|
Plagegeister aller Art und deren Bekämpfung: OpenOffice DilemmaWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
23.02.2022, 22:49 | #1 |
| OpenOffice Dilemma Hallo zusammen! habe dummerweise den Fehler gemacht und auf OpenOffice.de statt Openoffice.org zu downloaden. Kaspersky hat direkt angeschlagen und "Desinfiziert". Dennoch hat sich an der Google Suche etwas verändert und ich hatte ein ungutes Gefühl es bei Kaspersky zu belassen. Habe bereits AdwCleaner laufen gelassen: Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.3.1.0 # ------------------------------- # Build: 11-18-2021 # Database: 2022-02-03.4 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 02-23-2022 # Duration: 00:00:03 # OS: Windows 10 Home # Scanned: 32048 # Detected: 4 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.Fake.OpenOfficeUpdater C:\Users\Caro\AppData\Roaming\OpenOffice Updater PUP.Optional.GreatDealz C:\Users\Caro\AppData\LocalLow\GreatDealz PUP.Optional.Legacy C:\Users\Caro\AppData\Local\YSearchUtil ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Fake.OpenOfficeUpdater HKCU\Software\OpenOffice Updater ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## das erneute Durchlaufen nachdem die 3 Dateien in die Quarantäne geschoben wurden ergab folgendes: Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.3.1.0 # ------------------------------- # Build: 11-18-2021 # Database: 2022-02-03.4 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 02-23-2022 # Duration: 00:00:03 # OS: Windows 10 Home # Scanned: 32048 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. AdwCleaner[S00].txt - [1643 octets] - [23/02/2022 22:21:37] AdwCleaner[C00].txt - [1749 octets] - [23/02/2022 22:22:28] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ########## Name: PDM:Trojan.Win32.Generic Objektname: Updater.exe Objektname: readme_de.html Objektname: vcredist_x64.exe Objektname: vcredist_x86.exe Objektname: setup.exe Zudem wurde ein Rollback durchgeführt: Ereignis: Das Rollback wurde ausgeführt. Programm: openoffice-x86-setup.exe Benutzer: DESKTOP-LJVJBQ2\Caro Benutzertyp: Aktiver Benutzer Komponente: Aktivitätsmonitor Ergebnisbeschreibung: Rollback von Aktionen des Programms Typ: Trojaner Name: PDM:Trojan.Win32.Generic Bedrohungsstufe: Hoch Objekttyp: Prozess Objektpfad: c:\users\caro\appdata\local\temp Objektname: openoffice-x86-setup.exe Vielen Dank! |
23.02.2022, 22:58 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | OpenOffice Dilemma Hinweise für Hilfesuchende gelesen? Da fehlen nämlich Logs.
__________________Kaspersky kannst du schonmal vorher deinstallieren.
__________________ |
23.02.2022, 23:23 | #3 |
| OpenOffice Dilemma Tatsächlich gelesen, aber zu solch später Stunde die FRST logs vergessen..
__________________anbei: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2022 01 durchgeführt von Caro (Administrator) auf DESKTOP-LJVJBQ2 (ASUS System Product Name) (23-02-2022 23:15:50) Gestartet von C:\Users\Caro\Desktop Geladene Profile: Caro Plattform: Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Edge Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe (C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2> (C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ->) (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\142.4.4197\QtWebEngineProcess.exe <2> (C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2> (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2> (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe (C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe (C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11> (explorer.exe ->) (Mattermost, Inc. -> Mattermost, Inc.) C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\Mattermost.exe <4> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.56\msedgewebview2.exe <6> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) D:\Programme\Microsoft Office\Office14\MSOSYNC.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) D:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe (services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4> (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> TODO: <Company name>) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\consent.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2014-07-30] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5819104 2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> ) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10585376 2022-02-13] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2022-02-01] (Adobe Inc. -> Adobe Inc.) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Spotify] => C:\Users\Caro\AppData\Roaming\Spotify\Spotify.exe [18750392 2021-11-23] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5407968 2021-12-24] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [190280 2022-01-24] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33650656 2022-02-17] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Mattermost] => C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\Mattermost.exe [100306760 2020-04-22] (Mattermost, Inc. -> Mattermost, Inc.) HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [OfficeSyncProcess] => D:\Programme\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [MicrosoftEdgeAutoLaunch_288402229142217F72A4B195D34AE808] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc) HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX490 series: C:\Windows\system32\CNCALCK.DLL [303104 2014-09-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\Windows\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2014-08-06] (CANON INC.) [Datei ist nicht signiert] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-17] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2019-11-12] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk [2017-10-15] ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2018-02-02] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () [Datei ist nicht signiert] Startup: C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2019-05-10] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> D:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0589798C-1928-4775-B81C-9F3C174F97A8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) Task: {0A17C0F3-E75A-4279-85F5-39D1A642D062} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {0B75F6FC-BA0A-4442-AAFC-80904088208C} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Keine Datei) Task: {0D7D92FD-89B5-4A6F-97CA-C27C675D5A0E} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2179960 2021-09-16] (ASUSTeK Computer Inc. -> ASUS) Task: {0E7F8CEE-7F8E-4B33-B8F5-97C28CFC7985} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) Task: {11C26323-FE36-4B6A-A118-91147930FA0B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software) Task: {11CC8186-FF3E-4166-B1FF-3978F616F350} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {1BBC9956-5889-4623-B9DF-5AFA10B24437} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [44588888 2021-08-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {20832FEB-2B37-47BD-9F0D-36D05208231E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d7bf56fc559d67 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {2615AA9E-E5DA-4842-BCEF-C66CFAD9BBA5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei) Task: {27B692D4-01EC-4E84-BCC2-7FF381328EF5} - System32\Tasks\ASUS\TriggerCheckLMVersion => C:\Program [Argument = Files (x86)\ASUS\ROG Live Service\CheckLMstatus.exe] Task: {2AE891F5-8A6E-46BC-BF87-5D90C07FE15A} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [104600 2021-09-16] (ASUSTeK Computer Inc. -> ASUS) Task: {600609C8-44B9-47EA-A077-643135EF9597} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {631C211E-FAD0-4B72-A30D-FCC78E63056E} - System32\Tasks\ASUS\ArmouryAIOFanServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe [764152 2021-06-10] (ASUSTeK Computer Inc. -> TODO: <Company name>) Task: {6F177B8C-949B-48E5-953A-5A527A0DC4A1} - System32\Tasks\GreatDealzUpdater => C:\ProgramData\greatdealzupdater\tUpdater.exe (Keine Datei) Task: {8F153D68-C127-4A85-B1CA-C7B3031363FE} - System32\Tasks\ASUS\NoiseCancelingEngine.exe => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1241448 2021-06-22] (ASUSTeK Computer Inc. -> ASUS) Task: {96CB12A3-6C31-49FB-AF2D-DF675694621E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {BBB5DED1-4B7E-4630-BBF8-C718E9120294} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.56\Installer\setup.exe [3196848 2022-02-19] (Microsoft Corporation -> Microsoft Corporation) Task: {BFDCEA5B-6C4E-457B-BC0E-5668BC541487} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {C53B9548-D807-4E37-BA7B-CF01CB65B080} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-03] (Google Inc -> Google Inc.) Task: {D7C4304A-2233-4EAC-B47A-2A1325C5D8BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-03] (Google Inc -> Google Inc.) Task: {DE2ADAB3-4FCE-4A0E-B8EB-AA5821BF0685} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei) Task: {FB40AEE8-C168-4F2B-A9BD-C25B0EF5BDC5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GreatDealzUpdater.job => C:\ProgramData\greatdealzupdater\tUpdater.exe Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{0e9ed192-41f8-494d-9b56-0cb39d641b94}: [DhcpNameServer] 192.168.142.254 Tcpip\..\Interfaces\{1e92237a-aaab-41d6-bfa3-fee8253df165}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{6e92aef6-5e01-4a47-8881-f79c587294f5}: [DhcpNameServer] 192.168.74.1 Tcpip\..\Interfaces\{727a03b2-91bc-49fc-896e-08a5b80af7cb}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{c279de3b-b889-41c7-941c-4c582d3eb6e7}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{e36f689a-bdf6-4d7b-82e1-565889d07cb3}: [DhcpNameServer] 192.168.178.1 Edge: ======= Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden] Edge DefaultProfile: Default Edge Profile: C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-23] Edge DownloadDir: Default -> C:\Users\Caro\Desktop Edge Notifications: Default -> hxxps://www.youtube.com Edge StartupUrls: Default -> "hxxps://fba.h-da.de/aktuelles/" Edge Extension: (Proxy SwitchySharp) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2021-12-12] Edge Extension: (Avast Online Security & Privacy) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2021-12-21] Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-01-14] Edge HKU\S-1-5-21-3671133233-2531484000-2582408703-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Edge HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-02-01] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-02-01] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default [2022-02-23] CHR DownloadDir: C:\Users\Caro\Desktop CHR Notifications: Default -> hxxps://sxce.info; hxxps://web.whatsapp.com; hxxps://www.autodoc.de; hxxps://www.autoscout24.de; hxxps://www.computerbild.de; hxxps://www.frag-mutti.de; hxxps://www.giga.de; hxxps://www.lieferando.de; hxxps://www.pcwelt.de; hxxps://www.pinterest.de; hxxps://www.prosieben.de; hxxps://www.youtube.com CHR StartupUrls: Default -> "hxxps://fba.h-da.de/aktuelles/" CHR Extension: (Präsentationen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15] CHR Extension: (Just Black) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-01] CHR Extension: (Docs) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15] CHR Extension: (Google Drive) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24] CHR Extension: (YouTube) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-03] CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-14] CHR Extension: (Proxy SwitchySharp) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2021-07-05] CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-05] CHR Extension: (Tabellen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15] CHR Extension: (Google Docs Offline) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-17] CHR Extension: (Avast Online Security & Privacy) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-12-21] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Google Mail) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2022-02-01] (Adobe Inc. -> Adobe Inc.) S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [349928 2021-09-10] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe [456008 2021-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2021-08-20] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) S2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe [2201416 2021-08-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [842128 2022-02-23] (ASUSTeK Computer Inc. -> ) R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2021-06-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) S4 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9760664 2018-12-19] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-02-13] (Dropbox, Inc -> Dropbox, Inc.) S4 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel(R) Online Connect -> Intel Corporation) S4 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel(R) Online Connect -> Intel Corporation) S4 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation) S4 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation) S4 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation) S4 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S4 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354008 2019-02-08] (Kaspersky Lab -> AO Kaspersky Lab) S4 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-06-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3565600 2021-08-17] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) S3 Microsoft SharePoint Workspace Audit Service; D:\Programme\Microsoft Office\Office14\GROOVE.EXE [50942144 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) S4 RealtekCU; C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [Datei ist nicht signiert] R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [5941936 2021-10-21] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) S4 RunSwUSB; C:\Windows\runSW.exe [36864 2012-09-20] () [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13036464 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation) S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [X] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> ) R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43160 2021-08-20] (ASUSTeK Computer Inc. -> ) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 cpuz152; C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [35840 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-Malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [689976 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1507648 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [272168 2022-02-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-21] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [287904 2022-01-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [319720 2022-01-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [115968 2022-01-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [229248 2022-01-20] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel(R) Technology Access -> Intel Corporation) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) S3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-15] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-15] (Microsoft Windows -> Microsoft Corporation) R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [118200 2016-12-20] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2022-02-23 23:15 - 2022-02-23 23:16 - 000040314 _____ C:\Users\Caro\Desktop\FRST.txt 2022-02-23 23:15 - 2022-02-23 23:16 - 000000000 ____D C:\FRST 2022-02-23 23:15 - 2022-02-23 23:15 - 002312192 _____ (Farbar) C:\Users\Caro\Desktop\FRST64.exe 2022-02-23 22:21 - 2022-02-23 22:22 - 000000000 ____D C:\AdwCleaner 2022-02-23 22:20 - 2022-02-23 22:20 - 008540344 _____ (Malwarebytes) C:\Users\Caro\Desktop\adwcleaner_8.3.1.exe 2022-02-23 22:18 - 2022-02-23 22:18 - 006125096 _____ (CHIP Digital GmbH) C:\Users\Caro\Desktop\Malwarebytes - Malware Scanner _SkAmZ.exe 2022-02-23 22:04 - 2022-02-23 22:04 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.11 2022-02-23 22:04 - 2022-02-23 22:04 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4 2022-02-23 21:35 - 2022-02-23 21:35 - 000000000 ____D C:\Users\Caro\AppData\Roaming\OpenOffice 2022-02-23 21:34 - 2022-02-23 22:04 - 000000000 ____D C:\Users\Caro\Desktop\OpenOffice 4.1.11 (de) Installation Files 2022-02-23 21:23 - 2022-02-23 21:34 - 473648684 _____ C:\Users\Caro\Desktop\220215_Griesheim Entwurf_caro.vwxw 2022-02-17 11:52 - 2022-02-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2022-02-16 11:31 - 2022-02-16 11:31 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk 2022-02-16 11:28 - 2022-02-16 11:28 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk 2022-02-16 11:26 - 2022-02-16 11:26 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk 2022-02-16 11:23 - 2022-02-16 11:23 - 000000000 ____D C:\Users\Caro\AppData\Roaming\NVIDIA 2022-02-14 13:35 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\system32\lxss 2022-02-14 13:35 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2022-02-14 13:34 - 2022-01-28 20:19 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2022-02-14 13:34 - 2022-01-28 20:19 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe 2022-02-14 13:34 - 2022-01-28 20:19 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-02-14 13:34 - 2022-01-28 20:19 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2022-02-14 13:34 - 2022-01-28 20:19 - 001466000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2022-02-14 13:34 - 2022-01-28 20:19 - 001432312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2022-02-14 13:34 - 2022-01-28 20:19 - 001432312 _____ C:\WINDOWS\system32\vulkan-1.dll 2022-02-14 13:34 - 2022-01-28 20:19 - 001207440 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2022-02-14 13:34 - 2022-01-28 20:19 - 001144552 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2022-02-14 13:34 - 2022-01-28 20:19 - 001144552 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2022-02-14 13:34 - 2022-01-28 20:16 - 001528448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2022-02-14 13:34 - 2022-01-28 20:16 - 001179584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2022-02-14 13:34 - 2022-01-28 20:16 - 000795264 _____ C:\WINDOWS\system32\nvofapi64.dll 2022-02-14 13:34 - 2022-01-28 20:16 - 000714880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2022-02-14 13:34 - 2022-01-28 20:16 - 000638912 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2022-02-14 13:34 - 2022-01-28 20:15 - 008610432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2022-02-14 13:34 - 2022-01-28 20:15 - 002121360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2022-02-14 13:34 - 2022-01-28 20:15 - 001602704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2022-02-14 13:34 - 2022-01-28 20:15 - 000985024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2022-02-14 13:34 - 2022-01-28 20:15 - 000794552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2022-02-14 13:34 - 2022-01-28 20:15 - 000710800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2022-02-14 13:34 - 2022-01-28 20:15 - 000455808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2022-02-14 13:34 - 2022-01-28 20:14 - 007715256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2022-02-14 13:34 - 2022-01-28 20:14 - 005726336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2022-02-14 13:34 - 2022-01-28 20:14 - 005098112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2022-02-14 13:34 - 2022-01-28 20:14 - 002932864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2022-02-14 13:34 - 2022-01-28 20:13 - 000850872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2022-02-14 13:34 - 2022-01-28 20:11 - 006459952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2022-02-14 13:34 - 2022-01-28 12:28 - 000089185 _____ C:\WINDOWS\system32\nvinfo.pb 2022-02-14 13:34 - 2022-01-28 12:28 - 000040920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll 2022-02-14 13:33 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2022-02-14 13:32 - 2022-01-28 20:11 - 007612320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2022-02-14 13:32 - 2020-10-07 13:34 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2022-02-14 13:32 - 2020-10-07 13:34 - 000555248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2022-02-14 10:06 - 2022-01-07 13:36 - 004955248 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys 2022-02-14 10:06 - 2022-01-07 13:36 - 001622088 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll 2022-02-14 10:06 - 2022-01-07 13:05 - 045101144 _____ C:\WINDOWS\system32\Drivers\Netwfw10.dat 2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2022-02-13 06:44 - 2022-02-13 06:44 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2022-02-09 13:11 - 2022-02-09 13:11 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-02-09 13:08 - 2022-02-09 13:08 - 000000000 ___HD C:\$WinREAgent 2022-02-08 22:41 - 2022-02-08 22:41 - 000000000 ____D C:\Users\Caro\AppData\Roaming\com.adobe.dunamis 2022-02-01 20:26 - 2022-02-01 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks 2022 2022-02-01 20:23 - 2022-02-01 20:28 - 000000000 ____D C:\Program Files\Vectorworks 2022 2022-02-01 19:57 - 2022-02-01 19:57 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2022.lnk 2022-02-01 15:05 - 2022-02-01 15:05 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2022-02-01 10:25 - 2022-02-01 10:25 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-02-01 10:24 - 2022-02-01 10:24 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-02-01 10:24 - 2022-02-01 10:24 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2022-02-01 10:24 - 2022-02-01 10:24 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2022-02-23 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-02-23 23:13 - 2020-09-01 09:12 - 000000000 ____D C:\Users\Caro\AppData\Local\Dropbox 2022-02-23 23:13 - 2020-04-27 16:55 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Mattermost 2022-02-23 23:13 - 2018-11-23 23:29 - 000000000 ___RD C:\Users\Caro\Creative Cloud Files 2022-02-23 23:13 - 2017-03-03 17:08 - 000000000 ____D C:\Program Files (x86)\Google 2022-02-23 22:50 - 2017-02-24 16:05 - 000000000 ____D C:\ProgramData\NVIDIA 2022-02-23 22:16 - 2020-08-31 17:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-02-23 21:46 - 2020-08-31 17:26 - 001632230 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-02-23 21:46 - 2019-12-07 15:50 - 000705894 _____ C:\WINDOWS\system32\perfh007.dat 2022-02-23 21:46 - 2019-12-07 15:50 - 000142188 _____ C:\WINDOWS\system32\perfc007.dat 2022-02-23 21:46 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-02-23 21:39 - 2021-10-12 11:47 - 000880672 _____ C:\WINDOWS\system32\wpbbin.exe 2022-02-23 21:39 - 2021-10-12 11:47 - 000842128 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe 2022-02-23 21:39 - 2020-11-02 12:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-02-23 21:39 - 2020-08-31 17:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-02-23 21:39 - 2020-08-31 17:17 - 001097760 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-02-23 21:39 - 2020-08-31 17:17 - 000008192 ___SH C:\DumpStack.log.tmp 2022-02-23 21:39 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2022-02-23 21:39 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-02-23 21:29 - 2018-03-13 21:50 - 000000000 ____D C:\Users\Caro\Documents\VW Backup 2022-02-23 21:12 - 2021-08-02 11:34 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Enscape 2022-02-23 16:42 - 2021-10-24 18:32 - 000000000 ____D C:\Users\Caro\AppData\Roaming\discord 2022-02-23 16:28 - 2021-10-24 18:32 - 000000000 ____D C:\Users\Caro\AppData\Local\Discord 2022-02-23 11:55 - 2019-10-07 20:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-02-23 10:19 - 2018-11-23 22:51 - 000000000 ____D C:\Users\Caro\AppData\Local\D3DSCache 2022-02-21 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-02-20 13:55 - 2020-09-01 09:16 - 000000000 ___RD C:\Users\Caro\Dropbox 2022-02-19 10:52 - 2021-11-22 09:05 - 000004782 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask 2022-02-19 10:52 - 2020-07-01 17:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-02-19 10:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-02-19 10:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-02-18 11:27 - 2021-02-12 14:07 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-02-17 11:52 - 2020-09-01 09:12 - 000000000 ____D C:\Program Files (x86)\Dropbox 2022-02-17 11:52 - 2020-08-29 18:19 - 000000000 ___HD C:\adobeTemp 2022-02-17 11:51 - 2017-03-03 17:09 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-02-16 11:31 - 2018-11-23 23:30 - 000000000 ____D C:\Program Files\Adobe 2022-02-16 11:26 - 2018-07-04 18:39 - 000000000 ____D C:\Program Files\Common Files\Adobe 2022-02-16 11:26 - 2017-03-04 17:22 - 000000000 ____D C:\ProgramData\Adobe 2022-02-16 11:19 - 2021-12-11 16:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3671133233-2531484000-2582408703-1002 2022-02-16 11:19 - 2020-08-31 17:24 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3671133233-2531484000-2582408703-1002 2022-02-16 11:19 - 2020-08-31 17:17 - 000002396 _____ C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-02-14 13:40 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\NVIDIA 2022-02-14 13:35 - 2017-02-24 16:05 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2022-02-14 13:34 - 2017-02-24 16:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2022-02-14 13:31 - 2017-02-24 16:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2022-02-14 09:15 - 2020-10-21 23:12 - 000088328 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpnpflt.sys 2022-02-14 09:14 - 2021-02-19 20:08 - 000237288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\cm_km.sys 2022-02-14 09:14 - 2021-02-19 20:08 - 000090896 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys 2022-02-14 09:14 - 2020-10-21 23:11 - 000105280 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupdisk.sys 2022-02-14 09:14 - 2019-04-12 17:18 - 001049864 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2022-02-14 09:14 - 2019-04-12 17:18 - 000522504 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2022-02-14 09:14 - 2019-02-18 17:41 - 000325400 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys 2022-02-14 09:14 - 2019-02-18 17:41 - 000206600 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupflt.sys 2022-02-14 09:14 - 2019-02-18 17:41 - 000119568 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kldisk.sys 2022-02-14 09:14 - 2018-02-24 04:17 - 000294680 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys 2022-02-14 09:14 - 2018-02-17 01:50 - 000150280 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys 2022-02-14 09:14 - 2018-01-15 04:13 - 000104728 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klkbdflt.sys 2022-02-14 09:14 - 2017-12-11 10:49 - 000107328 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klmouflt.sys 2022-02-14 09:14 - 2017-05-30 17:51 - 000078088 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys 2022-02-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-02-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-02-09 15:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2022-02-09 13:13 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-02-09 13:07 - 2018-11-23 20:32 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-02-09 13:06 - 2018-11-23 20:32 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-02-02 11:00 - 2018-11-27 19:45 - 000000000 ____D C:\Users\Caro\AppData\Local\PlaceholderTileLogoFolder 2022-02-02 10:57 - 2017-06-19 12:08 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Spotify 2022-02-02 10:41 - 2017-06-19 12:10 - 000000000 ____D C:\Users\Caro\AppData\Local\Spotify 2022-02-01 21:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-02-01 20:30 - 2017-03-03 17:46 - 000000000 ____D C:\Users\Caro\AppData\Roaming\MAXON 2022-02-01 20:29 - 2019-11-20 16:21 - 000000000 ____D C:\Users\Caro\AppData\Roaming\vectorworks-installer 2022-02-01 15:05 - 2017-03-10 20:02 - 000000000 ____D C:\Program Files (x86)\Adobe 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-02-01 10:24 - 2020-08-31 17:22 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-02-01 10:16 - 2018-11-23 22:54 - 000000000 ____D C:\ProgramData\Packages 2022-02-01 10:16 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\Packages 2022-02-01 10:15 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\NVIDIA Corporation 2022-01-28 12:28 - 2021-01-06 15:39 - 000127968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2022-01-26 12:33 - 2020-08-31 17:24 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-01-26 12:33 - 2020-08-31 17:24 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2021-02-09 20:03 - 2021-11-04 20:48 - 000001456 _____ () C:\Users\Caro\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2018-11-23 23:26 - 2021-10-12 11:53 - 000000615 _____ () C:\Users\Caro\AppData\Local\oobelibMkey.log 2018-10-23 16:23 - 2020-11-23 12:11 - 000007602 _____ () C:\Users\Caro\AppData\Local\Resmon.ResmonCfg 2018-02-03 14:08 - 2019-01-15 16:12 - 000000287 _____ () C:\Users\Caro\AppData\Local\VersionChecker_23.xml ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
23.02.2022, 23:23 | #4 |
| OpenOffice DilemmaCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-02-2022 01 durchgeführt von Caro (23-02-2022 23:17:04) Gestartet von C:\Users\Caro\Desktop Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) (2020-08-31 16:24:27) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-3671133233-2531484000-2582408703-500 - Administrator - Disabled) Caro (S-1-5-21-3671133233-2531484000-2582408703-1002 - Administrator - Enabled) => C:\Users\Caro DefaultAccount (S-1-5-21-3671133233-2531484000-2582408703-503 - Limited - Disabled) defaultuser0 (S-1-5-21-3671133233-2531484000-2582408703-1001 - Limited - Disabled) => C:\Users\defaultuser0 Gast (S-1-5-21-3671133233-2531484000-2582408703-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3671133233-2531484000-2582408703-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.5.58 - Adobe Inc.) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.) Adobe Illustrator 2022 (HKLM-x32\...\ILST_26_0_3) (Version: 26.0.3 - Adobe Inc.) Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_3) (Version: 16.3 - Adobe Inc.) Adobe InDesign 2022 (HKLM-x32\...\IDSN_17_1) (Version: 17.1 - Adobe Inc.) Adobe Lightroom (HKLM-x32\...\LRCC_5_2) (Version: 5.2 - Adobe Inc.) Adobe Lightroom Classic (HKLM-x32\...\LTRM_11_2) (Version: 11.2 - Adobe Inc.) Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2) (Version: 23.2.0.277 - Adobe Inc.) AirDroid 3.7.0.0 (HKLM-x32\...\AirDroid) (Version: 3.7.0.0 - Sand Studio) ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 4.2.10 - ASUS) ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.36.0 - ASUSTek COMPUTER INC.) Hidden ASUS AIOFan HAL (HKLM-x32\...\{37daa872-b179-48ca-a185-be987f7c63cf}) (Version: 1.1.36.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.11 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM-x32\...\{9c72488b-eb92-40bd-94a3-de309514c154}) (Version: 1.1.0.11 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.2.3.1 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM-x32\...\{c347309a-a19c-44af-9d6c-5c60ba1ba83b}) (Version: 1.2.3.1 - ASUSTeK COMPUTER INC.) Hidden ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.07 - ASUSTek COMPUTER INC.) Hidden ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden ASUS Framework Service (HKLM-x32\...\{8bf47d14-406b-49e8-8759-966757033aa0}) (Version: 2.1.1.3 - ASUSTek COMPUTER INC.) ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.1.3 - ASUSTek COMPUTER INC.) Hidden ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 2.00.13 - ASUSTek Computer Inc.) ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.67 - ASUSTeK Computer Inc.) Hidden AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.14 - ASUS) Hidden AURA DRAM Component (HKLM-x32\...\{c6391bdc-929f-4a9f-98cd-9a3038379379}) (Version: 1.1.14 - ASUS) Hidden AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.18 - ASUS) AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.18 - ASUS) AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.18 - ASUSTeK Computer Inc.) Hidden AURA Service (HKLM-x32\...\{2f406341-f76d-47c9-a781-b6d186b55b00}) (Version: 3.05.18 - ASUSTeK Computer Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.) Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.) CodeMeter Runtime Kit v6.80 (HKLM\...\{8F3C9680-6728-4AD2-992D-9615C0DA06C0}) (Version: 6.80.3312.500 - WIBU-SYSTEMS AG) DIAL Communication Framework (HKLM-x32\...\{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}) (Version: 1.3.2.258 - DIAL GmbH) DIAL Data Dispatcher (HKLM-x32\...\DIAL Data Dispatcher1.0) (Version: 2.0.24.0 - DIAL GmbH) Discord (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Discord) (Version: 1.0.9003 - Discord Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 142.4.4197 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.37.0 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{413fe4b8-1352-4234-a775-ff2f04ad9042}) (Version: 1.1.37.0 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.1 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{bf1d7028-d935-477f-b5b2-053062f9b527}) (Version: 1.0.9.1 - ENE TECHNOLOGY INC.) Hidden Enscape (HKLM\...\{88C5A62D-AE1F-4033-9300-1D72FF1F82B1}) (Version: 3.1.0.51316 - Enscape GmbH) Epic Games Launcher (HKLM-x32\...\{422FC196-EA1D-448E-A505-BC7DFC21C880}) (Version: 1.1.236.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.102 - Google LLC) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation) Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Kaspersky Internet Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden Kingston AURA DRAM Component (HKLM-x32\...\{26b750af-32e4-4afb-aed3-d4c571b122ad}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Mattermost 4.4.1 (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\0cc73166-b7d0-592b-8d95-6cbe304083a6) (Version: 4.4.1 - Mattermost, Inc.) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.56 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.56 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\OneDriveSetup.exe) (Version: 22.012.0117.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29910 (HKLM-x32\...\{53f1dc9d-ed94-4650-a079-129785ce7905}) (Version: 14.28.29910.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) MTpro64 5.0 (HKLM\...\MTpro64) (Version: 5.0.2.2 - Bosch Rexroth AG) NVIDIA Grafiktreiber 511.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.65 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) OpenOffice 4.1.11 (HKLM-x32\...\{372A5898-9772-4413-9767-06E9F4580830}) (Version: 4.111.9808 - Apache Software Foundation) osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.2 - Patriot Memory) Hidden Patriot Viper DRAM RGB (HKLM-x32\...\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: 1.0.9.2 - Patriot Memory) Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.4 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{3c403389-0bc5-4298-bebf-09de0c0b745d}) (Version: 1.0.6.4 - Patriot Memory) PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.) ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 1.00.10 - ASUSTek Computer Inc.) ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.2.18.5 - ASUSTek COMPUTER INC.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Sitecom WiFi USB adapter N300 Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0201 - Sitecom Europe BV) Spotify (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Spotify) (Version: 1.1.72.439.gc253025e - Spotify AB) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.26.4 - TeamViewer) TP-LINK Archer T2U_T2UH Driver (HKLM-x32\...\{95EF5DBB-C2DA-48AF-93B4-533333227486}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.2 - PD) Hidden Universal Holtek RGB DRAM (HKLM-x32\...\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: 1.0.0.2 - PD) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden UXP WebView Support (HKLM-x32\...\UXPW_1_0_0) (Version: 1.0.0 - Adobe Inc.) Vectorworks 2021 (HKLM\...\Vectorworks 2021 26.0.3) (Version: 26.0.3 - Vectorworks, Inc.) Vectorworks 2022 (HKLM\...\Vectorworks 2022 27.0.2) (Version: 27.0.2 - Vectorworks, Inc.) WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK AN1500 (HKLM-x32\...\{589d5178-7c46-4052-8509-a0685184d622}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.40 of 2016-Dec-22 (Build 2402) (Setup) - WIBU-SYSTEMS AG) Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22866 - Microsoft Corporation) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) Windows-PC-Integritätsprüfung (HKLM\...\{68C9C2A4-C212-4310-AB68-12F97050A416}) (Version: 3.2.2110.14001 - Microsoft Corporation) Zoom (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.) Packages: ========= Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-09-13] (Adobe Systems Incorporated) Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-09-13] (Adobe Systems Incorporated) Architectural Structures PREMIUM -> C:\Program Files\WindowsApps\Microsoft.ArchitecturalStructuresPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_4.2.5.0_x64__qmba6cd70vzyy [2021-10-12] (ASUSTeK COMPUTER INC.) Autumn Colors -> C:\Program Files\WindowsApps\Microsoft.AutumnColors_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) Autumn in Sweden -> C:\Program Files\WindowsApps\Microsoft.AutumninSweden_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-12-13] (Canon Inc.) DVD player - TrueDVD Streamer support VLC and youtube -> C:\Program Files\WindowsApps\46109SoftwareDevlope.DVDplayer-TrueDVDStreamersupp_1.1.5.0_x64__ygjcrtpe42fe2 [2021-10-27] (SoftwareDevlope) Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-29] (HP Inc.) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-11-06] (Apple Inc.) [Startup Task] Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-11] (Microsoft Studios) [MS Ad] Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10201.5809.0_x64__8wekyb3d8bbwe [2022-02-03] (Microsoft Corporation) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-14] (NVIDIA Corp.) Otters -> C:\Program Files\WindowsApps\Microsoft.Otters_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.30181.0_x64__8wekyb3d8bbwe [2022-02-05] (Microsoft Corporation) VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-09-13] (VideoLAN) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-5370604078F8} -> [Creative Cloud Files] => C:\Users\Caro\Creative Cloud Files [2018-11-23 23:29] CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Caro\Dropbox [2020-09-01 09:16] CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programme\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\nvshext.dll [2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2021-08-18 13:27 - 2021-08-18 13:27 - 000477696 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node 2021-08-18 13:27 - 2021-08-18 13:27 - 000471040 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node 2021-08-18 13:27 - 2021-08-18 13:27 - 000454656 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node 2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu 2021-10-12 11:56 - 2021-02-18 11:07 - 000085504 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\zlib1.dll 2021-10-12 11:56 - 2021-08-25 16:50 - 001149952 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AiSuiteSDK\DIP4FanCalibration.dll 2021-10-12 11:56 - 2021-08-25 16:54 - 001542144 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AiSuiteSDK\swInterface.dll 2021-10-12 11:55 - 2019-12-23 17:51 - 000093184 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll 2021-08-18 13:27 - 2021-08-18 13:27 - 000081920 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll 2020-04-27 16:55 - 2020-04-22 11:21 - 002123264 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\ffmpeg.dll 2020-04-27 16:55 - 2020-04-22 11:21 - 000131072 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\libegl.dll 2020-04-27 16:55 - 2020-04-22 11:21 - 006792704 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\libglesv2.dll 2020-05-26 16:08 - 2020-05-26 16:08 - 002831360 _____ (Apache Software Foundation) [Datei ist nicht signiert] C:\Program Files (x86)\LightingService\log4cxx.dll 2017-04-02 17:58 - 2014-08-06 12:25 - 000375296 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL 2021-10-12 11:56 - 2021-02-18 11:07 - 000287232 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcurl.dll 2021-10-12 11:56 - 2021-02-18 11:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcrypto-1_1-x64.dll 2021-10-12 11:56 - 2021-02-18 11:07 - 002281984 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\LIBEAY32.dll 2021-10-12 11:56 - 2021-02-18 11:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libssl-1_1-x64.dll 2021-10-12 11:56 - 2021-02-18 11:07 - 000361472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\SSLEAY32.dll 2021-10-12 11:55 - 2019-06-26 15:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll 2021-10-12 11:55 - 2019-06-26 15:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== SearchScopes: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002 -> {61A18614-9A33-46A1-8D11-25C0ABEA3FDA} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Programme\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Programme\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002 -> Kein Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - Keine Datei ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2016-07-16 12:47 - 2019-01-07 12:35 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2019-11-03 14:27 - 2019-11-03 14:27 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-3671133233-2531484000-2582408703-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\Control Panel\Desktop\\Wallpaper -> D:\Documents\08_Sonstiges\Dual Monitor Hintergründe\Dual-Monitor-Wallpaper-22.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) ist aktiviert. Network Binding: ============= Ethernet 3: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled) Ethernet 2: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled) Ethernet 4: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled) WLAN 2: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled) ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeUpdateService => 2 MSCONFIG\Services: AGMService => 2 MSCONFIG\Services: AGSService => 2 MSCONFIG\Services: CmWebAdmin.exe => 2 MSCONFIG\Services: CodeMeter.exe => 2 MSCONFIG\Services: dbupdate => 2 MSCONFIG\Services: dbupdatem => 3 MSCONFIG\Services: DbxSvc => 2 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) Online Connect => 2 MSCONFIG\Services: Intel(R) Online Connect Helper => 2 MSCONFIG\Services: Intel(R) Online Connect Software Asset Manager => 2 MSCONFIG\Services: Intel(R) TechnologyAccessLegacyCSLoader => 2 MSCONFIG\Services: Intel(R) TechnologyAccessService => 2 MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: klvssbridge64_21.3 => 3 MSCONFIG\Services: kpm_launch_service => 3 MSCONFIG\Services: KSDE5.3 => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: NvContainerLocalSystem => 2 MSCONFIG\Services: NvContainerNetworkService => 2 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: NVIDIA Wireless Controller Service => 2 MSCONFIG\Services: RealtekCU => 2 MSCONFIG\Services: RunSwUSB => 2 MSCONFIG\Services: TeamViewer => 2 HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "PDFPrint" HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX" HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\StartupApproved\Run: => "Spotify" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{103BFB37-ADC5-4C97-8073-1C4DE189E1EB}] => (Allow) C:\Users\Caro\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{7E02AE46-AD0D-4DCA-B8F2-8B0478DFA27A}] => (Allow) C:\Users\Caro\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{7AC6111A-8D4C-43E4-9CC3-156FF2CDE906}C:\program files\vectorworks 2020\vectorworks2020.exe] => (Block) C:\program files\vectorworks 2020\vectorworks2020.exe => Keine Datei FirewallRules: [TCP Query User{3BC91753-BAE0-45F5-B47B-FBBCC3A1ABEE}C:\program files\vectorworks 2020\vectorworks2020.exe] => (Block) C:\program files\vectorworks 2020\vectorworks2020.exe => Keine Datei FirewallRules: [{3BA94BC9-204B-4909-8C26-05979814584F}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{540DC681-75E4-45C5-895A-B512D45985B7}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [UDP Query User{311D68E8-F98D-4E90-B247-63AEA3F9EC0D}D:\programme\archicad\neuer ordnerarchi\archicad.exe] => (Allow) D:\programme\archicad\neuer ordnerarchi\archicad.exe => Keine Datei FirewallRules: [TCP Query User{AEA97307-106E-4D79-A451-D28DBFD9BF06}D:\programme\archicad\neuer ordnerarchi\archicad.exe] => (Allow) D:\programme\archicad\neuer ordnerarchi\archicad.exe => Keine Datei FirewallRules: [{A96080F3-45FC-43E2-BB4C-ABFDF012B217}] => (Allow) D:\Programme\Microsoft Office\Office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{38DC9561-1ADA-402E-849E-4E3ED07FCD12}] => (Allow) D:\Programme\Microsoft Office\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{62F2097F-BAF9-46A6-9F82-0D1623591DCE}] => (Allow) D:\Programme\Microsoft Office\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2C755FA6-EB14-4870-A682-11015AB57322}] => (Allow) D:\Programme\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BE2BEF2A-66AF-4BAC-8B7E-97DEE494A413}] => (Allow) D:\Programme\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{442D63F9-A87C-4CD8-AEA2-8D6DE62512FA}] => (Block) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei FirewallRules: [{5C904C29-A633-4388-85B1-392629DAEFDA}] => (Block) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei FirewallRules: [UDP Query User{F03A035B-92A1-4F69-BAD1-EFE827E764B9}D:\programme\vektorworks\vectorworks2018e.exe] => (Allow) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei FirewallRules: [TCP Query User{E9427056-30D6-4B50-A860-10A5A61C3BF2}D:\programme\vektorworks\vectorworks2018e.exe] => (Allow) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei FirewallRules: [UDP Query User{B37E40F2-F5B7-4E33-880C-6A9B9A3B122C}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{43C40599-4714-49B7-9B83-53B0A9F82DD9}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{189CCEC9-6D44-4963-B9BA-E24F743F8AD0}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{3F51C2F1-63BC-4EEE-A71A-3FAD37E7DA4D}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{B850E85A-8557-4CFB-93AA-13E6D552ECDD}C:\program files (x86)\archicad20\licensefilegenerator.exe] => (Allow) C:\program files (x86)\archicad20\licensefilegenerator.exe => Keine Datei FirewallRules: [TCP Query User{5CF10A1E-66C7-4C5B-B866-AD1E7626BEEE}C:\program files (x86)\archicad20\licensefilegenerator.exe] => (Allow) C:\program files (x86)\archicad20\licensefilegenerator.exe => Keine Datei FirewallRules: [{076F77BB-1426-43BA-9357-A6C79AF3424B}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{B86178ED-C694-41B2-9C3D-97ECB25F7A5D}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{DE4D120C-8E2D-4753-8A65-95213CE689D4}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei FirewallRules: [{3D50CB20-DA48-4C77-BC3F-1FAE1045721A}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei FirewallRules: [{7E3A988B-0E25-4DD8-A5DE-A259113611C6}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei FirewallRules: [{E94815B0-FEE6-4C9B-9218-B8477BB5B2F2}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei FirewallRules: [UDP Query User{FB31F15D-437A-434D-B40E-3795935822CE}C:\program files\programme\archicad programm\licensefilegenerator.exe] => (Allow) C:\program files\programme\archicad programm\licensefilegenerator.exe => Keine Datei FirewallRules: [TCP Query User{3FE56CCB-5828-439C-967F-9E707AD31299}C:\program files\programme\archicad programm\licensefilegenerator.exe] => (Allow) C:\program files\programme\archicad programm\licensefilegenerator.exe => Keine Datei FirewallRules: [UDP Query User{CD134EB8-5188-4BB3-B2B2-8AA7640440FB}C:\program files\programme\archicad programm\overwatchserver.exe] => (Allow) C:\program files\programme\archicad programm\overwatchserver.exe => Keine Datei FirewallRules: [TCP Query User{AFB220E9-76BC-429B-B362-5221ED80FA7E}C:\program files\programme\archicad programm\overwatchserver.exe] => (Allow) C:\program files\programme\archicad programm\overwatchserver.exe => Keine Datei FirewallRules: [UDP Query User{6FBE67FC-CA01-46D8-824A-58A097A0B8E2}C:\program files\programme\archicad programm\archicad.exe] => (Allow) C:\program files\programme\archicad programm\archicad.exe => Keine Datei FirewallRules: [TCP Query User{B0E84A7E-FA5F-4078-94F6-E0E3DF26CCC4}C:\program files\programme\archicad programm\archicad.exe] => (Allow) C:\program files\programme\archicad programm\archicad.exe => Keine Datei FirewallRules: [{DB6739E6-2204-4B09-B41B-30968CA9CFD1}] => (Block) D:\programme\archicad programm\overwatchserver.exe => Keine Datei FirewallRules: [{6A545E13-8CF1-4023-A9C1-9CA1EEB620DF}] => (Block) D:\programme\archicad programm\overwatchserver.exe => Keine Datei FirewallRules: [UDP Query User{778E1A82-286F-4FE1-BE57-4CA6EC8925D6}D:\programme\archicad programm\overwatchserver.exe] => (Allow) D:\programme\archicad programm\overwatchserver.exe => Keine Datei FirewallRules: [TCP Query User{296B780E-8AAA-42EB-AE50-F680F62B9BBC}D:\programme\archicad programm\overwatchserver.exe] => (Allow) D:\programme\archicad programm\overwatchserver.exe => Keine Datei FirewallRules: [UDP Query User{CF75E19E-6C46-41F6-8D44-01E7F8FE2E7D}D:\programme\archicad programm\archicad.exe] => (Allow) D:\programme\archicad programm\archicad.exe => Keine Datei FirewallRules: [TCP Query User{A4D1DAB3-C170-4E40-85D3-51B0504A3479}D:\programme\archicad programm\archicad.exe] => (Allow) D:\programme\archicad programm\archicad.exe => Keine Datei FirewallRules: [{6554799D-E07B-4AB2-844E-4DA7F409DF4B}] => (Block) D:\Programme\Neuer Ordner\OverwatchServer.exe => Keine Datei FirewallRules: [{DBF87FB9-8EA0-4D89-B24E-2F55A4ABB1E7}] => (Allow) D:\Programme\Neuer Ordner\BIMxUploader.exe => Keine Datei FirewallRules: [{9258A666-5949-4A3E-9336-366B9A300E6B}] => (Block) D:\Programme\Neuer Ordner\CineRender\CineRender 64bit.exe => Keine Datei FirewallRules: [{49E7C456-E3B8-4878-B0E7-76DB3ECD4CF3}] => (Block) D:\Programme\Neuer Ordner\ARCHICAD.exe => Keine Datei FirewallRules: [{441A4EE9-45D4-4815-A29C-C91AB8303305}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\Rtldhcp.exe (Realtek) [Datei ist nicht signiert] FirewallRules: [{726D7D19-1755-4DE1-BCB8-C06D3BC8CB34}] => (Allow) LPort=53 FirewallRules: [{6120098B-5097-410C-8C00-8A7BF7676442}] => (Allow) LPort=53 FirewallRules: [{4C73448B-B40B-4705-8A30-DDD5EDE0CEC9}] => (Allow) LPort=68 FirewallRules: [{8B654C7F-3E38-4C77-B3C3-5ED26B6B6618}] => (Allow) LPort=67 FirewallRules: [{FD438F58-F35B-4212-BD80-1E5481A6D314}] => (Allow) LPort=53 FirewallRules: [{07869E25-0997-473C-9BDF-288F3F806744}] => (Allow) LPort=1542 FirewallRules: [{B4C70D86-4782-476C-8042-A4602C809393}] => (Allow) LPort=1542 FirewallRules: [{D19EFC04-8F56-4D8C-AB1C-78C82B4476DB}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Datei ist nicht signiert] FirewallRules: [{01F75DD0-663B-4CCB-964B-17FFC731DD41}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Datei ist nicht signiert] FirewallRules: [{8237B493-1476-431C-8BB4-D3A0C1EE25E4}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Anno 2205\Bin\Win64\Anno2205.exe (Blue Byte GmbH -> Ubisoft) FirewallRules: [TCP Query User{9B72727D-7C82-417E-9038-EEC44B59BB66}D:\programme\vectorworks 2019\vectorworks2019.exe] => (Allow) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei FirewallRules: [UDP Query User{7098CF80-605A-40E8-990C-2EF29526654B}D:\programme\vectorworks 2019\vectorworks2019.exe] => (Allow) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei FirewallRules: [{002ADA28-1AFB-4FE6-8D2F-B2C4D11EC154}] => (Block) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei FirewallRules: [{430963B0-6785-4E33-B505-AEA003F69110}] => (Block) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei FirewallRules: [{C52B6DB2-CB9D-4C35-BCFE-724A663F2BC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C12B714F-F4FA-47B1-BAD4-37B5750809AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{A6C06521-4B8C-43D4-A683-039264E3F4F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D51E99A1-038E-47CA-80E4-5D947C74516D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{4B36B334-4C93-4187-848A-627BF472264B}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS) FirewallRules: [{3ABF503F-36E6-4871-BE0E-D347FCBDA8FC}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{E9ADF80F-41DB-4FFA-8DED-B6F3513C395C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS) FirewallRules: [{A3440304-1B41-4CD8-9320-0EB65E7C518A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{425F93A0-29CC-4043-B79D-DA8FAC9A2DF5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9750C618-E4F1-4C0D-B1BF-823BB3AA8818}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{EB4FBE25-6225-4B0C-8BFF-0E9F388E648A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{5478A773-663A-4561-9220-E2BB9A1BCB88}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{19727FE3-6C85-4368-A4F5-94F08A5A2A8F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{378FBCA8-18BF-4895-A013-EB6C23D2892F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9337AD6E-BCE7-4FB9-A247-76B24077C449}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{8F0DD151-5DE5-4C7E-B701-F188790CF0DD}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{EA9A196D-8FBF-4C26-8471-9BD8E51D039B}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{062C35E5-C83F-4EE9-BE11-528782F1B3E3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{6B489A55-E4E2-4C87-8A6C-257445F9522F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D55BE7D3-02AA-40A4-8136-7BA599B05FF9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C4176973-9EF7-466A-A459-0E7B563EE1DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C56C1610-3824-4C82-AA3F-9982D33C95EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{A96C4156-561F-49EE-9415-577A3124EEB2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{0CEED22D-3EA0-4590-8AB4-89638B31C0BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{FF951C40-57E5-4CE6-ACB8-7252AB2D9E2E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B8B7E52D-8B49-49C7-B4D1-B3DA9AF8894F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5DD1E34F-46BA-469B-966C-05F37B4EA831}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0C1C697E-74ED-4B63-8228-06C409C8B683}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server ==================== Wiederherstellungspunkte ========================= 21-02-2022 21:04:17 Geplanter Prüfpunkt 23-02-2022 21:35:03 OpenOffice 4.1.11 wird installiert ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (02/23/2022 10:28:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Aac3572MbHal_x86.exe, Version: 1.2.3.1, Zeitstempel: 0x6142afdc Name des fehlerhaften Moduls: combase.dll, Version: 10.0.19041.1348, Zeitstempel: 0xf1a7c19a Ausnahmecode: 0xc0000005 Fehleroffset: 0x000d8ea9 ID des fehlerhaften Prozesses: 0x1ec4 Startzeit der fehlerhaften Anwendung: 0x01d828f573869c49 Pfad der fehlerhaften Anwendung: C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\combase.dll Berichtskennung: ff5a1198-a9ce-43a2-8024-e86c033ed1cd Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (02/23/2022 10:22:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: AsusFanControlService.exe, Version: 3.0.0.0, Zeitstempel: 0x610b8c15 Name des fehlerhaften Moduls: AsusFanControlService.exe, Version: 3.0.0.0, Zeitstempel: 0x610b8c15 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003ca97 ID des fehlerhaften Prozesses: 0x1248 Startzeit der fehlerhaften Anwendung: 0x01d828f57091b39b Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe Berichtskennung: e3c8dfe0-71a0-4ac4-b27f-3ab2ce068410 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (02/23/2022 09:56:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: InDesign.exe, Version: 17.1.0.50, Zeitstempel: 0x61e0fb5b Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.1466, Zeitstempel: 0xe2f8ca76 Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000ff199 ID des fehlerhaften Prozesses: 0x5e0c Startzeit der fehlerhaften Anwendung: 0x01d828f693003973 Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe InDesign 2022\InDesign.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll Berichtskennung: 2da307a4-8c3c-46a2-9a01-83fb5ec090bb Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (02/23/2022 09:38:56 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (02/23/2022 09:38:56 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (02/23/2022 09:38:56 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (02/23/2022 09:38:56 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (02/23/2022 09:34:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Vectorworks2021.exe, Version: 26.0.4.0, Zeitstempel: 0x60ccaf7d Name des fehlerhaften Moduls: libcef.dll, Version: 84.2.6.0, Zeitstempel: 0x5f08e1b8 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000000002be2b49 ID des fehlerhaften Prozesses: 0x2550 Startzeit der fehlerhaften Anwendung: 0x01d828f1bd8f79e2 Pfad der fehlerhaften Anwendung: C:\Program Files\Vectorworks 2021\Vectorworks2021.exe Pfad des fehlerhaften Moduls: C:\Program Files\Vectorworks 2021\ChromiumEF_dlls\libcef.dll Berichtskennung: a0fa5158-ce98-4fa9-96f2-79f1e69055a2 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Systemfehler: ============= Error: (02/23/2022 11:15:31 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT) Description: Fehler "1053" in DCOM, als der Dienst "asComSvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden: {BC50CF2A-E12C-4F18-90CE-714CC8600CEE} Error: (02/23/2022 11:15:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ASUS Com Service erreicht. Error: (02/23/2022 11:15:16 PM) (Source: Netwtw10) (EventID: 5010) (User: ) Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben. 5010 - Driver DBG_ASSERT - instead of BSOD Error: (02/23/2022 11:15:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AsusFanControlService" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (02/23/2022 11:15:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AsusFanControlService erreicht. Error: (02/23/2022 11:15:01 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT) Description: Fehler "1053" in DCOM, als der Dienst "asComSvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden: {BC50CF2A-E12C-4F18-90CE-714CC8600CEE} Error: (02/23/2022 11:15:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ASUS Com Service erreicht. Error: (02/23/2022 11:14:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AsusFanControlService" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. CodeIntegrity: =============== Date: 2022-02-23 22:18:05 Description: Code Integrity determined that a process (\Device\HarddiskVolume12\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume12\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2022-02-23 21:39:49 Description: Code Integrity determined that a process (\Device\HarddiskVolume12\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume12\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 2423 08/09/2021 Hauptplatine: ASUSTeK COMPUTER INC. PRIME B550M-A (WI-FI) Prozessor: AMD Ryzen 5 5600X 6-Core Processor Prozentuale Nutzung des RAM: 45% Installierter physikalischer RAM: 16299.37 MB Verfügbarer physikalischer RAM: 8871.73 MB Summe virtueller Speicher: 22699.37 MB Verfügbarer virtueller Speicher: 13307.55 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:231.81 GB) (Free:73.62 GB) NTFS Drive d: () (Fixed) (Total:931.38 GB) (Free:375.56 GB) NTFS Drive e: () (Fixed) (Total:931.38 GB) (Free:422.82 GB) NTFS Drive f: (Windows) (Fixed) (Total:464.77 GB) (Free:434.72 GB) NTFS \\?\Volume{a7af9eac-cc55-49a5-8600-c6ef4ff82100}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS \\?\Volume{8193e75b-3416-472e-bb8f-91ef883aa56b}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS \\?\Volume{defb8d1e-f58b-4ebc-b967-f5ed9b1398ae}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS \\?\Volume{56134543-78f4-4721-b382-d2543fec4cae}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 \\?\Volume{806931e6-103b-4540-9c29-7bbe4d6caaf4}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 3 (Size: 465.8 GB) (Disk ID: D17FEDD6) Partition: GPT. ==================== Ende von Addition.txt ======================= |
24.02.2022, 08:36 | #5 |
/// Winkelfunktion /// TB-Süch-Tiger™ | OpenOffice Dilemma Da ist ja noch Kaspersky drauf. Das bitte komplett deinstalliere. Auch OpenOffice und den ganzen unnötigen Schrottkrempel von ASUS.
__________________ Logfiles bitte immer in CODE-Tags posten |
24.02.2022, 09:32 | #6 |
| OpenOffice Dilemma Von Asus kann ich alles bezüglich Aura deinstallieren wo „hidden“ dahinter steht nehme ich an? Kaspersky generell Schrott (und quasi Geld umsonst ausgegeben) oder kann ich’s nach den Maßnahmen hier wieder installieren? Danach wieder den FRST Log Posten? |
24.02.2022, 09:35 | #7 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | OpenOffice Dilemma Von Kaspersky und anderem Geraffel wie Avira oder GDATA wird grundsätzlich abgeraten. Warum hast du vorher hier nicht gefragt? Das Geld hättest dir sparen oder in Backupmittel investieren können, das wäre da wesentlich sinnvoller gewesen. Der in Windows eingebaute Defender ist genauso gut oder schlecht was Erkennungen angeht. Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
24.02.2022, 14:31 | #8 | ||
/// TB-Ausbilder | OpenOffice DilemmaZitat:
Nur ist OpenOffice ja nicht deine einzige schlechte Downloadquelle... Chip.de ist genau so schlecht: Zitat:
Downloadquellen Die folgenden Seiten verteilen Software häufig mit einem sog. "Installer", mit dem Potentiell Unerwünschte Programme (PUP) oder Adware installiert werden können. Vereinzelt beinhalten diese "Installer" sogar Trojaner. Vermeide daher unbedingt die folgenden Seiten:
Für Windows gibt es seit einiger Zeit einen brauchbaren Paketmanager, der mit einfachen Befehlen es erlaubt, automatisiert Software herunterzuladen und zu installieren. Das erspart eine Menge Arbeit, denn ohne einen Paketmanager muss man jedes Programm selbst prüfen und separat manuell updaten, vorher manuell noch runterladen etc. pp. - siehe auch --> chocolatey Paketmanager für Windows Wir empfehlen dringend, alle Programme, sofern verfügbar, über chocolatey zu installieren. Falls du schon mit Linux zu tun hattest, wird dir die Syntax sehr vertraut sein. Die FAQs zu choco findest du da --> Chocolatey: Häufig gestellte Fragen (englisch) Selbstverständlich darfst du auch Fragen zu chocolatey im o.g. Thread zu chocolatey stellen. Für den seltenen Fall, dass du das benötigte Programm nicht im repository von chocolatey findest: Lade diese Software immer direkt beim jeweiligen Hersteller / Entwickler. |
24.02.2022, 20:43 | #9 |
| OpenOffice Dilemma Danke für die ganzen Anregungen und die Hilfe. nun also die aktuellen Logs: Malwarebytes premium testversion: Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 24.02.22 Scan-Zeit: 20:26 Protokolldatei: a5fa1ace-95a7-11ec-9c06-f02f74f2b40b.json -Softwaredaten- Version: 4.5.4.168 Komponentenversion: 1.0.1599 Version des Aktualisierungspakets: 1.0.51611 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 10 (Build 19043.1526) CPU: x64 Dateisystem: NTFS Benutzer: DESKTOP-LJVJBQ2\Caro -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 328361 Erkannte Bedrohungen: 0 In die Quarantäne verschobene Bedrohungen: 0 Abgelaufene Zeit: 1 Min., 28 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2022 durchgeführt von Caro (Administrator) auf DESKTOP-LJVJBQ2 (ASUS System Product Name) (24-02-2022 20:30:47) Gestartet von C:\Users\Caro\Desktop Geladene Profile: Caro Plattform: Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Edge Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe (C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2> (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe (C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ->) (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\142.4.4197\QtWebEngineProcess.exe <2> (C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2> (C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2> (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe (C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10> (explorer.exe ->) (Mattermost, Inc. -> Mattermost, Inc.) C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\Mattermost.exe <4> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.56\msedgewebview2.exe <6> (explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4> (svchost.exe ->) (ASUSTeK Computer Inc. -> TODO: <Company name>) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2014-07-30] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5819104 2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> ) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10585376 2022-02-13] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2022-02-01] (Adobe Inc. -> Adobe Inc.) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Spotify] => C:\Users\Caro\AppData\Roaming\Spotify\Spotify.exe [18750392 2021-11-23] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5407968 2021-12-24] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [190280 2022-01-24] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33650656 2022-02-17] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [Mattermost] => C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\Mattermost.exe [100306760 2020-04-22] (Mattermost, Inc. -> Mattermost, Inc.) HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [OfficeSyncProcess] => "D:\Programme\Microsoft Office\Office14\MSOSYNC.EXE" (Keine Datei) HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Run: [MicrosoftEdgeAutoLaunch_288402229142217F72A4B195D34AE808] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc) HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX490 series: C:\Windows\system32\CNCALCK.DLL [303104 2014-09-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\Windows\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2014-08-06] (CANON INC.) [Datei ist nicht signiert] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-17] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2019-11-12] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk [2017-10-15] ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2018-02-02] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () [Datei ist nicht signiert] ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0589798C-1928-4775-B81C-9F3C174F97A8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) Task: {0A17C0F3-E75A-4279-85F5-39D1A642D062} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {0B75F6FC-BA0A-4442-AAFC-80904088208C} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Keine Datei) Task: {0D7D92FD-89B5-4A6F-97CA-C27C675D5A0E} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2179960 2021-09-16] (ASUSTeK Computer Inc. -> ASUS) Task: {0E7F8CEE-7F8E-4B33-B8F5-97C28CFC7985} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) Task: {11C26323-FE36-4B6A-A118-91147930FA0B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software) Task: {11CC8186-FF3E-4166-B1FF-3978F616F350} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {1BBC9956-5889-4623-B9DF-5AFA10B24437} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [44588888 2021-08-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {20832FEB-2B37-47BD-9F0D-36D05208231E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d7bf56fc559d67 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {2615AA9E-E5DA-4842-BCEF-C66CFAD9BBA5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei) Task: {27B692D4-01EC-4E84-BCC2-7FF381328EF5} - System32\Tasks\ASUS\TriggerCheckLMVersion => C:\Program [Argument = Files (x86)\ASUS\ROG Live Service\CheckLMstatus.exe] Task: {2AE891F5-8A6E-46BC-BF87-5D90C07FE15A} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [104600 2021-09-16] (ASUSTeK Computer Inc. -> ASUS) Task: {600609C8-44B9-47EA-A077-643135EF9597} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {631C211E-FAD0-4B72-A30D-FCC78E63056E} - System32\Tasks\ASUS\ArmouryAIOFanServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe [764152 2021-06-10] (ASUSTeK Computer Inc. -> TODO: <Company name>) Task: {6F177B8C-949B-48E5-953A-5A527A0DC4A1} - System32\Tasks\GreatDealzUpdater => C:\ProgramData\greatdealzupdater\tUpdater.exe (Keine Datei) Task: {8F153D68-C127-4A85-B1CA-C7B3031363FE} - System32\Tasks\ASUS\NoiseCancelingEngine.exe => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1241448 2021-06-22] (ASUSTeK Computer Inc. -> ASUS) Task: {96CB12A3-6C31-49FB-AF2D-DF675694621E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {BBB5DED1-4B7E-4630-BBF8-C718E9120294} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.56\Installer\setup.exe [3196848 2022-02-19] (Microsoft Corporation -> Microsoft Corporation) Task: {BFDCEA5B-6C4E-457B-BC0E-5668BC541487} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {C53B9548-D807-4E37-BA7B-CF01CB65B080} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-03] (Google Inc -> Google Inc.) Task: {D7C4304A-2233-4EAC-B47A-2A1325C5D8BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-03] (Google Inc -> Google Inc.) Task: {DE2ADAB3-4FCE-4A0E-B8EB-AA5821BF0685} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei) Task: {FB40AEE8-C168-4F2B-A9BD-C25B0EF5BDC5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GreatDealzUpdater.job => C:\ProgramData\greatdealzupdater\tUpdater.exe Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{0e9ed192-41f8-494d-9b56-0cb39d641b94}: [DhcpNameServer] 192.168.142.254 Tcpip\..\Interfaces\{1e92237a-aaab-41d6-bfa3-fee8253df165}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{6e92aef6-5e01-4a47-8881-f79c587294f5}: [DhcpNameServer] 192.168.74.1 Tcpip\..\Interfaces\{727a03b2-91bc-49fc-896e-08a5b80af7cb}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{c279de3b-b889-41c7-941c-4c582d3eb6e7}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{e36f689a-bdf6-4d7b-82e1-565889d07cb3}: [DhcpNameServer] 192.168.178.1 Edge: ======= Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden] Edge DefaultProfile: Default Edge Profile: C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-24] Edge DownloadDir: Default -> C:\Users\Caro\Desktop Edge Notifications: Default -> hxxps://www.youtube.com Edge StartupUrls: Default -> "hxxps://fba.h-da.de/aktuelles/" Edge Extension: (Proxy SwitchySharp) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2021-12-12] Edge Extension: (Avast Online Security & Privacy) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2021-12-21] Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Caro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-01-14] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-02-01] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-02-01] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default [2022-02-24] CHR DownloadDir: C:\Users\Caro\Desktop CHR Notifications: Default -> hxxps://sxce.info; hxxps://web.whatsapp.com; hxxps://www.autodoc.de; hxxps://www.autoscout24.de; hxxps://www.computerbild.de; hxxps://www.frag-mutti.de; hxxps://www.giga.de; hxxps://www.lieferando.de; hxxps://www.pcwelt.de; hxxps://www.pinterest.de; hxxps://www.prosieben.de; hxxps://www.youtube.com CHR StartupUrls: Default -> "hxxps://fba.h-da.de/aktuelles/" CHR Extension: (Präsentationen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15] CHR Extension: (Just Black) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-01] CHR Extension: (Docs) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15] CHR Extension: (Google Drive) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24] CHR Extension: (YouTube) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-03] CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-14] CHR Extension: (Proxy SwitchySharp) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2021-07-05] CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-24] CHR Extension: (Tabellen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15] CHR Extension: (Google Docs Offline) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-17] CHR Extension: (Avast Online Security & Privacy) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-12-21] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Google Mail) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2022-02-01] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe [456008 2021-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2021-08-20] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe [2201416 2021-08-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [842128 2022-02-24] (ASUSTeK Computer Inc. -> ) S4 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9760664 2018-12-19] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-02-13] (Dropbox, Inc -> Dropbox, Inc.) S4 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel(R) Online Connect -> Intel Corporation) S4 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel(R) Online Connect -> Intel Corporation) S4 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation) S4 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation) S4 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation) S4 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354008 2019-02-08] (Kaspersky Lab -> AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7997112 2022-02-24] (Malwarebytes Inc -> Malwarebytes) S4 RealtekCU; C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [Datei ist nicht signiert] S4 RunSwUSB; C:\Windows\runSW.exe [36864 2012-09-20] () [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13036464 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-15] (Microsoft Windows Publisher -> Microsoft Corporation) S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [X] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> ) R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43160 2021-08-20] (ASUSTeK Computer Inc. -> ) R3 cpuz152; C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [35840 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-02-24] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194480 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-02-24] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156792 2022-02-24] (Malwarebytes Inc -> Malwarebytes) R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel(R) Technology Access -> Intel Corporation) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) S3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-15] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-15] (Microsoft Windows -> Microsoft Corporation) R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [118200 2016-12-20] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2022-02-24 20:30 - 2022-02-24 20:31 - 000034488 _____ C:\Users\Caro\Desktop\FRST.txt 2022-02-24 20:30 - 2022-02-24 20:30 - 000000000 ____D C:\Users\Caro\Desktop\FRST-OlderVersion 2022-02-24 20:29 - 2022-02-24 20:29 - 000001424 _____ C:\Users\Caro\Desktop\mwb.txt 2022-02-24 20:26 - 2022-02-24 20:26 - 000194480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2022-02-24 20:26 - 2022-02-24 20:26 - 000156792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2022-02-24 20:26 - 2022-02-24 20:26 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2022-02-24 20:25 - 2022-02-24 20:25 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-02-24 20:25 - 2022-02-24 20:25 - 000221096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-02-24 20:25 - 2022-02-24 20:25 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-02-24 20:25 - 2022-02-24 20:25 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-02-24 20:25 - 2022-02-24 20:25 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-02-24 20:25 - 2022-02-24 20:25 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-02-24 20:25 - 2022-02-24 20:25 - 000000000 ____D C:\Users\Caro\AppData\Local\mbam 2022-02-24 20:25 - 2022-02-24 20:25 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-02-24 20:25 - 2022-02-24 20:25 - 000000000 ____D C:\Program Files\Malwarebytes 2022-02-24 20:24 - 2022-02-24 20:24 - 002419896 _____ (Malwarebytes) C:\Users\Caro\Desktop\MBSetup.exe 2022-02-24 09:28 - 2022-02-24 09:28 - 000000000 ___HD C:\VW_2022_uninst 2022-02-24 09:17 - 2022-02-24 09:17 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk 2022-02-23 23:15 - 2022-02-24 20:30 - 002312192 _____ (Farbar) C:\Users\Caro\Desktop\FRST64.exe 2022-02-23 23:15 - 2022-02-24 20:30 - 000000000 ____D C:\FRST 2022-02-23 22:21 - 2022-02-23 22:22 - 000000000 ____D C:\AdwCleaner 2022-02-23 21:35 - 2022-02-23 21:35 - 000000000 ____D C:\Users\Caro\AppData\Roaming\OpenOffice 2022-02-23 21:23 - 2022-02-24 19:43 - 189051836 _____ C:\Users\Caro\Desktop\220215_Griesheim Entwurf_caro.vwxw 2022-02-17 11:52 - 2022-02-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2022-02-16 11:31 - 2022-02-16 11:31 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk 2022-02-16 11:28 - 2022-02-16 11:28 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk 2022-02-16 11:23 - 2022-02-16 11:23 - 000000000 ____D C:\Users\Caro\AppData\Roaming\NVIDIA 2022-02-14 13:35 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\system32\lxss 2022-02-14 13:35 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2022-02-14 13:34 - 2022-01-28 20:19 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2022-02-14 13:34 - 2022-01-28 20:19 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe 2022-02-14 13:34 - 2022-01-28 20:19 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-02-14 13:34 - 2022-01-28 20:19 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2022-02-14 13:34 - 2022-01-28 20:19 - 001466000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2022-02-14 13:34 - 2022-01-28 20:19 - 001432312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2022-02-14 13:34 - 2022-01-28 20:19 - 001432312 _____ C:\WINDOWS\system32\vulkan-1.dll 2022-02-14 13:34 - 2022-01-28 20:19 - 001207440 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2022-02-14 13:34 - 2022-01-28 20:19 - 001144552 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2022-02-14 13:34 - 2022-01-28 20:19 - 001144552 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2022-02-14 13:34 - 2022-01-28 20:16 - 001528448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2022-02-14 13:34 - 2022-01-28 20:16 - 001179584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2022-02-14 13:34 - 2022-01-28 20:16 - 000795264 _____ C:\WINDOWS\system32\nvofapi64.dll 2022-02-14 13:34 - 2022-01-28 20:16 - 000714880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2022-02-14 13:34 - 2022-01-28 20:16 - 000638912 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2022-02-14 13:34 - 2022-01-28 20:15 - 008610432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2022-02-14 13:34 - 2022-01-28 20:15 - 002121360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2022-02-14 13:34 - 2022-01-28 20:15 - 001602704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2022-02-14 13:34 - 2022-01-28 20:15 - 000985024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2022-02-14 13:34 - 2022-01-28 20:15 - 000794552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2022-02-14 13:34 - 2022-01-28 20:15 - 000710800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2022-02-14 13:34 - 2022-01-28 20:15 - 000455808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2022-02-14 13:34 - 2022-01-28 20:14 - 007715256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2022-02-14 13:34 - 2022-01-28 20:14 - 005726336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2022-02-14 13:34 - 2022-01-28 20:14 - 005098112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2022-02-14 13:34 - 2022-01-28 20:14 - 002932864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2022-02-14 13:34 - 2022-01-28 20:13 - 000850872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2022-02-14 13:34 - 2022-01-28 20:11 - 006459952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2022-02-14 13:34 - 2022-01-28 12:28 - 000089185 _____ C:\WINDOWS\system32\nvinfo.pb 2022-02-14 13:34 - 2022-01-28 12:28 - 000040920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll 2022-02-14 13:33 - 2022-02-14 13:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2022-02-14 13:32 - 2022-01-28 20:11 - 007612320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2022-02-14 10:06 - 2022-01-07 13:36 - 004955248 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys 2022-02-14 10:06 - 2022-01-07 13:36 - 001622088 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll 2022-02-14 10:06 - 2022-01-07 13:05 - 045101144 _____ C:\WINDOWS\system32\Drivers\Netwfw10.dat 2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2022-02-13 06:44 - 2022-02-13 06:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2022-02-13 06:44 - 2022-02-13 06:44 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2022-02-09 13:11 - 2022-02-09 13:11 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-02-09 13:08 - 2022-02-09 13:08 - 000000000 ___HD C:\$WinREAgent 2022-02-08 22:41 - 2022-02-08 22:41 - 000000000 ____D C:\Users\Caro\AppData\Roaming\com.adobe.dunamis 2022-02-01 19:57 - 2022-02-01 19:57 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2022.lnk 2022-02-01 15:05 - 2022-02-01 15:05 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2022-02-01 10:25 - 2022-02-01 10:25 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-02-01 10:24 - 2022-02-01 10:24 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-02-01 10:24 - 2022-02-01 10:24 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2022-02-01 10:24 - 2022-02-01 10:24 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2022-02-24 20:28 - 2020-08-31 17:26 - 001632230 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-02-24 20:28 - 2019-12-07 15:50 - 000705894 _____ C:\WINDOWS\system32\perfh007.dat 2022-02-24 20:28 - 2019-12-07 15:50 - 000142188 _____ C:\WINDOWS\system32\perfc007.dat 2022-02-24 20:28 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-02-24 20:25 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-02-24 20:25 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-02-24 20:25 - 2017-03-03 17:08 - 000000000 ____D C:\Program Files (x86)\Google 2022-02-24 20:23 - 2021-10-12 11:47 - 000880672 _____ C:\WINDOWS\system32\wpbbin.exe 2022-02-24 20:23 - 2021-10-12 11:47 - 000842128 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe 2022-02-24 20:23 - 2020-11-02 12:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-02-24 20:23 - 2020-09-01 09:12 - 000000000 ____D C:\Users\Caro\AppData\Local\Dropbox 2022-02-24 20:23 - 2020-08-31 17:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-02-24 20:23 - 2020-08-31 17:17 - 000008192 ___SH C:\DumpStack.log.tmp 2022-02-24 20:23 - 2020-04-27 16:55 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Mattermost 2022-02-24 20:23 - 2019-10-07 20:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-02-24 20:23 - 2018-11-23 23:29 - 000000000 ___RD C:\Users\Caro\Creative Cloud Files 2022-02-24 20:23 - 2017-02-24 16:05 - 000000000 ____D C:\ProgramData\NVIDIA 2022-02-24 20:22 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2022-02-24 20:14 - 2019-04-12 17:18 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2022-02-24 20:14 - 2019-04-12 17:18 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2022-02-24 20:12 - 2021-10-12 11:56 - 000000000 ____D C:\Program Files (x86)\LightingService 2022-02-24 20:12 - 2021-10-12 11:55 - 000000000 ____D C:\Program Files\ASUS 2022-02-24 20:12 - 2021-10-12 11:49 - 000000000 ____D C:\Program Files (x86)\ASUS 2022-02-24 20:12 - 2017-02-24 16:00 - 000000000 ____D C:\ProgramData\Package Cache 2022-02-24 20:11 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-02-24 20:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-02-24 20:11 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\Packages 2022-02-24 20:09 - 2020-08-31 17:17 - 001056824 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-02-24 20:08 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-02-24 20:08 - 2019-04-12 17:19 - 000000000 ____D C:\Program Files\Common Files\AV 2022-02-24 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-02-24 20:06 - 2017-04-02 13:07 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-02-24 20:05 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2022-02-24 20:05 - 2017-02-24 16:08 - 000000000 ____D C:\Program Files\Microsoft Office 2022-02-24 20:05 - 2016-07-16 12:47 - 000000076 _____ C:\WINDOWS\win.ini 2022-02-24 19:43 - 2018-03-13 21:50 - 000000000 ____D C:\Users\Caro\Documents\VW Backup 2022-02-24 19:23 - 2020-08-31 17:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-02-24 10:01 - 2021-08-02 11:34 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Enscape 2022-02-24 09:17 - 2020-08-29 18:19 - 000000000 ___HD C:\adobeTemp 2022-02-23 16:42 - 2021-10-24 18:32 - 000000000 ____D C:\Users\Caro\AppData\Roaming\discord 2022-02-23 16:28 - 2021-10-24 18:32 - 000000000 ____D C:\Users\Caro\AppData\Local\Discord 2022-02-23 10:19 - 2018-11-23 22:51 - 000000000 ____D C:\Users\Caro\AppData\Local\D3DSCache 2022-02-21 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-02-20 13:55 - 2020-09-01 09:16 - 000000000 ___RD C:\Users\Caro\Dropbox 2022-02-19 10:52 - 2021-11-22 09:05 - 000004782 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask 2022-02-19 10:52 - 2020-07-01 17:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-02-18 11:27 - 2021-02-12 14:07 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-02-17 11:52 - 2020-09-01 09:12 - 000000000 ____D C:\Program Files (x86)\Dropbox 2022-02-17 11:51 - 2017-03-03 17:09 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-02-16 11:31 - 2018-11-23 23:30 - 000000000 ____D C:\Program Files\Adobe 2022-02-16 11:26 - 2018-07-04 18:39 - 000000000 ____D C:\Program Files\Common Files\Adobe 2022-02-16 11:26 - 2017-03-04 17:22 - 000000000 ____D C:\ProgramData\Adobe 2022-02-16 11:19 - 2021-12-11 16:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3671133233-2531484000-2582408703-1002 2022-02-16 11:19 - 2020-08-31 17:24 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3671133233-2531484000-2582408703-1002 2022-02-16 11:19 - 2020-08-31 17:17 - 000002396 _____ C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-02-14 13:40 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\NVIDIA 2022-02-14 13:35 - 2017-02-24 16:05 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2022-02-14 13:34 - 2017-02-24 16:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2022-02-14 13:31 - 2017-02-24 16:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2022-02-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-02-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-02-09 15:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2022-02-09 13:13 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-02-09 13:07 - 2018-11-23 20:32 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-02-09 13:06 - 2018-11-23 20:32 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-02-02 11:00 - 2018-11-27 19:45 - 000000000 ____D C:\Users\Caro\AppData\Local\PlaceholderTileLogoFolder 2022-02-02 10:57 - 2017-06-19 12:08 - 000000000 ____D C:\Users\Caro\AppData\Roaming\Spotify 2022-02-02 10:41 - 2017-06-19 12:10 - 000000000 ____D C:\Users\Caro\AppData\Local\Spotify 2022-02-01 21:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-02-01 20:30 - 2017-03-03 17:46 - 000000000 ____D C:\Users\Caro\AppData\Roaming\MAXON 2022-02-01 20:29 - 2019-11-20 16:21 - 000000000 ____D C:\Users\Caro\AppData\Roaming\vectorworks-installer 2022-02-01 15:05 - 2017-03-10 20:02 - 000000000 ____D C:\Program Files (x86)\Adobe 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-02-01 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-02-01 10:24 - 2020-08-31 17:22 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-02-01 10:16 - 2018-11-23 22:54 - 000000000 ____D C:\ProgramData\Packages 2022-02-01 10:15 - 2017-03-02 15:54 - 000000000 ____D C:\Users\Caro\AppData\Local\NVIDIA Corporation 2022-01-28 12:28 - 2021-01-06 15:39 - 000127968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2022-01-26 12:33 - 2020-08-31 17:24 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-01-26 12:33 - 2020-08-31 17:24 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2021-02-09 20:03 - 2021-11-04 20:48 - 000001456 _____ () C:\Users\Caro\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2018-11-23 23:26 - 2021-10-12 11:53 - 000000615 _____ () C:\Users\Caro\AppData\Local\oobelibMkey.log 2018-10-23 16:23 - 2020-11-23 12:11 - 000007602 _____ () C:\Users\Caro\AppData\Local\Resmon.ResmonCfg 2018-02-03 14:08 - 2019-01-15 16:12 - 000000287 _____ () C:\Users\Caro\AppData\Local\VersionChecker_23.xml ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-02-2022 durchgeführt von Caro (24-02-2022 20:31:25) Gestartet von C:\Users\Caro\Desktop Microsoft Windows 10 Home Version 21H1 19043.1526 (X64) (2020-08-31 16:24:27) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-3671133233-2531484000-2582408703-500 - Administrator - Disabled) Caro (S-1-5-21-3671133233-2531484000-2582408703-1002 - Administrator - Enabled) => C:\Users\Caro DefaultAccount (S-1-5-21-3671133233-2531484000-2582408703-503 - Limited - Disabled) defaultuser0 (S-1-5-21-3671133233-2531484000-2582408703-1001 - Limited - Disabled) => C:\Users\defaultuser0 Gast (S-1-5-21-3671133233-2531484000-2582408703-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3671133233-2531484000-2582408703-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.5.58 - Adobe Inc.) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.) Adobe Illustrator 2022 (HKLM-x32\...\ILST_26_0_3) (Version: 26.0.3 - Adobe Inc.) Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_3) (Version: 16.3 - Adobe Inc.) Adobe InDesign 2022 (HKLM-x32\...\IDSN_17_1) (Version: 17.1 - Adobe Inc.) Adobe Lightroom (HKLM-x32\...\LRCC_5_2) (Version: 5.2 - Adobe Inc.) Adobe Lightroom Classic (HKLM-x32\...\LTRM_11_2) (Version: 11.2 - Adobe Inc.) Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2_1) (Version: 23.2.1.303 - Adobe Inc.) AirDroid 3.7.0.0 (HKLM-x32\...\AirDroid) (Version: 3.7.0.0 - Sand Studio) ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.36.0 - ASUSTek COMPUTER INC.) Hidden ASUS AIOFan HAL (HKLM-x32\...\{37daa872-b179-48ca-a185-be987f7c63cf}) (Version: 1.1.36.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.11 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM-x32\...\{9c72488b-eb92-40bd-94a3-de309514c154}) (Version: 1.1.0.11 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.2.3.1 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM-x32\...\{c347309a-a19c-44af-9d6c-5c60ba1ba83b}) (Version: 1.2.3.1 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden ASUS Framework Service (HKLM-x32\...\{8bf47d14-406b-49e8-8759-966757033aa0}) (Version: 2.1.1.3 - ASUSTek COMPUTER INC.) ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.1.3 - ASUSTek COMPUTER INC.) Hidden ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 2.00.13 - ASUSTek Computer Inc.) ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.67 - ASUSTeK Computer Inc.) Hidden AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.14 - ASUS) Hidden AURA DRAM Component (HKLM-x32\...\{c6391bdc-929f-4a9f-98cd-9a3038379379}) (Version: 1.1.14 - ASUS) Hidden Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.) Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.) CodeMeter Runtime Kit v6.80 (HKLM\...\{8F3C9680-6728-4AD2-992D-9615C0DA06C0}) (Version: 6.80.3312.500 - WIBU-SYSTEMS AG) DIAL Communication Framework (HKLM-x32\...\{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}) (Version: 1.3.2.258 - DIAL GmbH) DIAL Data Dispatcher (HKLM-x32\...\DIAL Data Dispatcher1.0) (Version: 2.0.24.0 - DIAL GmbH) Discord (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Discord) (Version: 1.0.9003 - Discord Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 142.4.4197 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.37.0 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{413fe4b8-1352-4234-a775-ff2f04ad9042}) (Version: 1.1.37.0 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.1 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{bf1d7028-d935-477f-b5b2-053062f9b527}) (Version: 1.0.9.1 - ENE TECHNOLOGY INC.) Hidden Enscape (HKLM\...\{88C5A62D-AE1F-4033-9300-1D72FF1F82B1}) (Version: 3.1.0.51316 - Enscape GmbH) Epic Games Launcher (HKLM-x32\...\{422FC196-EA1D-448E-A505-BC7DFC21C880}) (Version: 1.1.236.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.102 - Google LLC) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation) Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden Kingston AURA DRAM Component (HKLM-x32\...\{26b750af-32e4-4afb-aed3-d4c571b122ad}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes version 4.5.4.168 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.4.168 - Malwarebytes) Mattermost 4.4.1 (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\0cc73166-b7d0-592b-8d95-6cbe304083a6) (Version: 4.4.1 - Mattermost, Inc.) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.56 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.56 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\OneDriveSetup.exe) (Version: 22.012.0117.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29910 (HKLM-x32\...\{53f1dc9d-ed94-4650-a079-129785ce7905}) (Version: 14.28.29910.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) MTpro64 5.0 (HKLM\...\MTpro64) (Version: 5.0.2.2 - Bosch Rexroth AG) NVIDIA Grafiktreiber 511.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.65 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.2 - Patriot Memory) Hidden Patriot Viper DRAM RGB (HKLM-x32\...\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: 1.0.9.2 - Patriot Memory) Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.4 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{3c403389-0bc5-4298-bebf-09de0c0b745d}) (Version: 1.0.6.4 - Patriot Memory) PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.) Sitecom WiFi USB adapter N300 Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0201 - Sitecom Europe BV) Spotify (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\Spotify) (Version: 1.1.72.439.gc253025e - Spotify AB) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.26.4 - TeamViewer) TP-LINK Archer T2U_T2UH Driver (HKLM-x32\...\{95EF5DBB-C2DA-48AF-93B4-533333227486}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.2 - PD) Hidden Universal Holtek RGB DRAM (HKLM-x32\...\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: 1.0.0.2 - PD) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden UXP WebView Support (HKLM-x32\...\UXPW_1_0_0) (Version: 1.0.0 - Adobe Inc.) Vectorworks 2021 (HKLM\...\Vectorworks 2021 26.0.3) (Version: 26.0.3 - Vectorworks, Inc.) WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK AN1500 (HKLM-x32\...\{589d5178-7c46-4052-8509-a0685184d622}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.40 of 2016-Dec-22 (Build 2402) (Setup) - WIBU-SYSTEMS AG) Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22866 - Microsoft Corporation) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) Windows-PC-Integritätsprüfung (HKLM\...\{68C9C2A4-C212-4310-AB68-12F97050A416}) (Version: 3.2.2110.14001 - Microsoft Corporation) Zoom (HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.) Packages: ========= Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-09-13] (Adobe Systems Incorporated) Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-09-13] (Adobe Systems Incorporated) Architectural Structures PREMIUM -> C:\Program Files\WindowsApps\Microsoft.ArchitecturalStructuresPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) Autumn Colors -> C:\Program Files\WindowsApps\Microsoft.AutumnColors_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) Autumn in Sweden -> C:\Program Files\WindowsApps\Microsoft.AutumninSweden_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-12-13] (Canon Inc.) DVD player - TrueDVD Streamer support VLC and youtube -> C:\Program Files\WindowsApps\46109SoftwareDevlope.DVDplayer-TrueDVDStreamersupp_1.1.5.0_x64__ygjcrtpe42fe2 [2021-10-27] (SoftwareDevlope) Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-29] (HP Inc.) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-11-06] (Apple Inc.) [Startup Task] Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-11] (Microsoft Studios) [MS Ad] Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10201.5809.0_x64__8wekyb3d8bbwe [2022-02-03] (Microsoft Corporation) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-14] (NVIDIA Corp.) Otters -> C:\Program Files\WindowsApps\Microsoft.Otters_1.0.0.0_neutral__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation) Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.30181.0_x64__8wekyb3d8bbwe [2022-02-05] (Microsoft Corporation) VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-09-13] (VideoLAN) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-5370604078F8} -> [Creative Cloud Files] => C:\Users\Caro\Creative Cloud Files [2018-11-23 23:29] CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Caro\Dropbox [2020-09-01 09:16] CustomCLSID: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-24] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_31a2adf8c49e7799\nvshext.dll [2022-01-28] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-02-24] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2021-08-18 13:27 - 2021-08-18 13:27 - 000477696 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node 2021-08-18 13:27 - 2021-08-18 13:27 - 000471040 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node 2021-08-18 13:27 - 2021-08-18 13:27 - 000454656 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node 2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu 2021-10-12 11:56 - 2021-02-18 11:07 - 000085504 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\zlib1.dll 2021-10-12 11:56 - 2021-08-25 16:50 - 001149952 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AiSuiteSDK\DIP4FanCalibration.dll 2021-10-12 11:56 - 2021-08-25 16:54 - 001542144 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AiSuiteSDK\swInterface.dll 2021-10-12 11:55 - 2019-12-23 17:51 - 000093184 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll 2021-08-18 13:27 - 2021-08-18 13:27 - 000081920 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll 2020-04-27 16:55 - 2020-04-22 11:21 - 002123264 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\ffmpeg.dll 2020-04-27 16:55 - 2020-04-22 11:21 - 000131072 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\libegl.dll 2020-04-27 16:55 - 2020-04-22 11:21 - 006792704 _____ () [Datei ist nicht signiert] C:\Users\Caro\AppData\Local\Programs\mattermost-desktop\libglesv2.dll 2021-09-09 06:16 - 2021-09-09 06:16 - 000022016 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu 2017-04-02 17:58 - 2014-08-06 12:25 - 000375296 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNMN6PPM.DLL 2021-10-12 11:56 - 2021-02-18 11:07 - 000287232 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcurl.dll 2021-10-12 11:56 - 2021-02-18 11:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcrypto-1_1-x64.dll 2021-10-12 11:56 - 2021-02-18 11:07 - 002281984 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\LIBEAY32.dll 2021-10-12 11:56 - 2021-02-18 11:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libssl-1_1-x64.dll 2021-10-12 11:56 - 2021-02-18 11:07 - 000361472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\SSLEAY32.dll 2021-10-12 11:55 - 2019-06-26 15:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll 2021-10-12 11:55 - 2019-06-26 15:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== SearchScopes: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002 -> {61A18614-9A33-46A1-8D11-25C0ABEA3FDA} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-3671133233-2531484000-2582408703-1002 -> Kein Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - Keine Datei ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2016-07-16 12:47 - 2019-01-07 12:35 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2019-11-03 14:27 - 2019-11-03 14:27 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-3671133233-2531484000-2582408703-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\Control Panel\Desktop\\Wallpaper -> D:\Documents\08_Sonstiges\Dual Monitor Hintergründe\Dual-Monitor-Wallpaper-22.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) ist aktiviert. Network Binding: ============= Ethernet 3: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled) Ethernet 4: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled) WLAN 2: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled) ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeUpdateService => 2 MSCONFIG\Services: AGMService => 2 MSCONFIG\Services: AGSService => 2 MSCONFIG\Services: CmWebAdmin.exe => 2 MSCONFIG\Services: CodeMeter.exe => 2 MSCONFIG\Services: dbupdate => 2 MSCONFIG\Services: dbupdatem => 3 MSCONFIG\Services: DbxSvc => 2 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) Online Connect => 2 MSCONFIG\Services: Intel(R) Online Connect Helper => 2 MSCONFIG\Services: Intel(R) Online Connect Software Asset Manager => 2 MSCONFIG\Services: Intel(R) TechnologyAccessLegacyCSLoader => 2 MSCONFIG\Services: Intel(R) TechnologyAccessService => 2 MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: klvssbridge64_21.3 => 3 MSCONFIG\Services: kpm_launch_service => 3 MSCONFIG\Services: KSDE5.3 => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: NvContainerLocalSystem => 2 MSCONFIG\Services: NvContainerNetworkService => 2 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: NVIDIA Wireless Controller Service => 2 MSCONFIG\Services: RealtekCU => 2 MSCONFIG\Services: RunSwUSB => 2 MSCONFIG\Services: TeamViewer => 2 HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "PDFPrint" HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX" HKU\S-1-5-21-3671133233-2531484000-2582408703-1002\...\StartupApproved\Run: => "Spotify" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{103BFB37-ADC5-4C97-8073-1C4DE189E1EB}] => (Allow) C:\Users\Caro\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{7E02AE46-AD0D-4DCA-B8F2-8B0478DFA27A}] => (Allow) C:\Users\Caro\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{7AC6111A-8D4C-43E4-9CC3-156FF2CDE906}C:\program files\vectorworks 2020\vectorworks2020.exe] => (Block) C:\program files\vectorworks 2020\vectorworks2020.exe => Keine Datei FirewallRules: [TCP Query User{3BC91753-BAE0-45F5-B47B-FBBCC3A1ABEE}C:\program files\vectorworks 2020\vectorworks2020.exe] => (Block) C:\program files\vectorworks 2020\vectorworks2020.exe => Keine Datei FirewallRules: [{3BA94BC9-204B-4909-8C26-05979814584F}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{540DC681-75E4-45C5-895A-B512D45985B7}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [UDP Query User{311D68E8-F98D-4E90-B247-63AEA3F9EC0D}D:\programme\archicad\neuer ordnerarchi\archicad.exe] => (Allow) D:\programme\archicad\neuer ordnerarchi\archicad.exe => Keine Datei FirewallRules: [TCP Query User{AEA97307-106E-4D79-A451-D28DBFD9BF06}D:\programme\archicad\neuer ordnerarchi\archicad.exe] => (Allow) D:\programme\archicad\neuer ordnerarchi\archicad.exe => Keine Datei FirewallRules: [{442D63F9-A87C-4CD8-AEA2-8D6DE62512FA}] => (Block) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei FirewallRules: [{5C904C29-A633-4388-85B1-392629DAEFDA}] => (Block) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei FirewallRules: [UDP Query User{F03A035B-92A1-4F69-BAD1-EFE827E764B9}D:\programme\vektorworks\vectorworks2018e.exe] => (Allow) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei FirewallRules: [TCP Query User{E9427056-30D6-4B50-A860-10A5A61C3BF2}D:\programme\vektorworks\vectorworks2018e.exe] => (Allow) D:\programme\vektorworks\vectorworks2018e.exe => Keine Datei FirewallRules: [UDP Query User{B37E40F2-F5B7-4E33-880C-6A9B9A3B122C}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{43C40599-4714-49B7-9B83-53B0A9F82DD9}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{189CCEC9-6D44-4963-B9BA-E24F743F8AD0}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{3F51C2F1-63BC-4EEE-A71A-3FAD37E7DA4D}C:\users\caro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\caro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{B850E85A-8557-4CFB-93AA-13E6D552ECDD}C:\program files (x86)\archicad20\licensefilegenerator.exe] => (Allow) C:\program files (x86)\archicad20\licensefilegenerator.exe => Keine Datei FirewallRules: [TCP Query User{5CF10A1E-66C7-4C5B-B866-AD1E7626BEEE}C:\program files (x86)\archicad20\licensefilegenerator.exe] => (Allow) C:\program files (x86)\archicad20\licensefilegenerator.exe => Keine Datei FirewallRules: [{076F77BB-1426-43BA-9357-A6C79AF3424B}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{B86178ED-C694-41B2-9C3D-97ECB25F7A5D}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{DE4D120C-8E2D-4753-8A65-95213CE689D4}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei FirewallRules: [{3D50CB20-DA48-4C77-BC3F-1FAE1045721A}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei FirewallRules: [{7E3A988B-0E25-4DD8-A5DE-A259113611C6}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei FirewallRules: [{E94815B0-FEE6-4C9B-9218-B8477BB5B2F2}] => (Allow) C:\Users\Caro\Desktop\InDesign_Set-Up.exe => Keine Datei FirewallRules: [UDP Query User{FB31F15D-437A-434D-B40E-3795935822CE}C:\program files\programme\archicad programm\licensefilegenerator.exe] => (Allow) C:\program files\programme\archicad programm\licensefilegenerator.exe => Keine Datei FirewallRules: [TCP Query User{3FE56CCB-5828-439C-967F-9E707AD31299}C:\program files\programme\archicad programm\licensefilegenerator.exe] => (Allow) C:\program files\programme\archicad programm\licensefilegenerator.exe => Keine Datei FirewallRules: [UDP Query User{CD134EB8-5188-4BB3-B2B2-8AA7640440FB}C:\program files\programme\archicad programm\overwatchserver.exe] => (Allow) C:\program files\programme\archicad programm\overwatchserver.exe => Keine Datei FirewallRules: [TCP Query User{AFB220E9-76BC-429B-B362-5221ED80FA7E}C:\program files\programme\archicad programm\overwatchserver.exe] => (Allow) C:\program files\programme\archicad programm\overwatchserver.exe => Keine Datei FirewallRules: [UDP Query User{6FBE67FC-CA01-46D8-824A-58A097A0B8E2}C:\program files\programme\archicad programm\archicad.exe] => (Allow) C:\program files\programme\archicad programm\archicad.exe => Keine Datei FirewallRules: [TCP Query User{B0E84A7E-FA5F-4078-94F6-E0E3DF26CCC4}C:\program files\programme\archicad programm\archicad.exe] => (Allow) C:\program files\programme\archicad programm\archicad.exe => Keine Datei FirewallRules: [{DB6739E6-2204-4B09-B41B-30968CA9CFD1}] => (Block) D:\programme\archicad programm\overwatchserver.exe => Keine Datei FirewallRules: [{6A545E13-8CF1-4023-A9C1-9CA1EEB620DF}] => (Block) D:\programme\archicad programm\overwatchserver.exe => Keine Datei FirewallRules: [UDP Query User{778E1A82-286F-4FE1-BE57-4CA6EC8925D6}D:\programme\archicad programm\overwatchserver.exe] => (Allow) D:\programme\archicad programm\overwatchserver.exe => Keine Datei FirewallRules: [TCP Query User{296B780E-8AAA-42EB-AE50-F680F62B9BBC}D:\programme\archicad programm\overwatchserver.exe] => (Allow) D:\programme\archicad programm\overwatchserver.exe => Keine Datei FirewallRules: [UDP Query User{CF75E19E-6C46-41F6-8D44-01E7F8FE2E7D}D:\programme\archicad programm\archicad.exe] => (Allow) D:\programme\archicad programm\archicad.exe => Keine Datei FirewallRules: [TCP Query User{A4D1DAB3-C170-4E40-85D3-51B0504A3479}D:\programme\archicad programm\archicad.exe] => (Allow) D:\programme\archicad programm\archicad.exe => Keine Datei FirewallRules: [{6554799D-E07B-4AB2-844E-4DA7F409DF4B}] => (Block) D:\Programme\Neuer Ordner\OverwatchServer.exe => Keine Datei FirewallRules: [{DBF87FB9-8EA0-4D89-B24E-2F55A4ABB1E7}] => (Allow) D:\Programme\Neuer Ordner\BIMxUploader.exe => Keine Datei FirewallRules: [{9258A666-5949-4A3E-9336-366B9A300E6B}] => (Block) D:\Programme\Neuer Ordner\CineRender\CineRender 64bit.exe => Keine Datei FirewallRules: [{49E7C456-E3B8-4878-B0E7-76DB3ECD4CF3}] => (Block) D:\Programme\Neuer Ordner\ARCHICAD.exe => Keine Datei FirewallRules: [{441A4EE9-45D4-4815-A29C-C91AB8303305}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\Rtldhcp.exe (Realtek) [Datei ist nicht signiert] FirewallRules: [{726D7D19-1755-4DE1-BCB8-C06D3BC8CB34}] => (Allow) LPort=53 FirewallRules: [{6120098B-5097-410C-8C00-8A7BF7676442}] => (Allow) LPort=53 FirewallRules: [{4C73448B-B40B-4705-8A30-DDD5EDE0CEC9}] => (Allow) LPort=68 FirewallRules: [{8B654C7F-3E38-4C77-B3C3-5ED26B6B6618}] => (Allow) LPort=67 FirewallRules: [{FD438F58-F35B-4212-BD80-1E5481A6D314}] => (Allow) LPort=53 FirewallRules: [{07869E25-0997-473C-9BDF-288F3F806744}] => (Allow) LPort=1542 FirewallRules: [{B4C70D86-4782-476C-8042-A4602C809393}] => (Allow) LPort=1542 FirewallRules: [{D19EFC04-8F56-4D8C-AB1C-78C82B4476DB}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Datei ist nicht signiert] FirewallRules: [{01F75DD0-663B-4CCB-964B-17FFC731DD41}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.) [Datei ist nicht signiert] FirewallRules: [{8237B493-1476-431C-8BB4-D3A0C1EE25E4}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Anno 2205\Bin\Win64\Anno2205.exe (Blue Byte GmbH -> Ubisoft) FirewallRules: [TCP Query User{9B72727D-7C82-417E-9038-EEC44B59BB66}D:\programme\vectorworks 2019\vectorworks2019.exe] => (Allow) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei FirewallRules: [UDP Query User{7098CF80-605A-40E8-990C-2EF29526654B}D:\programme\vectorworks 2019\vectorworks2019.exe] => (Allow) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei FirewallRules: [{002ADA28-1AFB-4FE6-8D2F-B2C4D11EC154}] => (Block) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei FirewallRules: [{430963B0-6785-4E33-B505-AEA003F69110}] => (Block) D:\programme\vectorworks 2019\vectorworks2019.exe => Keine Datei FirewallRules: [{C52B6DB2-CB9D-4C35-BCFE-724A663F2BC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C12B714F-F4FA-47B1-BAD4-37B5750809AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{A6C06521-4B8C-43D4-A683-039264E3F4F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D51E99A1-038E-47CA-80E4-5D947C74516D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{4B36B334-4C93-4187-848A-627BF472264B}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS) FirewallRules: [{3ABF503F-36E6-4871-BE0E-D347FCBDA8FC}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{E9ADF80F-41DB-4FFA-8DED-B6F3513C395C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS) FirewallRules: [{A3440304-1B41-4CD8-9320-0EB65E7C518A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{425F93A0-29CC-4043-B79D-DA8FAC9A2DF5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9750C618-E4F1-4C0D-B1BF-823BB3AA8818}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{EB4FBE25-6225-4B0C-8BFF-0E9F388E648A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{5478A773-663A-4561-9220-E2BB9A1BCB88}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{19727FE3-6C85-4368-A4F5-94F08A5A2A8F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{378FBCA8-18BF-4895-A013-EB6C23D2892F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9337AD6E-BCE7-4FB9-A247-76B24077C449}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{062C35E5-C83F-4EE9-BE11-528782F1B3E3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{6B489A55-E4E2-4C87-8A6C-257445F9522F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D55BE7D3-02AA-40A4-8136-7BA599B05FF9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C4176973-9EF7-466A-A459-0E7B563EE1DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C56C1610-3824-4C82-AA3F-9982D33C95EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{A96C4156-561F-49EE-9415-577A3124EEB2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{0CEED22D-3EA0-4590-8AB4-89638B31C0BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{FF951C40-57E5-4CE6-ACB8-7252AB2D9E2E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B8B7E52D-8B49-49C7-B4D1-B3DA9AF8894F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5DD1E34F-46BA-469B-966C-05F37B4EA831}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0C1C697E-74ED-4B63-8228-06C409C8B683}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server ==================== Wiederherstellungspunkte ========================= 21-02-2022 21:04:17 Geplanter Prüfpunkt 23-02-2022 21:35:03 OpenOffice 4.1.11 wird installiert ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: Kaspersky Security Data Escort Adapter #2 Description: Kaspersky Security Data Escort Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Kaspersky Security Data Escort Provider Service: kltap Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (02/24/2022 08:20:54 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-LJVJBQ2) Description: Die Anwendung oder der Dienst "ROG Live Service" konnte nicht neu gestartet werden. Error: (02/24/2022 08:11:55 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-LJVJBQ2) Description: Die Anwendung oder der Dienst "ARMOURY CRATE Service" konnte nicht neu gestartet werden. Error: (02/24/2022 08:07:47 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Das Sicherheitscenter konnte den Aufrufer nicht überprüfen. Der Fehler %1 ist aufgetreten. Error: (02/24/2022 07:44:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Vectorworks2021.exe, Version: 26.0.4.0, Zeitstempel: 0x60ccaf7d Name des fehlerhaften Moduls: libcef.dll, Version: 84.2.6.0, Zeitstempel: 0x5f08e1b8 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000000002be2b49 ID des fehlerhaften Prozesses: 0x3cf8 Startzeit der fehlerhaften Anwendung: 0x01d8295d163629a1 Pfad der fehlerhaften Anwendung: C:\Program Files\Vectorworks 2021\Vectorworks2021.exe Pfad des fehlerhaften Moduls: C:\Program Files\Vectorworks 2021\ChromiumEF_dlls\libcef.dll Berichtskennung: 0094f235-3cb5-4cd0-a480-90be0044b948 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (02/24/2022 09:26:34 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Vectorworks2022.exe, Version: 27.0.2.0, Zeitstempel: 0x6196e5df Name des fehlerhaften Moduls: libcef.dll, Version: 84.2.6.0, Zeitstempel: 0x5f08e1b8 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000000002be2b49 ID des fehlerhaften Prozesses: 0x4edc Startzeit der fehlerhaften Anwendung: 0x01d82956dca4e92d Pfad der fehlerhaften Anwendung: C:\Program Files\Vectorworks 2022\Vectorworks2022.exe Pfad des fehlerhaften Moduls: C:\Program Files\Vectorworks 2022\ChromiumEF_dlls\libcef.dll Berichtskennung: b2f57462-7958-47ec-a00d-f5d33aa6d4f6 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (02/24/2022 09:11:07 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: ArmouryWebBrowserEdge.exe, Version: 1.0.0.8, Zeitstempel: 0x6142e251 Name des fehlerhaften Moduls: ArmouryWebBrowserEdge.exe, Version: 1.0.0.8, Zeitstempel: 0x6142e251 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000007903 ID des fehlerhaften Prozesses: 0x47a0 Startzeit der fehlerhaften Anwendung: 0x01d829561318e266 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe Berichtskennung: c0762dad-925c-42aa-af6d-a2b52ceef679 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (02/23/2022 10:28:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Aac3572MbHal_x86.exe, Version: 1.2.3.1, Zeitstempel: 0x6142afdc Name des fehlerhaften Moduls: combase.dll, Version: 10.0.19041.1348, Zeitstempel: 0xf1a7c19a Ausnahmecode: 0xc0000005 Fehleroffset: 0x000d8ea9 ID des fehlerhaften Prozesses: 0x1ec4 Startzeit der fehlerhaften Anwendung: 0x01d828f573869c49 Pfad der fehlerhaften Anwendung: C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\combase.dll Berichtskennung: ff5a1198-a9ce-43a2-8024-e86c033ed1cd Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (02/23/2022 10:22:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: AsusFanControlService.exe, Version: 3.0.0.0, Zeitstempel: 0x610b8c15 Name des fehlerhaften Moduls: AsusFanControlService.exe, Version: 3.0.0.0, Zeitstempel: 0x610b8c15 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003ca97 ID des fehlerhaften Prozesses: 0x1248 Startzeit der fehlerhaften Anwendung: 0x01d828f57091b39b Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe Berichtskennung: e3c8dfe0-71a0-4ac4-b27f-3ab2ce068410 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Systemfehler: ============= Error: (02/24/2022 08:28:32 PM) (Source: Netwtw10) (EventID: 5010) (User: ) Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben. 5010 - Driver DBG_ASSERT - instead of BSOD Error: (02/24/2022 08:25:32 PM) (Source: Netwtw10) (EventID: 5010) (User: ) Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben. 5010 - Driver DBG_ASSERT - instead of BSOD Error: (02/24/2022 08:22:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LJVJBQ2) Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (02/24/2022 08:22:31 PM) (Source: Netwtw10) (EventID: 5010) (User: ) Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben. 5010 - Driver DBG_ASSERT - instead of BSOD Error: (02/24/2022 08:20:31 PM) (Source: Netwtw10) (EventID: 5010) (User: ) Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben. 5010 - Driver DBG_ASSERT - instead of BSOD Error: (02/24/2022 08:19:31 PM) (Source: Netwtw10) (EventID: 5010) (User: ) Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben. 5010 - Driver DBG_ASSERT - instead of BSOD Error: (02/24/2022 08:17:31 PM) (Source: Netwtw10) (EventID: 5010) (User: ) Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben. 5010 - Driver DBG_ASSERT - instead of BSOD Error: (02/24/2022 08:16:31 PM) (Source: Netwtw10) (EventID: 5010) (User: ) Description: Intel(R) Wi-Fi 6 AX200 160MHz : Der Netzwerkadapter hat einen ungültigen Wert an den Treiber zurückgegeben. 5010 - Driver DBG_ASSERT - instead of BSOD Windows Defender: ================Event[0]: Date: 2022-02-24 20:08:04 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.349.1925.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.18500.10 Fehlercode: 0x80240017 Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". CodeIntegrity: =============== Date: 2022-02-24 20:07:54 Description: Code Integrity determined that a process (\Device\HarddiskVolume12\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume12\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2022-02-24 20:05:10 Description: Code Integrity determined that a process (\Device\HarddiskVolume12\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume12\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 2423 08/09/2021 Hauptplatine: ASUSTeK COMPUTER INC. PRIME B550M-A (WI-FI) Prozessor: AMD Ryzen 5 5600X 6-Core Processor Prozentuale Nutzung des RAM: 39% Installierter physikalischer RAM: 16299.37 MB Verfügbarer physikalischer RAM: 9843.79 MB Summe virtueller Speicher: 22699.37 MB Verfügbarer virtueller Speicher: 14271.59 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:231.81 GB) (Free:90.19 GB) NTFS Drive d: () (Fixed) (Total:931.38 GB) (Free:377.38 GB) NTFS Drive e: () (Fixed) (Total:931.38 GB) (Free:423.6 GB) NTFS Drive f: (Windows) (Fixed) (Total:464.77 GB) (Free:434.73 GB) NTFS \\?\Volume{a7af9eac-cc55-49a5-8600-c6ef4ff82100}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS \\?\Volume{8193e75b-3416-472e-bb8f-91ef883aa56b}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS \\?\Volume{defb8d1e-f58b-4ebc-b967-f5ed9b1398ae}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS \\?\Volume{56134543-78f4-4721-b382-d2543fec4cae}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 \\?\Volume{806931e6-103b-4540-9c29-7bbe4d6caaf4}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 3 (Size: 465.8 GB) (Disk ID: D17FEDD6) Partition: GPT. ==================== Ende von Addition.txt ======================= PUP.Optional.GreatDealz C:\Users\Caro\AppData\LocalLow\GreatDealz PUP.Optional.Legacy C:\Users\Caro\AppData\Local\YSearchUtil mein laienhafter Blick hat zumindest "Greatdealz" in der FRST Liste gefunden. |
24.02.2022, 21:26 | #10 |
/// TB-Ausbilder | OpenOffice Dilemma Vielen Dank für die Logdateien. Bitte mal folgenden FRST-Fix ausführen, ist für Analysezwecke: Schritt 1 WARNUNG AN ALLE MITLESER !!! Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
|
24.02.2022, 21:38 | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ | OpenOffice Dilemma Scripting/Repair mit FRST64 WARNUNG AN ALLE MITLESER !!! Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
__________________ Logfiles bitte immer in CODE-Tags posten |
24.02.2022, 22:07 | #12 |
| OpenOffice Dilemma Anbei der erste Fixlog: Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-02-2022 durchgeführt von Caro (24-02-2022 21:31:59) Run:1 Gestartet von C:\Users\Caro\Desktop Geladene Profile: defaultuser0 & Caro Start-Modus: Normal ============================================== fixlist Inhalt: ***************** SystemRestore: On CreateRestorePoint: CloseProcesses: VirusTotal: C:\WINDOWS\Tasks\GreatDealzUpdater.job Task: C:\WINDOWS\Tasks\GreatDealzUpdater.job => C:\ProgramData\greatdealzupdater\tUpdater.exe VirusTotal: C:\ProgramData\greatdealzupdater\tUpdater.exe VirusTotal: C:\Windows\System32\Tasks\GreatDealzUpdater Task: {6F177B8C-949B-48E5-953A-5A527A0DC4A1} - System32\Tasks\GreatDealzUpdater => C:\ProgramData\greatdealzupdater\tUpdater.exe C:\ProgramData\greatdealzupdater HKLM-x32\...\Run: [] => [X] HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG EmptyTemp: ***************** SystemRestore: On => abgeschlossen Wiederherstellungspunkt wurde erfolgreich erstellt. Prozesse erfolgreich geschlossen. VirusTotal: C:\WINDOWS\Tasks\GreatDealzUpdater.job => https://www.virustotal.com/gui/file/2573a63a6adfbe108d3775fa37493749ed5fab50abec7a6298900bc56f6ca664/detection/f-2573a63a6adfbe108d3775fa37493749ed5fab50abec7a6298900bc56f6ca664-1645734726 C:\WINDOWS\Tasks\GreatDealzUpdater.job => erfolgreich verschoben "VirusTotal: C:\ProgramData\greatdealzupdater\tUpdater.exe" => nicht gefunden VirusTotal: C:\Windows\System32\Tasks\GreatDealzUpdater => https://www.virustotal.com/gui/file/2aff3417ab7637b391e37c390c25c662872634bfbecf47a29ba576affdfaf199/detection/f-2aff3417ab7637b391e37c390c25c662872634bfbecf47a29ba576affdfaf199-1645734727 "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F177B8C-949B-48E5-953A-5A527A0DC4A1}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F177B8C-949B-48E5-953A-5A527A0DC4A1}" => erfolgreich entfernt C:\WINDOWS\System32\Tasks\GreatDealzUpdater => erfolgreich verschoben "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GreatDealzUpdater" => erfolgreich entfernt "C:\ProgramData\greatdealzupdater" => nicht gefunden "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => erfolgreich entfernt HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG => erfolgreich wiederhergestellt =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25187203 B Java, Flash, Steam htmlcache => 714 B Windows/system/drivers => 23292094 B Edge => 14285988 B Chrome => 859642228 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 432 B LocalService => 590392 B NetworkService => 610414 B defaultuser0 => 610414 B Caro => 5621008437 B RecycleBin => 220346356 B EmptyTemp: => 6.3 GB temporäre Dateien entfernt. ================================ Das System musste neu gestartet werden. ==== Ende von Fixlog 21:59:30 ==== Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-02-2022 durchgeführt von Caro (24-02-2022 22:05:34) Run:2 Gestartet von C:\Users\Caro\Desktop Geladene Profile: defaultuser0 & Caro Start-Modus: Normal ============================================== fixlist Inhalt: ***************** CloseProcesses: AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG Task: {11C26323-FE36-4B6A-A118-91147930FA0B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software) Task: {6F177B8C-949B-48E5-953A-5A527A0DC4A1} - System32\Tasks\GreatDealzUpdater => C:\ProgramData\greatdealzupdater\tUpdater.exe (Keine Datei) Task: C:\WINDOWS\Tasks\GreatDealzUpdater.job => C:\ProgramData\greatdealzupdater\tUpdater.exe Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden] C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki C:\ProgramData\greatdealzupdater C:\Program Files\Common Files\Avast Software C:\Users\Caro\AppData\Roaming\OpenOffice emptytemp: ***************** Prozesse erfolgreich geschlossen. "AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}" => erfolgreich entfernt "AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}" => erfolgreich entfernt HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG => erfolgreich wiederhergestellt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{11C26323-FE36-4B6A-A118-91147930FA0B}" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11C26323-FE36-4B6A-A118-91147930FA0B}" => erfolgreich entfernt C:\WINDOWS\System32\Tasks\Avast Software\Overseer => erfolgreich verschoben "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => erfolgreich entfernt "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F177B8C-949B-48E5-953A-5A527A0DC4A1}" => nicht gefunden "C:\WINDOWS\System32\Tasks\GreatDealzUpdater" => nicht gefunden "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GreatDealzUpdater" => nicht gefunden "C:\WINDOWS\Tasks\GreatDealzUpdater.job" => nicht gefunden HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => erfolgreich entfernt HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => erfolgreich entfernt HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => erfolgreich entfernt HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => erfolgreich entfernt C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki => erfolgreich verschoben "C:\ProgramData\greatdealzupdater" => nicht gefunden C:\Program Files\Common Files\Avast Software => erfolgreich verschoben C:\Users\Caro\AppData\Roaming\OpenOffice => erfolgreich verschoben =========== EmptyTemp: ========== BITS transfer queue => 786432 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7410596 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 22669 B Edge => 0 B Chrome => 8978025 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 13940 B NetworkService => 13940 B defaultuser0 => 13940 B Caro => 5013979 B RecycleBin => 0 B EmptyTemp: => 21.2 MB temporäre Dateien entfernt. ================================ Das System musste neu gestartet werden. ==== Ende von Fixlog 22:05:40 ==== |
24.02.2022, 22:11 | #13 |
/// Winkelfunktion /// TB-Süch-Tiger™ | OpenOffice Dilemma Da hat MKDB schon vor mir dazwischengehauen.
__________________ Logfiles bitte immer in CODE-Tags posten |
24.02.2022, 22:22 | #14 |
| OpenOffice Dilemma Hab ich jetzt was kaputt gemacht? 😳 |
24.02.2022, 22:31 | #15 |
/// Winkelfunktion /// TB-Süch-Tiger™ | OpenOffice Dilemma Nein, MKDB und ich hätten uns nur besser abstimmen müssen vorher. Deswegen hast du jetzt zwei Fixes von uns bekommen. Da aber grundsätzlich nur unnötige und schädliche Einträge gefixt werden, kann da so nichts kaputtgehen.
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu OpenOffice Dilemma |
appdata, code, dateien, detected, dll, fehler, files, firefox, folge, gelöscht, google, hallo zusammen, kaspersky, maalware, malwarebytes, office, openoffice, quarantäne, registry, roaming, rollback, services, software, start, suche, trojaner, windows, wmi |