\Desktop\Vectorworks 2021.lnk -> C:\Program Files\Vectorworks 2021\Vectorworks2021.exe (Vectorworks, Inc.) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\Setup.lnk -> C:\OSGeo4W64\bin\nircmd.exe (NirSoft) -> exec hide "C:\OSGeo4W64\bin\setup.bat" ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Word\Microsoft%20Word-Dokument%20(neu)308832740201842190\Microsoft%20Word-Dokument%20(neu).docx.lnk -> C:\Users\Alexander\Desktop\Microsoft Word-Dokument (neu).docx () -> 0 ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\Alexander\AppData\Roaming\Zoom\uninstall\Installer.exe (Zoom Video Communications, Inc.) -> /uninstall ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) -> /tsr ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\Alexander\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk® AutoCAD® 2018 jetzt installieren.lnk -> C:\Autodesk\AutoCAD_2018_German_Win_32_64bit_wi_de-DE\Setup.exe (Autodesk, Inc.) -> /URL "hxxps://edutrial.autodesk.com/NET18SWDLD/2018/ACD/E2D388C2-9E3B-4D52-959D-A1E04692126B/WI/AutoCAD_2018_German_Win_32_64bit_wi_de-DE_Setup.exe?dummy=0" /skipPI /SN 900-96078915 /PK 001J1 /Trial /akamai ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Autodesk\AutoCAD 2018\R22.0\deu\Plotters\Assistent zum Hinzufügen eines Plotters.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\addplwiz.exe (Autodesk, Inc.) -> /LANGUAGE de-DE ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Alexander\AppData\Local\Backuptrans Android WhatsApp to iPhone Transfer (x64)\Backuptrans Android WhatsApp to iPhone Transfer (x64) -Legacy ADB.lnk -> C:\Users\Alexander\AppData\Local\Backuptrans Android WhatsApp to iPhone Transfer (x64)\androidWhatsAppToiPhoneTransfer.exe (Backuptrans Studio) -> adb=adb-legacy/adb ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Ratgeber 2017-2018\Deinstallation des Steuer-Ratgebers.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {09578E80-CE8C-47E6-A055-8C49C616541F} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Ratgeber 2017-2018\Steuer-Ratgeber.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\Steuer-Ratgeber 2018\starter\StartCenterCL.exe () -> -start ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}\setup.exe (Samsung Electronics Co., Ltd.) -> /removeonly ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\GRASS GIS 7.8.4.lnk -> C:\OSGeo4W64\bin\grass78.bat () -> --gui ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\OSGeo4W Shell.lnk -> C:\OSGeo4W64\OSGeo4W.bat () -> ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\Qt Designer with QGIS 3.14.16 custom widgets.lnk -> C:\OSGeo4W64\bin\nircmd.exe (NirSoft) -> exec hide C:\OSGeo4W64\bin\qgis-designer.bat ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W\SAGA GIS (2.3.2).lnk -> C:\OSGeo4W64\bin\nircmd.exe (NirSoft) -> exec hide "C:\OSGeo4W64\bin\saga-ltr_gui.bat" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\Client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation\Intel Processor Diagnostic Tool 64bit\Uninstall Intel Processor Diagnostic Tool 64bit.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {D011AAF9-F756-43AB-8E91-47ADF0D86394} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google\Google Docs.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe () -> --new_document ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google\Google Sheets.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe () -> --new_spreadsheet ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google\Google Slides.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe () -> --new_presentation ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\AutoCAD 2018 - Deutsch (German).lnk -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.) -> /product ACAD /language "de-DE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Dienstprogramm für Lizenzübertragung - AutoCAD 2018.lnk -> C:\Program Files\Common Files\Autodesk Shared\AdLM\R14\LTU.exe (Autodesk, Inc.) -> 001J1 2018.0.0.F -d SA -l de-DE ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Einstellungen auf Vorgabe zurücksetzen.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\AdMigrator.exe (Autodesk, Inc.) -> /reset /product ACAD /language "de-DE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Benutzerdefinierte Einstellungen migrieren\AutoCAD 2018-Einstellungen exportieren.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\AdMigrator.exe (Autodesk, Inc.) -> /e /product ACAD /language "de-DE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Benutzerdefinierte Einstellungen migrieren\AutoCAD 2018-Einstellungen importieren.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\AdMigrator.exe (Autodesk, Inc.) -> /i /product ACAD /language "de-DE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - Deutsch (German)\Benutzerdefinierte Einstellungen migrieren\Von früherem Release migrieren.lnk -> C:\Program Files\Autodesk\AutoCAD 2018\AdMigrator.exe (Autodesk, Inc.) -> /product ACAD /language "de-DE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} InternetURL: C:\Users\Alexander\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\Alexander\Desktop\OneDriveSave\Dokumente\Notizbuch von alexander.********@live.com.url -> URL: hxxps://onedrive.live.com/redir.aspx?cid=2d6775446bc89fb8&resid=2D6775446BC89FB8!159&type=3 InternetURL: C:\Users\Alexander\AppData\Local\Backuptrans Android WhatsApp to iPhone Transfer (x64)\Backuptrans Android WhatsApp to iPhone Transfer (x64).url -> URL: hxxp://www.backuptrans.com/android-whatsapp-to-iphone-transfer.html InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> ==================== Ende vom Shortcut.txt ============================= |
11.05.2021, 10:41 | #4 |
/// TB-Ausbilder | Zip-Datei Word in E-Mail geöffnetMein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen. Ich analysiere gerade dein System und melde mich in Kürze mit weiteren Anweisungen. |
11.05.2021, 10:53 | #5 | ||
/// TB-Ausbilder | Zip-Datei Word in E-Mail geöffnetZitat:
Falls du sie noch hast, bitte hochladen:
Zitat:
Nachzulesen hier: Emotet botnet disrupted after global takedown operation Emotet malware nukes itself today from all infected computers worldwide Schritt 1 Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 2 Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 3
Bitte poste mit deiner nächsten Antwort:
Geändert von M-K-D-B (11.05.2021 um 10:59 Uhr) |
11.05.2021, 16:37 | #6 |
| Zip-Datei Word in E-Mail geöffnet Hallo Matthias, danke für deine ausführliche Antwort. Da habe ich/wir Europol wohl etwas zu verdanken. Die zip. Datei habe ich auf BleepingComputer hochgeladen. Ich habe alle Logs durchgeführt. Vielen Dank für deine Hilfe. MBAM: Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 11.05.21 Scan-Zeit: 16:55 Protokolldatei: e43d31e0-b268-11eb-9875-9cb6d0e08ba8.json -Softwaredaten- Version: 4.3.3.116 Komponentenversion: 1.0.1292 Version des Aktualisierungspakets: 1.0.40330 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 10 (Build 19041.928) CPU: x64 Dateisystem: NTFS Benutzer: WINDELL-788D1Q2\Alexander -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 357091 Erkannte Bedrohungen: 6 In die Quarantäne verschobene Bedrohungen: 6 Abgelaufene Zeit: 6 Min., 48 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 2 Adware.KeenValue, HKLM\SOFTWARE\WOW6432NODE\Updater, In Quarantäne, 7033, 212959, 1.0.40330, , ame, , , PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Updater, In Quarantäne, 502, 541219, , , , , , Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 1 PUP.Optional.StartFenster, C:\PROGRAMDATA\UPDATER, In Quarantäne, 502, 541219, 1.0.40330, , ame, , , Datei: 3 PUP.Optional.StartFenster, C:\PROGRAMDATA\UPDATER\CHECK-UPDATE.EXE, In Quarantäne, 502, 541219, 1.0.40330, , ame, , 6DAE4EBB66DC2A5B1F9D14B4AA8787BA, BFC9F2E5D39F869702F7A080BE369699264CB82A65FF6C39C1F6951D294A8687 PUP.Optional.StartFenster, C:\ProgramData\Updater\setup.ico, In Quarantäne, 502, 541219, , , , , A60B9AFB2DBC13DBFCFE4172325D1712, B2199B7933227655475B64C50AFE09E1DB10D511A248283DDD8EE88EF794A680 PUP.Optional.StartFenster, C:\ProgramData\Updater\uninstall.exe, In Quarantäne, 502, 541219, , , , , 370E7109FBCCE328A0D926A6BD6E55D9, 569F5E05CED3AF9FA24483176878694C9C2E404433A199D4B88C2FF2CA818B30 Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.2.0.0 # ------------------------------- # Build: 03-22-2021 # Database: 2021-04-28.3 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 05-11-2021 # Duration: 00:00:03 # OS: Windows 10 Home # Cleaned: 4 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\vlc.de Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.vlc.de Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\vlc.de Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.vlc.de ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [5160 octets] - [11/05/2021 17:11:57] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-05-2021 durchgeführt von Alexander (11-05-2021 17:22:11) Gestartet von C:\Users\Alexander\Downloads Windows 10 Home Version 2004 19041.928 (X64) (2020-10-08 13:14:02) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-648673255-3041033212-2045848966-500 - Administrator - Disabled) Alexander (S-1-5-21-648673255-3041033212-2045848966-1001 - Administrator - Enabled) => C:\Users\Alexander DefaultAccount (S-1-5-21-648673255-3041033212-2045848966-503 - Limited - Disabled) defaultuser0 (S-1-5-21-648673255-3041033212-2045848966-1000 - Limited - Disabled) => C:\Users\defaultuser0 Gast (S-1-5-21-648673255-3041033212-2045848966-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-648673255-3041033212-2045848966-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E} AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated) Adobe Animate 2021 (HKLM-x32\...\FLPR_21_0_5) (Version: 21.0.5 - Adobe Inc.) Adobe Character Animator 2020 (HKLM-x32\...\CHAR_3_5) (Version: 3.5 - Adobe Inc.) Adobe Character Animator 2021 (HKLM-x32\...\CHAR_4_0) (Version: 4.0 - Adobe Inc.) Adobe Connect (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Adobe Connect App) (Version: 2020.1.5.32 - Adobe Systems Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe) Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_2_3) (Version: 25.2.3 - Adobe Inc.) Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_1) (Version: 16.1 - Adobe Inc.) Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_2) (Version: 10.2 - Adobe Inc.) Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_9) (Version: 14.9 - Adobe Inc.) Adobe Media Encoder 2021 (HKLM-x32\...\AME_15_1) (Version: 15.1 - Adobe Inc.) Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_3_1) (Version: 22.3.1.122 - Adobe Inc.) Adobe Premiere Rush (HKLM-x32\...\RUSH_1_5_58) (Version: 1.5.58 - Adobe Inc.) ANT Drivers Installer x64 (HKLM\...\{9A9FF300-3725-4934-A0D7-86F109A88ACF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Application Support (32-Bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.61.1 - Asmedia Technology) AutoCAD 2018 - Deutsch (German) (HKLM\...\{28B89EEF-1001-0407-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk) Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk) Autodesk AutoCAD 2018 - Deutsch (German) (HKLM\...\AutoCAD 2018 - Deutsch (German)) (Version: 22.0.49.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk) Autodesk Desktop-App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.378 - Autodesk) Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk) Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.) Backuptrans Android WhatsApp to iPhone Transfer (x64) 3.2.148 (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Backuptrans Android WhatsApp to iPhone Transfer (x64)) (Version: 3.2.148 - Backuptrans) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender) Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.14.74 - Bitdefender) Cisco Webex Meetings (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\ActiveTouchMeetingClient) (Version: 41.5.3 - Cisco Webex LLC) Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP) Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.7.0 - Dell Inc.) Dell SupportAssist (HKLM\...\{C5A70974-2F89-4BE0-90F7-749E62468C4D}) (Version: 3.8.1.23 - Dell Inc.) Dell SupportAssist Remediation (HKLM\...\{6B991B44-B938-4902-BDF3-186CBDC62AD3}) (Version: 5.1.4.11989 - Dell Inc.) Hidden Dell SupportAssist Remediation (HKLM-x32\...\{34685541-a19e-4537-97c9-082238790346}) (Version: 5.1.4.11989 - Dell Inc.) Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.) Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.1.0 - Dell Inc.) Discord (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 121.4.4267 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden Elevated Installer (HKLM-x32\...\{9427DAC2-91FD-418E-87D4-8914B437CC06}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{0934EADA-3DAF-4A21-829D-1BB3C315DCB4}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{d3b4366e-9163-44f4-a381-d431031c2841}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC) Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google) iCloud Outlook (HKLM\...\{BF2241BF-20CC-490B-B7BE-761B80E20114}) (Version: 11.6.0.32 - Apple Inc.) Image Resizer for Windows (64 bit) (HKLM\...\{2A1F3759-5792-469B-B895-7E29680F02F1}) (Version: 3.1.1.0 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{92916BDF-74CB-479C-B69E-32EACB074FFE}) (Version: 3.1.1.0 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{c624f5da-779e-4ccb-9ce1-34bc5ef0a6b9}) (Version: 3.1.1.0 - Brice Lambson) Intel Processor Diagnostic Tool 64bit (HKLM\...\{D011AAF9-F756-43AB-8E91-47ADF0D86394}) (Version: 4.0.0.29 - Intel Corporation) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation) Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.372 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 2.2.1.31 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation) Malwarebytes version 4.3.3.116 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.3.116 - Malwarebytes) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.13929.20296 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.56 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.56 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Mozilla Firefox 87.0 (x64 de) (HKLM\...\Mozilla Firefox 87.0 (x64 de)) (Version: 87.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 87.0.0.7747 - Mozilla) Mozilla Thunderbird 78.10.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 78.10.0 (x86 de)) (Version: 78.10.0 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden Opera Stable 76.0.4017.107 (HKLM-x32\...\Opera 76.0.4017.107) (Version: 76.0.4017.107 - Opera Software) Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.825 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.21313 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.) Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.250 - Realtek Semiconductor Corp.) Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.39.518.2020 - Realtek) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 - Samsung Electronics Co., Ltd.) SketchUp 2017 (HKLM\...\{C711666A-E8CC-4E2A-802F-BAA35E76045F}) (Version: 17.2.2555 - Trimble Navigation Limited) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20013.2 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20013.2 - Samsung Electronics Co., Ltd.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Steuer-Ratgeber 2017-2018 (HKLM-x32\...\{09578E80-CE8C-47E6-A055-8C49C616541F}) (Version: 18.05.1 - Wolters Kluwer Deutschland GmbH) Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Vectorworks 2018 (HKLM\...\Vectorworks 2018 SP1 23.0.0) (Version: 23.0.0 - Vectorworks, Inc.) Vectorworks 2021 (HKLM\...\Vectorworks 2021 26.0.2) (Version: 26.0.2 - Vectorworks, Inc.) Verfügbare Autodesk-Apps 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Zoom (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.) Zotero (HKLM-x32\...\Zotero 5.0.96 (x86 en-US)) (Version: 5.0.96 - Corporation for Digital Scholarship) Packages: ========= Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-10] (Adobe Systems Incorporated) Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-11] (Adobe Systems Incorporated) Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_39.0.12.12_x64__adky2gkssdxte [2021-04-18] (Adobe Systems Incorporated) Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.) Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.7.10.0_x64__htrsf667h5kn2 [2020-10-06] (Dell Inc) Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.8.10.0_x64__htrsf667h5kn2 [2021-02-14] (Dell Inc) Dropbox für S Modus -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.4.0_x64__xbfy0k16fey96 [2021-03-19] (Dropbox Inc.) Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-10] (HP Inc.) iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa [2021-05-07] (Apple Inc.) [Startup Task] iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-24] (Apple Inc.) [Startup Task] Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.2.3267.0_x64__rh07ty8m5nkag [2021-01-07] (Rivet Networks LLC) [Startup Task] Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-23] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-10-08] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Studios) [MS Ad] Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.43.41241.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Corporation) [Startup Task] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-12-18] (Adobe Systems Incorporated) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0 [2021-05-04] (Spotify AB) [Startup Task] XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.8.0_x86__xpfg3f7e9an52 [2021-03-19] (New Work SE) ZDFmediathek -> C:\Program Files\WindowsApps\ZDFGemeinntzigeAnstaltdes.ZDFmediathek_4.0.0.0_neutral__h3zwtz978ayka [2020-04-11] (ZDF Gemeinnützige Anstalt des öffentlichen Rechts) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-417AC85DF7F7} -> [Creative Cloud Files] => C:\Users\Alexander\Creative Cloud Files [2019-12-16 23:09] CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Alexander\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{14097043-DE9D-461F-BC24-E07F11A17748} -> [iCloud Drive] => C:\Users\Alexander\iCloudDrive [2021-02-14 01:42] CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2B663ECE-5770-491c-A474-F98603C40681}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2B93DB32-8D98-4438-93B5-5C2CC3441999}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{74562BED-63D6-4234-A386-937DB6FA38AE}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{7C90F737-950A-49eb-B6C1-EE1744C75E97}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{868D9612-74A1-405b-9758-369138103193}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{A6589972-5623-4F20-B23A-ACA747BCE141} -> [iCloud-Fotos] => C:\Users\Alexander\Pictures\iCloud Photos\Photos [2021-02-14 01:42] CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{BB9F1D04-94AB-40b7-ABAE-33D2637F6340}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{CC3BE603-926A-40ae-9570-4258474F0364}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{DD0B2199-F2FD-41eb-B744-B06B100B9A43}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\de-DE\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Alexander\Dropbox [2018-06-28 21:37] CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{F5756047-E218-465a-AC4C-FD04238C4896}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{F9748CB6-1CCB-4557-905E-8D42C83AAEB6}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{FC072C1A-25CB-49e7-8F79-F2A8B8C3289D}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet] ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> ) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google) ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2018-05-26] (Open Source Developer, Brice Lambson -> Brice Lambson) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-11] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet] ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0e885955e29b0a55\igfxDTCM.dll [2020-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-11] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2021-02-02 07:49 - 2021-02-02 07:49 - 000022016 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu 2019-07-15 11:20 - 2019-07-15 11:20 - 000126976 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll 2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\Software\Classes\.scr: AutoCADScriptFile => ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-07] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\sharepoint.com -> hxxps://ittuberlin-files.sharepoint.com ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2018-01-29 18:40 - 2019-05-15 11:58 - 000000583 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 192.168.137.1 WINDELL-788D1Q2.mshome.net # 2023 1 6 28 19 50 14 310 ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;%INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL HKU\S-1-5-21-648673255-3041033212-2045848966-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-648673255-3041033212-2045848966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alexander\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\WP_20161123_001.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) MSCONFIG\Services: AdAppMgrSvc => 2 HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "DellSystemDetect" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "GarminExpress" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "PTOneClick" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{E754BBBD-97EA-4E07-9FB1-AAD2BBDA387B}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{80B9C1B4-A921-41FB-8EF0-B94A648EC0DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> ) FirewallRules: [{E087B767-2069-4582-8C83-A1B0EF12A2BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> ) FirewallRules: [{AFF85466-C59C-494D-83E9-7D2C997CF3B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6F0D8AC4-7174-4370-8F55-C4551ACFAECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0A236464-FD3E-46CB-87F4-72894242EE4A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{35CCB881-813F-4540-AF0F-875762A7FF95}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{48006030-7A54-48DD-B058-CC3C3C4F3947}C:\program files\vectorworks 2018\vectorworks2018e.exe] => (Allow) C:\program files\vectorworks 2018\vectorworks2018e.exe (Vectorworks, Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{DD68D86A-7150-47DB-A2EF-5557347A05A9}C:\program files\vectorworks 2018\vectorworks2018e.exe] => (Allow) C:\program files\vectorworks 2018\vectorworks2018e.exe (Vectorworks, Inc.) [Datei ist nicht signiert] FirewallRules: [{F6B0E415-F85F-437A-82FD-AB5D5004A6B5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{EA77759E-B2D3-43B8-93CE-5207C7272500}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{483E5BFB-6D4D-4247-A80A-FBCBCFC31DF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert] FirewallRules: [{6690DE8A-F57A-4C1E-883A-93D7D7627001}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert] FirewallRules: [{CFE88206-3FCB-49A0-8756-5EBF8A74C424}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{F52E2221-4A06-48BD-9282-7330219466DC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{C25F53E3-4342-48B3-A8F3-6B2CE00396A1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{2D271FB1-5269-4B66-BADD-0B67C4F1FCCF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{72AA914A-6EB9-4B07-A461-8DBC44F3AD79}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{3E5D7440-F1E5-4319-9100-99C5F566AF1F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{7DF98843-DE51-462F-94E1-0178AFEFA45F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{1F9AEAF3-976A-4A5B-92B0-CEE354FA968F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{AAB4249F-1C71-47D6-9005-7B299A1AB100}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{222F66A3-40C3-4DBD-8CC3-CD016EEAD05A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0F241C3C-4B22-4C66-84C7-D50DD98C6C29}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{82B5D8AD-60A7-4C1B-BA0D-606A97A2FB22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{934D76D1-06D9-4A10-ACDD-9591906EAC38}C:\program files\vectorworks 2021\vectorworks2021.exe] => (Allow) C:\program files\vectorworks 2021\vectorworks2021.exe (Vectorworks, Inc. -> Vectorworks, Inc.) FirewallRules: [UDP Query User{F1C0FB4F-15D5-4060-B752-52EE18DED36F}C:\program files\vectorworks 2021\vectorworks2021.exe] => (Allow) C:\program files\vectorworks 2021\vectorworks2021.exe (Vectorworks, Inc. -> Vectorworks, Inc.) FirewallRules: [{EA7B77BC-A7F2-4C7A-B292-8B36E7BBA7D0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C404C255-0D04-4380-8EE6-7EE337F0435E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{AA3C7658-CB53-435E-85D8-E2E7E2D885A2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C1ED9B27-2E6F-44A6-A721-EDB8F1A2E289}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4853D7C9-3DF9-42B3-893E-8C0A6ABD402E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E26472D1-F4B4-4AD2-BF4A-FFB62A4F8044}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{CD3BD8CA-5099-4F48-A09E-B9B269333FB8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{416ACCDB-4F04-4F56-8F0A-FAB5EF81A9E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E9C91020-C778-40FF-9C05-5F289F28C466}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{912EA4AD-C128-4B7E-B1D7-580376052815}] => (Allow) C:\Program Files\Opera\75.0.3969.243\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{AE733746-39CC-4EC2-9AD9-6BB4D7C4FE8F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{9A687CCB-9BBC-4D02-8385-6915C4AFB146}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C843FD68-E427-4151-B334-05CF758AF34B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6ADC3378-9FBC-4853-B137-5A36CA3AE6D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1F2CDDFD-68DF-4DCF-8563-A309C7DBD164}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FEDCD465-310A-4E37-80B2-491E66E8A578}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9251C962-E2A1-43F8-A124-1FF45B9D72A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BB2B392C-7B41-498D-B7BB-D5DADA110316}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C2435453-B77D-4FE9-B490-F8D1AF02015A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{685F4A03-C602-4664-8B8F-41ADB4DB7028}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D84C1348-BCCE-4D64-8315-5F622B978D7D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{629965F4-B3DB-4BF1-9EDC-A90239351E03}] => (Allow) C:\Program Files\Opera\76.0.4017.107\opera.exe (Opera Software AS -> Opera Software) ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:475.47 GB) (Free:64.28 GB) (14%) ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (05/11/2021 04:30:05 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: ) Description: Error from DellPowerManager.exe GUI-ATA02 Message: Invalid alert info: 000300000008000700000000 Error: (05/11/2021 04:28:34 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: ) Description: Error from DellPowerManager.exe GUI-ATA02 Message: Invalid alert info: 000300000008000700000000 Error: (05/11/2021 09:59:44 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: ) Description: Error from DellPowerManager.exe GUI-ATA02 Message: Invalid alert info: 000300000008000700000000 Error: (05/11/2021 09:32:23 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: ) Description: Error from DellPowerManager.exe GUI-ATA02 Message: Invalid alert info: 000300000008000700000000 Error: (05/10/2021 09:08:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 2020.20120.4004.0, Zeitstempel: 0x5fcaab3d Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.906, Zeitstempel: 0x2f2f77bf Ausnahmecode: 0x80131623 Fehleroffset: 0x000000000010b2dc ID des fehlerhaften Prozesses: 0x72e0 Startzeit der fehlerhaften Anwendung: 0x01d7457281e4cab6 Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll Berichtskennung: b07e1f55-5c36-424e-b1f6-0b9b611c26b2 Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App Error: (05/10/2021 09:08:27 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: ) Description: Error from DellPowerManager.exe GUI-ATA02 Message: Invalid alert info: 000300000008000700000000 Error: (05/10/2021 07:00:03 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "M:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006). Error: (05/10/2021 09:28:59 AM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "M:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006). Systemfehler: ============= Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Killer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Killer Analytics Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "HP Print Scan Doctor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Dell Data Vault Processor" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Dell SupportAssist Remediation" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Dell Data Vault Collector" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "ProductAgentService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. CodeIntegrity: =============== Date: 2021-05-11 16:55:14 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider64.dll that did not meet the Windows signing level requirements. Date: 2021-05-11 16:31:56 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider32.dll that did not meet the Microsoft signing level requirements. Date: 2021-05-11 09:32:44 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider64.dll that did not meet the Windows signing level requirements. ==================== Speicherinformationen =========================== BIOS: Dell Inc. 2.13.0 11/14/2019 Hauptplatine: Dell Inc. 0D4J15 Prozessor: Intel(R) Core(TM) i7-7560U CPU @ 2.40GHz Prozentuale Nutzung des RAM: 40% Installierter physikalischer RAM: 16108.16 MB Verfügbarer physikalischer RAM: 9587.46 MB Summe virtueller Speicher: 28062.98 MB Verfügbarer virtueller Speicher: 17862.78 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:475.47 GB) (Free:64.29 GB) NTFS \\?\Volume{c09336f2-25d2-4235-a503-e804e80b5728}\ (WinRE) (Fixed) (Total:0.39 GB) (Free:0.38 GB) NTFS \\?\Volume{7d4aa265-23a7-40a9-a30c-986b920e2ba9}\ () (Fixed) (Total:0.85 GB) (Free:0.3 GB) NTFS \\?\Volume{03b7b388-dc7a-4570-8cb9-5725c646b0a6}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ======================= Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-05-2021 durchgeführt von Alexander (Administrator) auf WINDELL-788D1Q2 (Dell Inc. XPS 13 9360) (11-05-2021 17:20:17) Gestartet von C:\Users\Alexander\Downloads Geladene Profile: defaultuser0 & Alexander Platform: Windows 10 Home Version 2004 19041.928 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Opera Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_WAVES_SKYLAKE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-07] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-05] (Adobe Inc. -> ) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> ) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680728 2021-05-05] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [Discord] => C:\Users\Alexander\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30885360 2020-03-04] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [PTOneClick] => C:\Users\Alexander\AppData\Local\Webex\Webex\Applications\ptoneclk.exe [7184192 2020-04-12] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-21] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Alexander\AppData\Local\WebEx\ciscowebexstart.exe [3711704 2021-04-30] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2763952 2021-05-07] (Adobe Inc. -> Adobe Inc.) HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Uninstall 21.062.0328.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\amd64" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Uninstall 21.062.0328.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\21.062.0328.0001" HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Policies\Explorer: [] HKLM\...\Windows x64\Print Processors\Canon TS5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDF.DLL [30720 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-23] (Adobe Inc. -> Adobe Systems Inc) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC) Startup: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2019-02-03] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0C93F72A-6F8E-4DC7-A2A9-7CC09D822904} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {16545A9C-9BBF-4739-90C3-D52AD3C1B751} - System32\Tasks\AdobeAAMUpdater-1.0-WINDELL-788D1Q2-Alexander => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {27ED81A3-E23C-4C1D-B463-F7FF65E4FFA6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {33A96379-28BA-479C-A2AA-D467D9A00697} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService Task: {36525BF1-C22C-43F8-A6F6-BBEBCD222162} - System32\Tasks\Opera scheduled assistant Autoupdate 1576835173 => C:\Program Files\Opera\launcher.exe [2199704 2021-05-06] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0) Task: {3880284A-3737-4115-8B6F-0C4168D3F71D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {389BB786-6712-4F94-B108-AF90218D0FB0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) Task: {3E2F6869-CD9F-471D-82C9-B512C28F3F97} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.) Task: {432DA82D-2E8F-4458-A102-BEFBCCB90C52} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-13] (Google Inc -> Google Inc.) Task: {4BBC94E0-A0FB-4F40-BA05-F593065E1E78} - System32\Tasks\Opera scheduled Autoupdate 1509559017 => C:\Program Files\Opera\launcher.exe [2199704 2021-05-06] (Opera Software AS -> Opera Software) Task: {551A3672-B22C-4D83-9A59-45916EBB6540} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1120696 2021-05-03] (Microsoft Corporation -> Microsoft Corporation) Task: {55FD2A81-E285-4D47-9EDD-BE982271EB6A} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4071016 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) Task: {603C9FB2-6B0B-4052-A084-D42F91AEFCB1} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {66E53798-F95C-43C0-9B72-59E6BF3C2BD5} - System32\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.) Task: {72686D95-A891-483A-BBE5-A610D06F474A} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {8C5B4ACF-CD23-4F0D-B5F7-31FE68C66242} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) Task: {9B78D7F5-C5C2-454F-BC6C-8F46150FDD01} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-29] (Mozilla Corporation -> Mozilla Foundation) Task: {A1BB7DE0-DDD7-4857-95D7-70DE9CE09139} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [888232 2021-01-29] (Bitdefender SRL -> Bitdefender) Task: {AC221FF3-5AA7-4B8C-8D9E-01382A0E0A2C} - System32\Tasks\Intel\Intel® Management and Security Status => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\\IMSS\PIconStartup.exe [231400 2019-08-05] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\\IMSS\PrivacyIconClient.exe" 60 Task: {B14BC9B8-C9A1-400C-9D91-ECADA2EEFDB5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {B9D624D1-2F4B-426E-9A68-BF743D83E344} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG Task: {BB06A88E-8A91-44EE-BDFC-91F595D86915} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-05-03] (Microsoft Corporation -> Microsoft Corporation) Task: {C711D884-722A-4478-8749-923B42852DB8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.) Task: {CFB28C91-0A06-474B-BA10-1CB262C24C1F} - System32\Tasks\DropboxUpdateTaskMachineUA1d558491a577788 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.) Task: {D3B225DB-F019-45E5-BCBE-680C8314FB87} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-05-03] (Microsoft Corporation -> Microsoft Corporation) Task: {E5CD3D1D-A4B7-41E3-B1EC-92459A9B4566} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {E6E24F68-D2C2-4B80-8B3A-1D141680A236} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-03-04] (Garmin International, Inc. -> ) Task: {EBB517B3-14A4-4CB2-ACD9-DF5465BD94D6} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.) Task: {EC731A2E-2804-4084-B770-AC2EDECC6A58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-13] (Google Inc -> Google Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d558491a577788.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{0e4f6f48-c261-4dd0-8db2-59bf5a91dfdb}: [DhcpNameServer] 10.106.8.30 Tcpip\..\Interfaces\{19c08f36-edb5-412e-9336-4049871475d5}: [DhcpNameServer] 192.168.0.1 127.0.0.1 128.0.0.1 Tcpip\..\Interfaces\{3f99e3f5-94c9-4ead-8977-2086e6de0d6b}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{ca90329d-3cf3-42e6-a062-13ddf94891df}: [DhcpNameServer] 192.168.0.1 127.0.0.1 128.0.0.1 Edge: ======= Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden] Edge DefaultProfile: Default Edge Profile: C:\Users\Alexander\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-13] FireFox: ======== FF DefaultProfile: ftt3x0f4.default FF DefaultProfile: 2y091unm.default FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Zotero\Zotero\Profiles\ftt3x0f4.default [2021-04-23] FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default [2021-04-20] FF Extension: (Hoxx VPN Proxy) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\@hoxx-vpn.xpi [2021-04-14] FF Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\hotspot-shield@anchorfree.com.xpi [2020-12-15] FF Extension: (Touch VPN – Kostenloses VPN und kostenloser Proxy) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\touch-vpn@anchorfree.com.xpi [2021-01-16] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-07] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-07] (Adobe Inc. -> Adobe Systems) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-07-21] <==== ACHTUNG (Zeigt auf eine *.cfg Datei) FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-07-21] <==== ACHTUNG Chrome: ======= CHR DefaultProfile: Profile 1 CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-15] CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-04-15] CHR Notifications: Profile 1 -> hxxps://app.houseparty.com CHR Extension: (Präsentationen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-12] CHR Extension: (Docs) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-12] CHR Extension: (Redirect Path) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aomidfkchockcldhbkggjokdkkebmdll [2021-02-25] CHR Extension: (Google Drive) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-23] CHR Extension: (YouTube) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-12] CHR Extension: (Adobe Acrobat) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-18] CHR Extension: (Tabellen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-12] CHR Extension: (Google Docs Offline) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-18] CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-29] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Google Mail) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-05] CHR Extension: (Chrome Media Router) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-18] CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-12] CHR HKU\S-1-5-21-648673255-3041033212-2045848966-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Opera: ======= OPR Profile: C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable [2021-05-11] OPR Notifications: Opera Stable -> hxxps://app.houseparty.com; hxxps://book.lufthansa.com; hxxps://business.facebook.com; hxxps://jungesrl.zulipchat.com; hxxps://portal.imice.de; hxxps://web.telegram.org; hxxps://www.facebook.com; hxxps://www.kaufda.de; hxxps://www.laptopmag.com; hxxps://www.wetteronline.de OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Ecosia - Die Suchmaschine, die Bäume pflanzt) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\cjkjohdegdpmepjcgmiafjaanigkkelo [2017-11-01] OPR Extension: (Zotero Connector) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2021-05-05] OPR Extension: (Rich Hints Agent) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-05-11] OPR Extension: (Limit - Set Limits for Distracting Sites) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\idhmmjbmojepanopjakcclphcadaclmk [2020-11-02] OPR Extension: (Install Chrome Extensions) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-12-23] OPR Extension: (Desktop Messenger for Telegram™) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\lamkfhpkhbgfdglofogcdipebpibjbkg [2019-12-16] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk, Inc -> Autodesk Inc.) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-07] (Adobe Inc. -> Adobe Inc.) S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) S3 AtcHost; C:\Program Files\Bitdefender Antivirus Free\atchost.exe [1475272 2020-10-02] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA) R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2461792 2021-04-11] (Bitdefender SRL -> Bitdefender) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.) S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2020-08-18] (Dell Inc -> Dell Inc.) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-01-17] (PC-Doctor, Inc. -> PC-Doctor, Inc.) S2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2020-08-19] (Dell Inc -> Dell INC.) S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{CDBCEBD6-3610-40F0-A782-B593722A86D0} [21312 2020-10-13] (Microsoft Windows -> Microsoft Corporation) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> ) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-10] (HP Inc. -> HP Inc.) S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73928 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.) S2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1775840 2020-04-16] (Rivet Networks LLC -> Rivet Networks) S2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2663128 2020-04-16] (Rivet Networks LLC -> Rivet Networks) S3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73928 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-11] (Malwarebytes Inc -> Malwarebytes) S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-10-13] (Microsoft Windows -> Microsoft Corporation) S2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1358248 2021-01-29] (Bitdefender SRL -> Bitdefender) S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) S2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.) R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [236128 2021-04-11] (Bitdefender SRL -> Bitdefender) R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [559200 2021-04-11] (Bitdefender SRL -> Bitdefender) R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [240352 2021-04-11] (Bitdefender SRL -> Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-10-16] (Wondershare Technology Co.,Ltd -> Wondershare) S2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2718744 2021-02-26] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA) R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2020-12-08] (Bitdefender SRL -> Bitdefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender) S3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation) R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.) S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation) S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309120 2020-03-05] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-05-11] (Malwarebytes Inc -> Malwarebytes) R1 Gemma; C:\WINDOWS\System32\DRIVERS\Gemma.sys [488592 2021-02-26] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [187848 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-11] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-11] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-11] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-11] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-11] (Malwarebytes Inc -> Malwarebytes) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641728 2021-03-10] (Bitdefender SRL -> Bitdefender) R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [386800 2020-12-08] (Bitdefender SRL -> Bitdefender) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2099-07-04 05:39 - 2117-07-04 05:39 - 000000000 _____ C:\WINDOWS\SysWOW64\wsmand.log.lock 2021-05-11 17:18 - 2021-05-11 17:18 - 000002378 _____ C:\Users\Alexander\Desktop\AdwCleaner[C00].txt 2021-05-11 17:11 - 2021-05-11 17:18 - 000000000 ____D C:\AdwCleaner 2021-05-11 17:11 - 2021-05-11 17:11 - 008534696 _____ (Malwarebytes) C:\Users\Alexander\Desktop\adwcleaner_8.2.exe 2021-05-11 17:08 - 2021-05-11 17:08 - 000002286 _____ C:\Users\Alexander\Desktop\MBAM.txt 2021-05-11 16:54 - 2021-05-11 16:54 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-05-11 16:54 - 2021-05-11 16:54 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-05-11 16:54 - 2021-05-11 16:54 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-05-11 16:54 - 2021-05-11 16:54 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-05-11 16:54 - 2021-05-11 16:54 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-05-11 16:54 - 2021-05-11 16:54 - 000002036 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-05-11 16:54 - 2021-05-11 16:54 - 000002036 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2021-05-11 16:54 - 2021-05-11 16:54 - 000000000 ____D C:\Users\Alexander\AppData\Local\mbam 2021-05-11 16:53 - 2021-05-11 16:53 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-05-11 16:53 - 2021-05-11 16:53 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-05-11 16:53 - 2021-05-11 16:53 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-05-11 16:53 - 2021-05-11 16:53 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-05-11 16:53 - 2021-05-11 16:53 - 000000000 ____D C:\Program Files\Malwarebytes 2021-05-11 16:51 - 2021-05-11 16:51 - 002078632 _____ (Malwarebytes) C:\Users\Alexander\Desktop\MBSetup.exe 2021-05-11 10:09 - 2021-05-11 10:10 - 000053350 _____ C:\Users\Alexander\Downloads\Shortcut.txt 2021-05-11 10:06 - 2021-05-11 10:09 - 000067266 _____ C:\Users\Alexander\Downloads\Addition.txt 2021-05-11 09:51 - 2021-05-11 17:21 - 000034797 _____ C:\Users\Alexander\Downloads\FRST.txt 2021-05-11 09:49 - 2021-05-11 17:20 - 000000000 ____D C:\FRST 2021-05-11 09:47 - 2021-05-11 09:47 - 002298880 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe 2021-05-10 21:18 - 2021-05-10 21:18 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002) (2).pdf 2021-05-10 21:17 - 2021-05-10 21:17 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002).pdf 2021-05-10 21:17 - 2021-05-10 21:17 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002) (1).pdf 2021-05-10 21:03 - 2021-05-10 21:03 - 000144035 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-05 at 09.30.39.jpeg 2021-05-10 21:02 - 2021-05-10 21:02 - 000156353 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-10 at 21.01.51.jpeg 2021-05-10 21:02 - 2021-05-10 21:02 - 000156353 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-10 at 21.01.51 (1).jpeg 2021-05-10 16:45 - 2021-05-10 16:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2021-05-10 16:45 - 2021-05-10 16:45 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2021-05-10 16:11 - 2021-05-10 16:11 - 000003980 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1509559017 2021-05-10 16:11 - 2021-05-10 16:11 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk 2021-05-10 09:27 - 2021-05-10 09:27 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-648673255-3041033212-2045848966-1001 2021-05-10 09:27 - 2021-05-10 09:27 - 000002398 _____ C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-05-07 09:17 - 2021-05-07 09:17 - 000001407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2021-05-02 11:13 - 2021-05-02 11:13 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk 2021-04-30 08:48 - 2021-04-30 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2021-04-28 23:17 - 2021-04-28 23:17 - 000234959 _____ C:\Users\Alexander\Downloads\Berechnung-Hauskauf_Aktuell.xlsm 2021-04-24 16:07 - 2021-04-24 16:07 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2021-04-24 16:07 - 2021-04-24 16:07 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2021-04-24 12:55 - 2021-04-24 12:55 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2021-04-23 14:24 - 2021-04-23 14:24 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-04-22 13:52 - 2021-04-22 13:52 - 000372051 _____ C:\Users\Alexander\Downloads\Satzung_158.PDF 2021-04-21 10:17 - 2021-04-21 10:17 - 001427677 _____ C:\Users\Alexander\Downloads\Kurzbericht_Welt_Erbe_Haus_zur_Barrierefreiheit.PDF 2021-04-20 15:56 - 2021-05-07 09:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2021-04-19 20:03 - 2021-04-19 20:03 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-04-19 20:03 - 2021-04-19 20:03 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-04-19 20:03 - 2021-04-19 20:03 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-04-18 13:55 - 2021-04-18 13:55 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2021.lnk 2021-04-18 13:51 - 2021-04-18 13:51 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2021.lnk 2021-04-18 13:46 - 2021-04-18 13:46 - 000001134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Rush 1.5.lnk 2021-04-18 13:35 - 2021-04-18 13:35 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk 2021-04-16 15:58 - 2021-04-16 15:58 - 000048902 _____ C:\Users\Alexander\Downloads\DINPro Bold.zip 2021-04-16 15:56 - 2021-04-16 15:56 - 000017216 _____ C:\Users\Alexander\Downloads\DIN Bold.zip 2021-04-16 15:56 - 2021-04-16 15:56 - 000017216 _____ C:\Users\Alexander\Downloads\DIN Bold (1).zip 2021-04-16 15:55 - 2021-04-16 15:55 - 000000000 ____D C:\Users\Alexander\Downloads\flyer Ordner-20210416T135406Z-001 2021-04-16 15:54 - 2021-04-16 15:54 - 031156564 _____ C:\Users\Alexander\Downloads\flyer Ordner-20210416T135406Z-001.zip 2021-04-16 14:59 - 2021-04-16 14:59 - 000125168 _____ (Zoom Video Communications, Inc.) C:\Users\Alexander\Downloads\Zoom_cm_fo42anktZ9vvrZo4_m47SkS27WCcn4PA0hcQmB23L3OTsAxpSFvcY8@OH9ASUeSMemokc+I_k22b9e1cf54b5db69_.exe 2021-04-14 12:21 - 2021-04-14 12:21 - 000116552 _____ C:\Users\Alexander\Desktop\Snippet_316875325.idms 2021-04-14 10:11 - 2021-04-14 10:11 - 000708273 _____ C:\Users\Alexander\Downloads\HydroTower_Bestellformular und QA_2021.04.14 (1).pdf 2021-04-13 17:35 - 2021-04-13 17:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-04-13 12:06 - 2021-04-13 12:06 - 000612441 _____ C:\Users\Alexander\Downloads\t200605073 (1).pdf 2021-04-13 12:03 - 2021-04-13 12:03 - 000612441 _____ C:\Users\Alexander\Downloads\t200605073.pdf 2021-04-13 10:27 - 2021-04-13 10:27 - 002523013 _____ C:\Users\Alexander\Downloads\37_CleanTube_.pdf 2021-04-13 10:27 - 2021-04-13 10:27 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Forwarding_Tube.pdf 2021-04-13 10:26 - 2021-04-13 10:26 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Sleeve_Tube.pdf 2021-04-13 10:26 - 2021-04-13 10:26 - 000663032 _____ C:\Users\Alexander\Downloads\06_RP_PVC_Collar.pdf 2021-04-12 20:18 - 2021-04-12 20:18 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecsTier2 2021-04-12 18:18 - 2021-04-12 18:18 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Fahrrohr (1).pdf 2021-04-12 18:18 - 2021-04-12 18:18 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Muffenrohr (1).pdf 2021-04-12 18:17 - 2021-04-12 18:17 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Fahrrohr.pdf 2021-04-12 18:17 - 2021-04-12 18:17 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Muffenrohr.pdf 2021-04-12 18:17 - 2021-04-12 18:17 - 000663032 _____ C:\Users\Alexander\Downloads\06_RP_PVC_Muffen.pdf 2021-04-11 12:17 - 2021-04-11 12:17 - 000022976 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-05-11 17:19 - 2019-01-02 13:41 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free 2021-05-11 17:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration 2021-05-11 17:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-05-11 17:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-05-11 16:53 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-05-11 16:52 - 2018-02-12 19:38 - 000000000 ____D C:\Users\Alexander\AppData\LocalLow\Mozilla 2021-05-11 16:31 - 2019-10-03 22:32 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2021-05-11 16:28 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-05-11 16:28 - 2017-10-25 14:39 - 000000000 ___RD C:\Users\Alexander\OneDrive 2021-05-11 14:21 - 2020-10-08 14:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-05-11 09:41 - 2020-04-16 18:48 - 000000000 ____D C:\Users\Alexander\AppData\Local\WebEx 2021-05-10 21:08 - 2020-11-14 13:35 - 000000000 ____D C:\Users\Alexander\AppData\Local\CrashDumps 2021-05-10 16:11 - 2017-11-01 19:56 - 000000000 ____D C:\Program Files\Opera 2021-05-10 10:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-05-10 09:29 - 2020-07-07 11:34 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-10 09:29 - 2020-07-07 11:34 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-05-10 09:29 - 2020-07-07 11:34 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2021-05-07 09:18 - 2019-12-16 23:09 - 000000000 ___RD C:\Users\Alexander\Creative Cloud Files 2021-05-07 09:17 - 2017-11-08 19:58 - 000000000 ____D C:\Program Files\Common Files\Adobe 2021-05-07 09:17 - 2017-11-08 19:57 - 000000000 ____D C:\Program Files\Adobe 2021-05-07 09:17 - 2017-10-25 17:21 - 000000000 ____D C:\Program Files (x86)\Adobe 2021-05-07 09:14 - 2021-02-14 01:42 - 000000000 ___RD C:\Users\Alexander\iCloudDrive 2021-05-07 09:13 - 2019-02-05 15:55 - 000000000 ___RD C:\Users\Alexander\Google Drive 2021-05-07 09:12 - 2017-10-25 14:36 - 000000000 __SHD C:\Users\Alexander\IntelGraphicsProfiles 2021-05-05 21:57 - 2018-03-01 19:54 - 000000000 ____D C:\Users\Alexander\AppData\Local\PlaceholderTileLogoFolder 2021-05-05 21:56 - 2020-10-08 15:13 - 000004344 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA1d558491a577788 2021-05-05 21:56 - 2020-10-08 15:13 - 000004112 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18 2021-05-05 21:56 - 2019-08-21 19:51 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d558491a577788.job 2021-05-05 21:56 - 2019-08-21 19:51 - 000001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18.job 2021-05-05 09:40 - 2020-04-16 18:48 - 000000000 ____D C:\Users\Alexander\AppData\LocalLow\WebEx 2021-05-05 08:25 - 2020-10-08 15:08 - 001723002 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-05-05 08:25 - 2019-12-07 16:50 - 000746440 _____ C:\WINDOWS\system32\perfh007.dat 2021-05-05 08:25 - 2019-12-07 16:50 - 000150810 _____ C:\WINDOWS\system32\perfc007.dat 2021-05-05 08:01 - 2020-12-08 16:58 - 000000000 ___HD C:\adobeTemp 2021-05-04 01:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-05-04 00:40 - 2021-02-05 12:34 - 000000000 ____D C:\Users\Alexander\Documents\VW Backup 2021-05-03 23:50 - 2017-10-25 17:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-04-30 08:48 - 2018-06-28 21:34 - 000000000 ____D C:\Program Files (x86)\Dropbox 2021-04-28 23:19 - 2017-11-20 13:33 - 000000000 ____D C:\Users\Alexander\AppData\Local\Packages 2021-04-27 09:06 - 2018-02-12 19:37 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-04-25 15:59 - 2020-10-08 23:12 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d69d73ac60587a 2021-04-25 15:59 - 2020-10-08 15:13 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-23 03:17 - 2021-02-27 05:18 - 000000000 ____D C:\Users\Alexander\Zotero 2021-04-22 06:04 - 2018-06-28 21:37 - 000000000 ____D C:\Users\Alexander\Dropbox 2021-04-21 17:06 - 2020-09-30 21:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-04-21 10:48 - 2018-05-12 19:04 - 000001285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-04-21 10:48 - 2018-02-12 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-04-20 21:14 - 2020-10-08 15:13 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-04-20 21:14 - 2020-10-08 15:13 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-04-20 12:18 - 2017-10-25 14:36 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\Adobe 2021-04-20 10:23 - 2019-02-20 22:13 - 000000000 ____D C:\ProgramData\Mozilla 2021-04-20 10:18 - 2021-03-29 11:21 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-04-20 10:03 - 2021-03-03 11:13 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-20 10:03 - 2020-10-08 15:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-20 10:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-04-20 10:03 - 2017-10-03 08:03 - 000000000 ____D C:\Intel 2021-04-20 03:46 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2021-04-20 03:45 - 2021-03-03 11:13 - 000671504 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-04-20 03:45 - 2021-02-27 05:16 - 000000000 ____D C:\Program Files (x86)\Zotero 2021-04-20 03:45 - 2019-12-07 11:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-04-19 20:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-19 20:03 - 2020-10-08 14:58 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-04-19 19:57 - 2017-10-30 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-04-19 19:55 - 2017-10-30 15:39 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-04-16 18:47 - 2019-12-08 14:42 - 000000000 ____D C:\Users\Alexander\Documents\SRL 2021-04-16 15:55 - 2020-09-18 17:22 - 000000000 ____D C:\Users\Alexander\Documents\HydroTower 2021-04-16 00:38 - 2018-12-25 17:13 - 000000000 ____D C:\Program Files (x86)\Steam 2021-04-15 23:24 - 2020-03-15 21:41 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\discord 2021-04-13 17:35 - 2018-02-12 19:37 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-04-13 17:04 - 2017-11-19 19:24 - 000000000 ____D C:\Users\Alexander\Documents\Textures 2021-04-13 16:54 - 2017-10-25 14:52 - 000000000 ____D C:\Users\Alexander\AppData\Local\Comms 2021-04-13 01:33 - 2020-10-08 15:00 - 000000000 ____D C:\Users\Alexander 2021-04-13 00:50 - 2020-11-25 17:08 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\Apple Computer 2021-04-12 20:15 - 2018-05-31 21:40 - 000000000 ____D C:\Users\Alexander\AppData\Local\D3DSCache ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2020-01-09 18:45 - 2020-01-09 18:45 - 000000033 _____ () C:\Users\Alexander\AppData\Roaming\AdobeWLCMCache.dat 2018-06-24 13:49 - 2020-10-16 13:37 - 000000028 _____ () C:\Users\Alexander\AppData\Roaming\kulerdata.json 2020-10-05 13:18 - 2021-02-14 20:20 - 000001456 _____ () C:\Users\Alexander\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2018-10-02 08:25 - 2018-10-02 08:25 - 000000000 _____ () C:\Users\Alexander\AppData\Local\oobelibMkey.log 2017-11-01 20:40 - 2020-08-24 13:02 - 000007604 _____ () C:\Users\Alexander\AppData\Local\Resmon.ResmonCfg 2017-12-05 16:00 - 2021-02-03 16:26 - 000000287 _____ () C:\Users\Alexander\AppData\Local\VersionChecker_23.xml ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
11.05.2021, 19:27 | #7 | |
/// TB-Ausbilder | Zip-Datei Word in E-Mail geöffnet Schritt 1
Schritt 2 Auf deinem Computer fehlt das aktuelle Funktionsupdate Version 20H2. Zitat:
Dann wären wir durch! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Abschließend bitte noch einen Cleanup mit unserem TBCleanUpTool durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt: Wenn Du möchtest, kannst Du hier sagen, ob du mit mir und meiner Hilfe zufrieden warst... Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen. Hinweis: Bitte gib mir eine kurze Rückmeldung, sobald du die oben verlinkten Informationen gelesen hast, alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
12.05.2021, 11:05 | #8 |
| Zip-Datei Word in E-Mail geöffnet Lieber Matthias, vielen Dank für deine schnelle und kompetente Hilfe. Ich bin begeistert vom Trojaner-Board und hoffe, dass ihr eure Arbeit noch lange weiterführen könnt und unterstütze dies gerne mit einer Spende. Anbei mein Fixlog Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-05-2021 durchgeführt von Alexander (12-05-2021 11:19:27) Run:1 Gestartet von C:\Users\Alexander\Downloads Geladene Profile: defaultuser0 & Alexander Start-Modus: Normal ============================================== fixlist Inhalt: ***************** HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Policies\Explorer: [] Task: {B9D624D1-2F4B-426E-9A68-BF743D83E344} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X] DeleteQuarantine: Unlock: C:\FRST RemoveProxy: SystemRestore: On EmptyTemp: ***************** "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => erfolgreich entfernt "HKU\S-1-5-21-648673255-3041033212-2045848966-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9D624D1-2F4B-426E-9A68-BF743D83E344}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9D624D1-2F4B-426E-9A68-BF743D83E344}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => nicht gefunden HKLM\System\CurrentControlSet\Services\DBUtilDrv2 => erfolgreich entfernt DBUtilDrv2 => Dienst erfolgreich entfernt "C:\FRST\Quarantine" => erfolgreich entfernt "C:\FRST" => wurde entsperrt ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt "HKU\S-1-5-21-648673255-3041033212-2045848966-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt "HKU\S-1-5-21-648673255-3041033212-2045848966-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt "HKU\S-1-5-21-648673255-3041033212-2045848966-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt "HKU\S-1-5-21-648673255-3041033212-2045848966-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt ========= Ende von RemoveProxy: ========= SystemRestore: On => abgeschlossen =========== EmptyTemp: ========== BITS transfer queue => 12083200 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1343355148 B Java, Flash, Steam htmlcache => 184678304 B Windows/system/drivers => 38030285 B Edge => 5959733 B Chrome => 470484060 B Firefox => 79017927 B Opera => 622732006 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 20531548 B systemprofile32 => 20531548 B LocalService => 20645046 B NetworkService => 20651328 B defaultuser0 => 20651328 B Alexander => 309453712 B RecycleBin => 2472713349 B EmptyTemp: => 5.3 GB temporäre Dateien entfernt. ================================ Das System musste neu gestartet werden. ==== Ende von Fixlog 11:42:21 ==== |
12.05.2021, 12:54 | #9 | |
/// TB-Ausbilder | Zip-Datei Word in E-Mail geöffnetZitat:
Wir sind froh, dass wir helfen konnten Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
Themen zu Zip-Datei Word in E-Mail geöffnet |
antivirus, canon, computer, desktop, e-mail, fehler, fehlermeldung, firefox, forwarding, google, home, internet, mozilla, proxy, prozesse, realtek, registry, rundll, scan, security, software, suchmaschine, trojaner, usb, warnung, windows |