| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 11: verdächtige/unbekannte Datei in BenutzerordnerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.05.2024, 12:07
| #1 |
| |  Windows 11: verdächtige/unbekannte Datei in Benutzerordner Hallo zusammen, ich habe folgende Datei in meinem Benutzerordner unter Windows 11 entdeckt: MJKJRegInfo_I4HXU4CXO7RTUXPVB34C3QXNE63PV2RP --> Sagt euch diese Datei etwas? Der Dateityp nennt sich nur "Datei" und sie ist ausgegraut, sowie die NTUSER.DAT Datei. Die Datei zu öffnen, habe ich nicht probiert, aufgrund zu großer Sorge. Grundsätzlich erschien mir die Datei komisch/verdächtig, da sie eine Größe von 0 Bytes hat und ich sie überhaupt nicht zuordnen konnte. Daher habe ich Folgendes schon unternommen: - Ich habe den gesamten Laptop und noch einzeln gesondert das C-Laufwerk mehrfach durchsuchen lassen, mit Malwarebytes und Kaspersky (auch hinsichtlich Rootkits), jedoch wurde keine Bedrohung o. Ä. gefunden. - Wenn man den Dateinamen zudem googled erscheinen NUR 4 Einträge von IT-Foren. In diesen Beiträgen wird von Trojanern gesprochen. Anmerkung: -Soweit habe ich beim normalen Nutzen des Laptops nichts bemerken können, was die Performance, Änderungen in den Einstellungen oder Sonstiges angeht. - Ich nutze den Laptop komplett allein. Folgendes war aber ungewöhnlich: - MalwareBytes habe ich erst für dieses Problem heruntergeladen. Ich konnte es jedoch zuerst nicht installieren, wenn ich es über die offizielle Seite geladen habe. Es kam stets die Meldung von Windows "Diese App kann auf dem PC nicht ausgeführt werden". Auch das Ändern des Dateinamens oder explizite Ausführen als Administrator hat nichts gebracht. Mit dem Download von ComputerBase konnte ich es dann aber installieren (warum auch immer) --> Verdacht auf Virus/Trojaner hier? - Außerdem konnte ich bei allen 4 Googletreffern in den eingesendeten Log-Files die Datei "Sidify" finden. Jetzt frage ich mich, ob es hier einen Zusammenhang gibt? Denn die Datei "MJKJRegInfo_I4HXU4CXO7RTUXPVB34C3QXNE63PV2RP" stammt bei mir vom 12.05.24 und am 12.05.24 hatte auch ich Sidify installiert, jedoch am selben Tag wieder deinstalliert. Ich hoffe, es kann mir jemand weiterhelfen. Danke für eure Zeit. Ich wünsche einen schönen Tag. |
|
30.05.2024, 15:21
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 11: verdächtige/unbekannte Datei in Benutzerordner Weiterhelfen kann man nur wenn du die Hinweise für Hilfesuchende beachtest: Logfiles erstellen und in CODE-Tags posten. Dann kann man zwar nicht 100%ig eine Infektion erkennen oder auschließen, aber auf jeden Fall kann man mehr sagen als nur mit mit der Info eines fast nichtssagendes Dateinamens.
__________________
__________________ |
|
30.05.2024, 15:41
| #3 |
| | Log Files Hier die Log-files.
__________________FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.05.2024 01
Ran by edwin (administrator) on EDWIN-LAPTOP (LENOVO 82Y3) (30-05-2024 12:02:39)
Running from C:\Users\edwin\Desktop\EnglishFRST64.exe
Loaded Profiles: edwin
Platform: Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) Language: Deutsch (Deutschland)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A-Volute SAS -> A-Volute) C:\Users\edwin\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoSystemUpdateAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe ->) (Native Instruments GmbH -> ) C:\Program Files\Common Files\Native Instruments\NTK\crashpad_handler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_helper.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\FnHotkeyCapsLKNumLK.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\FnHotkeyUtility.exe
(explorer.exe ->) (Solid State Logic UK Ltd -> ) C:\Program Files\Solid State Logic\SSLUSBAudioDriver\x64\SSLUsbAudioCpl.exe
(FMService64.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMAudioMonitor.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_4a0efaf978352e5b\ipfsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a687edda40db3316\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_dff0a14340935a1d\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_9d96bfc242ae9e60\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_be2da68c4ea5a937\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\lenovo\UDC\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\LenovoUtilityService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Guillemot Corporation ®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_3cf5f53c459bdb0f\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_8b8f1bcdf16553b6\RtkAudUService64.exe <2>
(services.exe ->) (Tobii AB -> ) C:\Windows\System32\DriverStore\FileRepository\lenovoyxx0.inf_amd64_295e04613a160957\platform_runtime_RGB_service.exe
(services.exe ->) (Universal Audio, Inc. -> Universal Audio) C:\Program Files\UA Connect\resources\native\windows\x64\uahelperservice.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_8b8f1bcdf16553b6\RtkAudUService64.exe [1643360 2023-02-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Hercules DJ Series TrayAgent] => C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [4059336 2023-05-24] (Guillemot Recherche et Développement, Inc -> DJHERCULESMIX®)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => E:\Serato\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => %LOCALAPPDATA%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [File not signed]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\Run: [MicrosoftEdgeAutoLaunch_F0FC7AB6BAD7053DFDF75947A8B23F71] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136912 2024-05-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\Run: [LenovoVantageToolbar] => C:\ProgramData\Lenovo\Vantage\AddinData\LenovoBatteryGaugeAddin\x64\QSHelper.exe [85416 2024-02-18] (Lenovo -> Lenovo)
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\Run: [Spotify] => C:\Users\edwin\AppData\Roaming\Spotify\Spotify.exe [34615112 2024-05-25] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3851296 2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\Run: [electron.app.Notion] => C:\Users\edwin\AppData\Local\Programs\Notion\Notion.exe --open-at-login (No File)
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\Run: [electron.app.UA Connect] => C:\Program Files\UA Connect\UA Connect.exe [163592464 2024-05-20] (Universal Audio, Inc. -> Universal Audio, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.113\Installer\chrmstp.exe [2024-05-30] (Google LLC -> Google LLC)
Startup: C:\Users\edwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2024-05-27]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2023-10-28]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ableton Push Control Panel Autostart.lnk [2023-11-10]
ShortcutTarget: Ableton Push Control Panel Autostart.lnk -> C:\Program Files\Ableton\Push Driver\x64\AbletonPushCpl.exe (Thesycon Software Solutions GmbH & Co. KG -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SSL USB Control Panel Autostart.lnk [2024-05-11]
ShortcutTarget: SSL USB Control Panel Autostart.lnk -> C:\Program Files\Solid State Logic\SSLUSBAudioDriver\x64\SSLUsbAudioCpl.exe (Solid State Logic UK Ltd -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WavesLocalServer.lnk [2023-12-03]
ShortcutTarget: WavesLocalServer.lnk -> C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\WavesLocalServer.exe (Waves Inc -> Waves Audio Ltd.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08D21D45-64F7-41DB-B396-44BA33C16F23} - \Lenovo\ImController\TimeBasedEvents\6cc2b8f6-4aac-4a09-859f-5e5b20dea9a2 -> No File <==== ATTENTION
Task: {51149EC4-0BE7-4330-92BB-C59422610E0B} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {7E259673-3781-49BA-BC2E-4FA624AAB55C} - \Lenovo\ImController\TimeBasedEvents\0afe917d-0f66-4b44-8af1-b521d0314ac9 -> No File <==== ATTENTION
Task: {885F9875-5DE2-4163-B46D-AE3B62202AD8} - \Lenovo\ImController\TimeBasedEvents\623d03c1-3320-46f5-b228-a80174e84377 -> No File <==== ATTENTION
Task: {FE4CC90A-C47A-4520-96A2-7136D24093FA} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {28C57D28-B00A-4608-BE0F-B27E09727C80} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {FECAB596-5C62-41E0-BE2A-C5ED9FEA6825} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{5F3EDEC2-8281-478F-B066-01EC61A548E8} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {DE4047ED-9FF1-45EA-A371-31F5D0B3BA36} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
Task: {3160C638-3639-4321-8816-18CD783A72FC} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\Windows\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [185312 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
Task: {7A43C26A-9B6E-4BC4-81B7-7182AF955C45} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {9A98367D-E12B-455A-83A2-49662BADEA25} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {92677F49-1C46-4DEC-A455-AA707F523E22} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {1E326751-8F3E-41AE-9DFA-1644B9EAE603} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {82117E9C-9699-43A8-AB1F-B2E9270173DF} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {DE637E57-2E0A-4B2E-A8F0-DB953B8C07B4} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {A0DAF4C6-942B-4F0E-A3BD-41998D0EF96E} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {250FAC0A-FD79-436E-BB93-629EE1FECC5C} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {4CDFF642-1B80-4269-80E5-AE6A0C87CD6C} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {5F732D9A-042E-4A68-854A-BB3B1E50CB50} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {696C66A2-F4A8-4A73-BD9D-8F9A7F30ADC3} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {414AED71-E1AA-4570-9BF1-2E3939CBA075} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {4689C712-480A-4DF9-AE48-0229D4D9EE47} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {DF6D9A4F-69A8-4015-A9F8-DF6890F65C96} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {7038B75E-EC93-4D19-BE2D-20A0E355871E} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\uninstall.exe [365024 2024-03-03] (Lenovo -> Lenovo)
Task: {607DBCF3-B5C3-4CBB-89C6-7A426D75E176} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC02D88E-033F-4C87-B541-42AB0D077A8F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAA23280-424D-4453-B85E-358812E20A97} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309832 2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E109525-5878-4D77-9893-278C6E0FA92A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309832 2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E550043-8B58-43ED-A107-FCB21CAEF3A3} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168928 2024-05-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D3328F2-6A58-4F34-91AF-7A160400FE39} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4448176 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {0B946F10-4B53-4F8D-BC83-4F240918C9B2} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-05-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {9973E468-BC12-4507-AFA3-F1B04DD1974A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3232964867-2300333657-1746155326-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-05-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {7F32C787-3602-4336-AB49-28EAB846539E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33696 2024-05-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {1ED5FD77-F96C-4778-BFBE-F01BB8322ED7} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe [11015736 2023-01-15] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\-minimized
Task: {4FC9C5BF-1817-442C-8E0A-C62214E81A75} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {71C2EFA9-29EC-4567-865C-2D37FE0AFDCA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-02-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BA7921F-89C3-4E0C-B480-C97E35E603D2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {7F7FFDA4-8570-4F49-8297-81368298F589} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F4ED9F4-CC14-4131-B22F-CBAEDC2E92BD} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AEEBB76F-C5F1-454F-BFB3-CDD2FEAD40A1} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F24A03B4-70FC-48E1-A485-988C31D18406} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B2A4BEC-7313-4C6D-A4F4-6972DBC6475C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {1DC82431-377E-413E-83CE-1FD671F0C57B} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3232964867-2300333657-1746155326-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{592d162a-aa83-45ba-b0bb-124f615e589b}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{592d162a-aa83-45ba-b0bb-124f615e589b}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{592d162a-aa83-45ba-b0bb-124f615e589b}\64259445A51224F687027353630302A4A4: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{592d162a-aa83-45ba-b0bb-124f615e589b}\64259445A51224F687027353630302A4A4: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{592d162a-aa83-45ba-b0bb-124f615e589b}\7574D2645657562726163686: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5c850600-be65-4445-aaee-72c2466b639b}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5c850600-be65-4445-aaee-72c2466b639b}: [DhcpDomain] fritz.box
Edge:
=======
Edge Profile: C:\Users\edwin\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-29]
Edge Extension: (Google Docs Offline) - C:\Users\edwin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-02]
Edge Extension: (Edge relevant text changes) - C:\Users\edwin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-20]
Edge HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [njjljiblognghfjfpcdpdbpbfcmhgafg]
FireFox:
========
FF DefaultProfile: dmpxpcll.default
FF DefaultProfile: 4taao13x.default
FF ProfilePath: C:\Users\edwin\AppData\Roaming\Zotero\Zotero\Profiles\dmpxpcll.default [2024-05-09]
FF ProfilePath: C:\Users\edwin\AppData\Roaming\Mozilla\Firefox\Profiles\4taao13x.default [2023-10-31]
FF ProfilePath: C:\Users\edwin\AppData\Roaming\Mozilla\Firefox\Profiles\htd5bdbc.default-release [2024-05-30]
FF DownloadDir: E:
FF Extension: (AdBlocker Ultimate) - C:\Users\edwin\AppData\Roaming\Mozilla\Firefox\Profiles\htd5bdbc.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2024-05-16]
FF Extension: (Grammatik- und Rechtschreibprüfung - LanguageTool) - C:\Users\edwin\AppData\Roaming\Mozilla\Firefox\Profiles\htd5bdbc.default-release\Extensions\languagetool-webextension@languagetool.org.xpi [2024-03-19]
FF Extension: (Zotero Connector) - C:\Users\edwin\AppData\Roaming\Mozilla\Firefox\Profiles\htd5bdbc.default-release\Extensions\zotero@chnm.gmu.edu.xpi [2024-05-24] [UpdateUrl:hxxps://www.zotero.org/download/connector/firefox/release/updates.json]
FF Extension: (Black) - C:\Users\edwin\AppData\Roaming\Mozilla\Firefox\Profiles\htd5bdbc.default-release\Extensions\{9b84b6b4-07c4-4b4b-ba21-394d86f6e9ee}.xpi [2023-10-31]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2024-05-29] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2024-05-29] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\edwin\AppData\Local\Google\Chrome\User Data\Default [2024-05-03]
CHR DownloadDir: E:\Browser Downloads
CHR Notifications: Default -> hxxps://luna.amazon.de
CHR Extension: (Kaspersky Protection) - C:\Users\edwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-04-25]
CHR Extension: (Google Docs Offline) - C:\Users\edwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-25]
CHR Extension: (Microsoft Power Automate (veraltet)) - C:\Users\edwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgfobnenmnljakmhboildkafdkicala [2024-04-25]
CHR Extension: (All Black - Full Dark Theme/Black Theme) - C:\Users\edwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkplpffahhkjfocfbfapcemhhkgmljpn [2024-04-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\edwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-25]
CHR Extension: (AdBlocker Ultimate) - C:\Users\edwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohahllgiabjaoigichmmfljhkcfikeof [2024-04-25]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [184768 2022-08-02] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14248016 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
R2 dptftcs; C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_4a0efaf978352e5b\ipfsvc.exe [545432 2022-10-27] (Intel Corporation -> Intel Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncHelper.exe [3508240 2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [990136 2023-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
R2 HerculesDJControlMP3; C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [187920 2022-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Guillemot Corporation ®)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_be2da68c4ea5a937\AS\IAS\IntelAudioService.exe [530568 2022-12-21] (Intel Corporation -> Intel)
R2 ipfsvc; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_uf.exe [2778760 2022-10-28] (Intel Corporation -> Intel Corporation)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2022-08-02] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\LenovoUtilityService.exe [171232 2024-04-08] (Lenovo -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe [34168 2024-03-03] (Lenovo -> Lenovo)
R2 logi_lamparray_service; C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe [9903656 2024-04-18] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887344 2024-05-29] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-29] (Malwarebytes Inc. -> Malwarebytes)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1905304 2023-03-29] (A-Volute SAS -> Nahimic)
R2 NTKDaemonService; C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe [16956128 2024-05-16] (Native Instruments GmbH -> Native Instruments GmbH)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_3cf5f53c459bdb0f\Display.NvContainer\NVDisplay.Container.exe [1275544 2023-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.091.0505.0003\OneDriveUpdaterService.exe [3847600 2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
R2 TobiiRGB; C:\Windows\System32\DriverStore\FileRepository\lenovoyxx0.inf_amd64_295e04613a160957\platform_runtime_RGB_service.exe [79259128 2023-10-15] (Tobii AB -> )
R2 UAHelperService; C:\Program Files\UA Connect\resources\native\windows\x64\uahelperservice.exe [6665488 2024-05-20] (Universal Audio, Inc. -> Universal Audio)
R2 UDCService; C:\Windows\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72160 2023-11-02] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcxHdAudio; C:\Windows\System32\drivers\AcxHdAudio.sys [561152 2023-10-28] (Microsoft Windows -> Microsoft Corporation)
S3 AX88179; C:\Windows\System32\DriverStore\FileRepository\netax88179_178a.inf_amd64_a8bb8a6e92764769\ax88179_178a.sys [79872 2022-05-07] (Microsoft Windows -> ASIX Electronics Corp.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [237288 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 csaudio; C:\Windows\System32\DriverStore\FileRepository\csaudio.inf_amd64_9e9402676b564cdc\csaudio.sys [350672 2023-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 FBNetFilter; C:\Windows\System32\drivers\FBNetFlt.sys [60784 2023-12-06] (Lenovo -> Lenovo)
S3 GuiSTDFUDev; C:\Windows\System32\Drivers\GuiSTDFUDev.sys [149064 2022-10-18] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2022. All rights reserved.)
S3 HDJusbaudio; C:\Windows\system32\DRIVERS\HDJusbaudio_x64.sys [640080 2023-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Guillemot Corporation)
S3 HDJusbaudioks; C:\Windows\System32\drivers\HDJusbaudioks_x64.sys [142880 2023-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Guillemot Corporation)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2022-10-17] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2022-10-17] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\Windows\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_cf69bf74fab8a0f5\ipf_acpi.sys [87176 2022-10-28] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_cpu.sys [80520 2022-10-28] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_lf.sys [443528 2022-10-28] (Intel Corporation -> Intel Corporation)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [105280 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [206600 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [119568 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-Malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [533040 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [841528 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [2089168 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [245144 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1051184 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [90896 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [104728 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [107328 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [78088 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [88328 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [384656 2023-11-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [354640 2023-11-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [183120 2023-11-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [262712 2023-11-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [150280 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [325400 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [294680 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 logi_lamparray; C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray.sys [98864 2024-04-18] (Logitech Inc -> Logitech, Inc.)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223184 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-05-29] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt11.sys [234856 2024-05-30] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2024-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188784 2024-05-30] (Malwarebytes Inc. -> Malwarebytes)
S3 NahimicBTLink; C:\Windows\System32\drivers\NahimicBTLink.sys [86200 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
S3 NahimicXVAD; C:\Windows\System32\drivers\NahimicXVAD.sys [86216 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
S3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [86224 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [239256 2023-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 rtucx22x64; C:\Windows\System32\DriverStore\FileRepository\rtucx22x64.inf_amd64_a6eb3abe5befec7d\rtucx22x64.sys [1876424 2024-04-24] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 rtux64w10; C:\Windows\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-07] (Microsoft Windows -> Realtek Corporation)
S3 SSLUSBDriver; C:\Windows\System32\drivers\SSLUSBDriver.sys [428176 2023-08-24] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 SSLUSBDriverks; C:\Windows\System32\drivers\SSLUSBDriverks.sys [55440 2023-08-24] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 ysusb_w10_64; C:\Windows\system32\drivers\ysusb_w10_64.sys [172544 2020-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Yamaha Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-30 12:03 - 2024-05-30 12:03 - 000723674 _____ C:\Windows\system32\perfh007.dat
2024-05-30 12:03 - 2024-05-30 12:03 - 000149714 _____ C:\Windows\system32\perfc007.dat
2024-05-30 12:02 - 2024-05-30 12:03 - 000045114 _____ C:\Users\edwin\Desktop\FRST.txt
2024-05-30 11:55 - 2024-05-30 11:55 - 000234856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2024-05-30 11:55 - 2024-05-30 11:55 - 000188784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2024-05-30 11:53 - 2024-05-30 11:53 - 001798489 _____ C:\Users\edwin\Desktop\bookmarks.html
2024-05-30 11:53 - 2024-05-30 11:53 - 000158963 _____ C:\Users\edwin\Desktop\bookmarks-2024-05-30.json
2024-05-30 01:26 - 2024-05-30 12:03 - 000000000 ____D C:\FRST
2024-05-30 01:23 - 2024-05-30 01:24 - 002395136 _____ (Farbar) C:\Users\edwin\Desktop\EnglishFRST64.exe
2024-05-30 00:52 - 2024-05-30 00:55 - 000000000 ____D C:\AdwCleaner
2024-05-30 00:52 - 2024-05-30 00:52 - 008790880 _____ (Malwarebytes) C:\Users\edwin\Desktop\adwcleaner.exe
2024-05-30 00:51 - 2024-05-30 00:51 - 000000000 ____D C:\Users\edwin\.tobii
2024-05-29 23:20 - 2024-05-30 11:55 - 000000000 ____D C:\Users\edwin\AppData\LocalLow\IGDump
2024-05-29 22:50 - 2024-05-30 11:46 - 000000000 ____D C:\Users\edwin\AppData\Local\Malwarebytes
2024-05-29 22:50 - 2024-05-29 22:50 - 000002104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-05-29 22:50 - 2024-05-29 22:50 - 000002092 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-05-29 22:50 - 2024-05-29 22:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-05-29 22:50 - 2024-05-29 22:50 - 000000000 ____D C:\Program Files\Malwarebytes
2024-05-29 22:37 - 2024-05-29 22:37 - 000001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk
2024-05-29 22:37 - 2024-05-29 22:37 - 000001174 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk
2024-05-29 22:36 - 2024-05-29 22:36 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security.lnk
2024-05-29 22:36 - 2024-05-29 22:36 - 000002189 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2024-05-29 22:36 - 2024-05-29 22:36 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2024-05-29 22:36 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2024-05-29 20:22 - 2024-05-29 20:22 - 000000000 __HDC C:\ProgramData\{7EBFED74-8F5C-4414-8682-AF7609E12521}
2024-05-29 19:56 - 2024-05-29 20:05 - 000000000 __HDC C:\ProgramData\~0
2024-05-29 19:33 - 2024-05-29 19:33 - 000000000 __HDC C:\ProgramData\{3A61A8E1-0191-401D-9C2B-5111A20CCC6F}
2024-05-29 19:32 - 2024-05-29 19:32 - 000002390 _____ C:\Users\edwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Access.lnk
2024-05-29 19:32 - 2024-05-29 19:32 - 000000000 ____D C:\Users\edwin\AppData\Roaming\Native Instruments
2024-05-29 19:32 - 2024-05-29 19:32 - 000000000 ____D C:\Users\edwin\AppData\Local\nativeaccess2-updater
2024-05-29 18:22 - 2024-05-29 18:22 - 000000000 ____D C:\Users\edwin\AppData\Roaming\LiquidSonics
2024-05-29 18:16 - 2024-05-29 18:16 - 000000000 ____D C:\ProgramData\LiquidSonics
2024-05-29 18:16 - 2024-05-29 18:16 - 000000000 ____D C:\Program Files\LiquidSonics
2024-05-29 17:03 - 2024-05-29 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avalon VT-747SP
2024-05-29 16:56 - 2024-05-29 16:56 - 000000000 ____D C:\Users\edwin\AppData\Local\Pulsar
2024-05-29 16:56 - 2024-05-29 16:56 - 000000000 ____D C:\ProgramData\Pulsar
2024-05-29 16:56 - 2024-05-29 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulsar Audio
2024-05-29 16:45 - 2024-05-29 16:45 - 000000000 ____D C:\Program Files\Common Files\Avid
2024-05-29 16:38 - 2024-05-29 22:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-05-27 21:40 - 2024-05-27 21:40 - 008837503 _____ C:\Users\edwin\Downloads\978-3-662-63495-0.pdf
2024-05-27 19:32 - 2024-05-29 22:13 - 000000000 ____D C:\Users\edwin\Downloads\Arturia
2024-05-27 17:07 - 2024-05-27 17:07 - 000914123 _____ C:\Users\edwin\Downloads\FAIA-325-FAIA200373.pdf
2024-05-27 16:13 - 2024-05-27 16:13 - 003675291 _____ C:\Users\edwin\Downloads\978-3-8349-9909-2.pdf
2024-05-27 15:55 - 2024-05-27 15:55 - 001799004 _____ C:\Users\edwin\Downloads\s40534-016-0117-3.pdf
2024-05-27 15:46 - 2024-05-27 15:46 - 002800765 _____ C:\Users\edwin\Downloads\Schaefer_Keppler_2013.pdf
2024-05-27 14:10 - 2024-05-27 14:10 - 000678625 _____ C:\Users\edwin\Downloads\s00287-017-1049-y.pdf
2024-05-27 14:09 - 2024-05-27 14:09 - 000103259 _____ C:\Users\edwin\Downloads\s35148-017-0182-x.pdf
2024-05-26 20:33 - 2024-05-26 20:33 - 002365722 _____ C:\Users\edwin\Downloads\WP-Konsumbezogenes-Ordnungsrecht.pdf
2024-05-26 19:36 - 2024-05-26 19:36 - 006158082 _____ C:\Users\edwin\Downloads\978-3-662-66998-3.pdf
2024-05-26 19:34 - 2024-05-26 19:34 - 000881708 _____ C:\Users\edwin\Downloads\VDA_04474_Normungsroadmap_A4_Web02-1.pdf
2024-05-26 19:33 - 2024-05-26 19:33 - 003623256 _____ C:\Users\edwin\Downloads\20210707-lbbw-corporate-research-mobilitaet-der-zukunft-autonomes-fahren_adck89tfc3_m-1.pdf
2024-05-26 16:43 - 2024-05-26 16:43 - 000388905 _____ C:\Users\edwin\Downloads\20200228_Tellerrand-autonomes-fahren_dickmanns.pdf
2024-05-26 13:32 - 2024-05-26 13:32 - 003623256 _____ C:\Users\edwin\Downloads\20210707-lbbw-corporate-research-mobilitaet-der-zukunft-autonomes-fahren_adck89tfc3_m.pdf
2024-05-25 21:48 - 2024-05-25 21:48 - 002122281 _____ C:\Users\edwin\Downloads\Motivation und Handlungsbedarf für Automatisiertes Fahren-1.pdf
2024-05-25 20:13 - 2024-05-25 20:13 - 016857844 _____ C:\Users\edwin\Downloads\FAT-Schriftenreihe_312.pdf
2024-05-25 19:20 - 2024-05-25 19:20 - 001548393 _____ C:\Users\edwin\Downloads\fat-schriftenreihe-276.pdf
2024-05-25 19:16 - 2024-05-25 19:16 - 003724341 _____ C:\Users\edwin\Downloads\FAT-Schriftenreihe_350.pdf
2024-05-25 19:15 - 2024-05-25 19:15 - 000881708 _____ C:\Users\edwin\Downloads\VDA_04474_Normungsroadmap_A4_Web02.pdf
2024-05-25 19:12 - 2024-05-25 19:12 - 000970466 _____ C:\Users\edwin\Downloads\FAT-Schriftenreihe_347.pdf
2024-05-25 17:57 - 2024-05-25 17:57 - 002599055 _____ C:\Users\edwin\Downloads\17-50-PB.pdf
2024-05-25 16:29 - 2024-05-25 16:29 - 000691960 _____ C:\Users\edwin\Downloads\roland_berger_urbane_mobilitaet_2030-2.pdf
2024-05-25 16:28 - 2024-05-25 16:28 - 000691960 _____ C:\Users\edwin\Downloads\roland_berger_urbane_mobilitaet_2030-1.pdf
2024-05-25 16:28 - 2024-05-25 16:28 - 000691960 _____ C:\Users\edwin\Downloads\roland_berger_urbane_mobilitaet_2030.pdf
2024-05-21 17:51 - 2024-05-21 17:51 - 000666487 _____ C:\Users\edwin\Downloads\(Philosophische Bibliothek_ 519) Kant, Immanuel - Grundlegung zur Metaphysik der Sitten-Meiner (2016).pdf
2024-05-21 17:34 - 2024-05-21 17:36 - 006204772 _____ C:\Users\edwin\Downloads\(Volume 39) Ernst Feil - Antithetik neuzeitlicher Vernunft_ »Autonomie - Heteronomie« und »rational - irrational«-Vandenhoeck & Ruprecht (1987).pdf
2024-05-21 10:38 - 2024-05-21 10:38 - 009243600 _____ C:\Users\edwin\Downloads\978-3-662-45854-9-3.pdf
2024-05-20 20:10 - 2024-05-20 20:10 - 001356616 _____ C:\Users\edwin\Downloads\FinalDigital_BAThesis_Bellino_BMwA3-B_48199.pdf
2024-05-20 20:05 - 2024-05-27 15:52 - 000000490 _____ C:\Users\edwin\Desktop\To-Do Bachelorarbeit.txt
2024-05-20 16:27 - 2024-05-20 16:27 - 009243600 _____ C:\Users\edwin\Downloads\978-3-662-45854-9-2.pdf
2024-05-20 12:23 - 2024-05-20 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2024-05-20 12:23 - 2021-03-09 15:07 - 000027744 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspLLL64.sys
2024-05-16 22:19 - 2024-05-29 22:30 - 000000000 ____D C:\Users\.tobii
2024-05-16 22:19 - 2024-05-16 22:19 - 000000036 _____ C:\Users\.tobii\tobii.tsc.id
2024-05-13 15:16 - 2024-05-13 15:16 - 000136884 _____ C:\Users\edwin\Downloads\Steuerreport 2023.pdf
2024-05-13 14:07 - 2024-05-13 14:07 - 000000000 ____D C:\ProgramData\Overloud
2024-05-12 15:51 - 2024-05-12 15:51 - 000000000 ____H C:\Users\edwin\MJKJRegInfo_I4HXU4CXO7RTUXPVB34C3QXNE63PV2RP
2024-05-12 15:51 - 2024-05-12 15:51 - 000000000 ____D C:\Users\edwin\Documents\Sidify Music Converter
2024-05-12 15:47 - 2024-05-12 15:56 - 000000000 ____D C:\Users\edwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sidify
2024-05-11 20:55 - 2024-05-13 14:17 - 000000000 ____D C:\Users\edwin\Desktop\Wichtiges
2024-05-11 14:37 - 2024-05-11 14:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Solid State Logic
2024-05-11 14:37 - 2024-05-11 14:37 - 000000000 ____D C:\Program Files\Solid State Logic
2024-05-09 13:17 - 2024-05-09 13:17 - 009243600 _____ C:\Users\edwin\Downloads\978-3-662-45854-9-1.pdf
2024-05-06 15:11 - 2024-05-06 15:11 - 009243600 _____ C:\Users\edwin\Downloads\978-3-662-45854-9.pdf
2024-05-06 14:44 - 2024-05-06 14:44 - 001641654 _____ C:\Users\edwin\Downloads\bonnefon.sm.pdf
2024-05-06 13:53 - 2024-05-06 13:53 - 007128008 _____ C:\Users\edwin\Downloads\978-3-658-27941-7.pdf
2024-05-03 15:03 - 2024-05-03 15:03 - 000000000 ____D C:\Users\edwin\AppData\Local\GOG.com
2024-05-03 10:50 - 2024-05-12 01:44 - 000000000 ____D C:\Users\edwin\AppData\Roaming\Modartt
2024-05-03 10:50 - 2024-05-03 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modartt
2024-05-03 10:34 - 2024-05-03 10:34 - 975209152 _____ (Image-Line) C:\Users\edwin\Downloads\flstudio_win64_21.2.3.4004.exe
2024-05-02 20:57 - 2024-05-02 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D16 Group
2024-05-02 20:56 - 2024-05-03 11:18 - 000000000 ____D C:\ProgramData\D16 Group
2024-05-02 20:56 - 2024-05-03 11:18 - 000000000 ____D C:\Program Files\D16 Group
2024-05-02 14:50 - 2024-05-03 11:19 - 000000000 ____D C:\Users\edwin\AppData\Roaming\D16 Group
2024-05-01 15:40 - 2024-05-01 15:40 - 000173213 _____ C:\Users\edwin\Downloads\dlr-magazin-160-automatisiertes-fahren.pdf
2024-05-01 09:21 - 2024-05-01 09:21 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
2024-04-30 20:20 - 2024-04-30 20:20 - 000273082 _____ C:\Users\edwin\Downloads\9783181023600-I.pdf
2024-04-30 20:14 - 2024-04-30 20:14 - 002375447 _____ C:\Users\edwin\Downloads\978-3-658-20953-7.pdf
2024-04-30 20:12 - 2024-04-30 20:12 - 002122281 _____ C:\Users\edwin\Downloads\Motivation und Handlungsbedarf für Automatisiertes Fahren.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-30 12:03 - 2023-09-03 16:48 - 001662900 _____ C:\Windows\system32\PerfStringBackup.INI
2024-05-30 12:03 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2024-05-30 11:58 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2024-05-30 11:57 - 2023-11-19 22:48 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-05-30 11:57 - 2023-10-31 13:36 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-05-30 11:57 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2024-05-30 11:56 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-30 11:55 - 2023-09-03 16:51 - 000000000 ____D C:\ProgramData\NVIDIA
2024-05-30 11:55 - 2022-05-25 21:05 - 000012288 ___SH C:\DumpStack.log.tmp
2024-05-30 11:55 - 2022-05-25 21:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-05-30 11:55 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState
2024-05-30 11:55 - 2022-05-07 07:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-05-30 11:32 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-30 11:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2024-05-30 00:57 - 2023-09-03 16:42 - 000000000 ____D C:\ProgramData\Lenovo
2024-05-30 00:56 - 2022-05-25 21:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-05-30 00:55 - 2023-09-03 16:42 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2024-05-30 00:53 - 2023-10-28 12:10 - 000000000 ____D C:\Users\edwin\AppData\Local\D3DSCache
2024-05-30 00:51 - 2023-10-28 11:30 - 000000000 ____D C:\Users\edwin
2024-05-30 00:51 - 2023-09-03 16:39 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-05-30 00:43 - 2024-04-25 14:52 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-29 23:16 - 2024-04-23 22:22 - 000000000 ____D C:\Users\edwin\AppData\Roaming\utorrent
2024-05-29 22:50 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-05-29 22:37 - 2023-11-04 17:00 - 000000000 ____D C:\Program Files\Common Files\AV
2024-05-29 22:36 - 2023-11-04 16:59 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2024-05-29 22:36 - 2022-05-07 07:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-05-29 22:34 - 2023-11-04 20:56 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-05-29 22:30 - 2023-10-28 14:11 - 000918944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-05-29 22:24 - 2023-11-04 16:56 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2024-05-29 22:14 - 2023-12-03 19:14 - 000001074 _____ C:\Users\edwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Waves Offload.lnk
2024-05-29 22:13 - 2023-10-28 19:14 - 000000000 ____D C:\Users\edwin\AppData\Local\CrashDumps
2024-05-29 20:22 - 2023-11-20 21:08 - 000000000 ___RD C:\Program Files\Native Instruments
2024-05-29 20:22 - 2023-11-19 22:57 - 000000000 ___RD C:\Program Files\Common Files\Native Instruments
2024-05-29 20:22 - 2023-11-19 12:19 - 000000000 ____D C:\Program Files\Common Files\VST3
2024-05-29 20:03 - 2024-02-27 10:42 - 000000000 ____D C:\Users\edwin\Desktop\Plugin Manager
2024-05-29 19:55 - 2023-11-04 18:00 - 000000000 ____D C:\Users\edwin\AppData\Local\Spotify
2024-05-29 19:55 - 2023-11-04 17:59 - 000000000 ____D C:\Users\edwin\AppData\Roaming\Spotify
2024-05-29 19:34 - 2023-11-19 22:58 - 000000000 _RSHD C:\Users\Public\Documents\Native Instruments
2024-05-29 19:07 - 2024-02-23 20:05 - 000000000 ____D C:\Users\Public\Documents\Sound Radix
2024-05-29 19:07 - 2024-02-23 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sound Radix
2024-05-29 19:07 - 2024-02-23 20:05 - 000000000 ____D C:\Program Files\Sound Radix
2024-05-29 18:27 - 2023-11-26 22:08 - 000000000 ____D C:\ProgramData\ValhallaVintageVerbPreferences
2024-05-29 18:27 - 2023-11-26 22:08 - 000000000 ____D C:\ProgramData\ValhallaVintageVerb
2024-05-29 18:02 - 2023-11-08 20:11 - 000005120 _____ C:\Users\edwin\PaceKeyChain
2024-05-29 17:36 - 2023-10-31 13:36 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-05-29 17:36 - 2023-10-31 13:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-05-29 17:21 - 2023-11-19 23:17 - 000000000 ____D C:\Users\edwin\AppData\Roaming\Kazrog
2024-05-29 17:03 - 2023-11-19 23:09 - 000000000 ____D C:\Program Files\Kazrog
2024-05-28 20:11 - 2023-11-19 22:03 - 000000000 ____D C:\Users\edwin\AppData\Roaming\vital
2024-05-28 19:55 - 2024-04-23 23:40 - 000000000 ____D C:\Users\edwin\AppData\Roaming\Eventide
2024-05-28 19:31 - 2024-04-23 23:18 - 000000000 ____D C:\Users\edwin\AppData\Roaming\Softube
2024-05-28 18:55 - 2023-11-09 23:32 - 000000000 ____D C:\Users\edwin\AppData\Roaming\Xfer
2024-05-27 21:25 - 2023-10-28 12:27 - 000000000 ____D C:\Users\edwin\AppData\Roaming\Microsoft\Word
2024-05-27 21:14 - 2023-11-11 15:44 - 000000000 ____D C:\Users\edwin\AppData\Roaming\Microsoft\Excel
2024-05-27 12:22 - 2022-05-25 21:06 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-27 01:26 - 2023-11-19 23:02 - 000000000 ____D C:\ProgramData\Kilohearts
2024-05-25 22:19 - 2023-12-03 17:23 - 000000000 ____D C:\Program Files\UA Connect
2024-05-25 19:39 - 2023-11-04 17:45 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3232964867-2300333657-1746155326-1001
2024-05-25 19:39 - 2023-11-04 17:45 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-05-25 19:39 - 2023-11-04 17:45 - 000002159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-05-25 11:51 - 2022-05-25 21:06 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-25 11:51 - 2022-05-25 21:06 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-21 22:12 - 2023-09-03 16:42 - 000000000 ____D C:\Program Files\Microsoft Office
2024-05-21 15:11 - 2023-10-28 12:12 - 000000000 ____D C:\Users\edwin\AppData\Local\packages
2024-05-20 21:02 - 2023-09-03 17:03 - 000000000 ____D C:\Windows\TempInst
2024-05-20 13:02 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-05-20 12:49 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2024-05-20 12:48 - 2022-05-25 21:06 - 000000000 ____D C:\ProgramData\Packages
2024-05-20 12:47 - 2022-05-25 21:05 - 000480576 _____ C:\Windows\system32\FNTCACHE.DAT
2024-05-20 12:45 - 2023-10-28 11:53 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\UNP
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\F12
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\UUS
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemApps
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\migwiz
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Dism
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\BrowserCore
2024-05-20 12:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2024-05-20 12:45 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
2024-05-20 12:40 - 2023-10-28 18:53 - 196465576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-05-20 12:40 - 2023-10-28 18:53 - 000000000 ____D C:\Windows\system32\MRT
2024-05-20 12:31 - 2022-05-25 21:08 - 003214336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-05-16 22:19 - 2024-01-04 19:23 - 000000000 ____D C:\Program Files (x86)\Zotero
2024-05-09 15:28 - 2024-01-04 19:24 - 000000000 ____D C:\Users\edwin\Zotero
2024-05-08 18:21 - 2023-10-28 12:27 - 000000000 ____D C:\Users\edwin\AppData\Roaming\Microsoft\Office
2024-05-08 17:36 - 2023-11-09 23:19 - 000000000 ____D C:\Users\edwin\AppData\Roaming\stemroller
2024-05-03 10:31 - 2023-11-19 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Softube
2024-05-03 10:31 - 2023-11-19 22:36 - 000000000 ____D C:\Program Files\Softube
2024-05-02 22:30 - 2024-04-23 22:23 - 000000000 ____D C:\Users\edwin\AppData\Local\BitTorrentHelper
2024-05-01 22:14 - 2023-12-03 17:23 - 000000000 ____D C:\Users\edwin\AppData\Local\Universal Audio
2024-05-01 21:58 - 2023-10-28 12:44 - 000000000 ____D C:\Users\edwin\AppData\Local\NVIDIA
2024-05-01 09:26 - 2024-04-25 14:51 - 000000000 ____D C:\Program Files (x86)\Google
==================== Files in the root of some directories ========
2023-11-25 20:58 - 2023-11-25 20:58 - 000000008 _____ () C:\Users\edwin\AppData\Roaming\20F37DDC5B8561C0437D548C8B8A734B
2023-11-25 20:58 - 2023-11-25 20:59 - 000000036 _____ () C:\Users\edwin\AppData\Roaming\79E3A062E3A53E9D580D702615732A77
2023-11-19 15:00 - 2023-11-19 15:00 - 000000498 _____ () C:\Users\edwin\AppData\Roaming\com.sonible.sipc.plist
2023-11-25 21:37 - 2024-05-29 22:20 - 000578356 _____ () C:\Users\edwin\AppData\Local\wle.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition.txt [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version: 22.05.2024 01
Ran by edwin (30-05-2024 12:04:17)
Running from C:\Users\edwin\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) (2023-10-28 15:22:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3232964867-2300333657-1746155326-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3232964867-2300333657-1746155326-503 - Limited - Disabled)
edwin (S-1-5-21-3232964867-2300333657-1746155326-1001 - Administrator - Enabled) => C:\Users\edwin
Gast (S-1-5-21-3232964867-2300333657-1746155326-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3232964867-2300333657-1746155326-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
[BEN/SCHULZ] bundle (HKLM\...\[BEN/SCHULZ] bundle 2020.6_is1) (Version: 2020.6 - [BEN/SCHULZ] & Team V.R)
Ableton Live 11 Suite (HKLM\...\{1A31FA12-E025-4D17-84CA-F012B56A88D0}) (Version: 11.0.0.0 - Ableton) Hidden
Ableton Live 11 Suite (HKLM-x32\...\{1f0fb310-1ad9-441c-83bd-7e82c426db15}) (Version: 11.0.0.0 - Ableton)
Ableton Push Driver v5.50.0 (HKLM\...\{8CE98F88-3F07-4338-A036-B66414F3FD66}) (Version: 5.50.0 - Ableton) Hidden
Antares Auto-Tune bundle (HKLM\...\Antares Auto-Tune bundle_is1) (Version: 9.1.0 - Antares & Team V.R)
Antares Auto-Tune Unlimited (HKLM\...\Antares Auto-Tune Unlimited_is1) (Version: 2021.12 - Antares & Team V.R)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Arturia Software Center 2.7.0 (HKLM-x32\...\Arturia Software Center_is1) (Version: 2.7.0 - Arturia)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15 - tippach engineering)
Augmented STRINGS 1.5.1 (HKLM-x32\...\Augmented STRINGS_is1) (Version: 1.5.1 - Arturia)
autochroma version 1.25 (HKLM\...\autochroma_is1) (Version: 1.25 - imagiro)
Avalon VT-747SP version 1.0.1 (HKLM-x32\...\{6ED9D338-9A9D-4029-BB96-DF14696062D4}_is1) (Version: 1.0.1 - Kazrog)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J470DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
Cableguys Kickstart 2.0.6 (HKLM\...\Kickstart 2_is1) (Version: 2.0.6 - Cableguys)
Cableguys ShaperBox 3.5.2 (HKLM\...\ShaperBox 3_is1) (Version: 3.5.2 - Cableguys)
Camel Audio CamelPhat64 (HKLM-x32\...\Camel Audio CamelPhat64) (Version: 3.50.0 - Camel Audio)
CapCut (HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\CapCut) (Version: 3.4.0.1211 - Bytedance Pte. Ltd.)
Cradle The God Particle version 1.0.0.0 (HKLM\...\Cradle The God Particle_is1) (Version: 1.0.0.0 - )
D16 Group Drumazon 2 (HKLM\...\D16 Group Drumazon 2_is1) (Version: 2.0.1 - D16 Group)
discoDSP Discovery Pro (HKLM\...\discoDSP Discovery Pro 6.8.1_is1) (Version: 6.8.1 - )
discoDSP OB-Xd 2.14 (HKLM\...\OBXD_is1) (Version: 2.14 - discoDSP)
DJHERCULESMIX Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 2.HDJS.2023 - Guillemot Corporation)
Eclipse Temurin JDK mit Hotspot 21.0.1+12 (x64) (HKLM\...\{CB5F7F9C-C87C-4DA7-ADE3-71CBC7EE8E24}) (Version: 21.0.1.12 - Eclipse Adoptium)
Efx FRAGMENTS 1.0.0 (HKLM-x32\...\Efx FRAGMENTS_is1) (Version: 1.0.0 - Arturia)
Endless Smile 1.0.0 (HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\Endless Smile) (Version: 1.0.0 - Dada Life)
Eventide Ensemble Bundle (HKLM\...\Eventide Ensemble Bundle_is1) (Version: 2.15.6 - Eventide)
FabFilter Total Bundle (HKLM\...\FabFilter Total Bundle_is1) (Version: 2021.5 - FabFilter & Team V.R)
FL Studio 21 (HKLM-x32\...\FL Studio 21) (Version: 21.2.0.3842 - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.113 - Google LLC)
Guitar Rig 6 (HKLM\...\Guitar Rig 6 Pro_is1) (Version: 6.2.2 - Native Instruments & Team V.R)
Gullfoss version 1.11.5 (HKLM\...\{D69381C3-D696-4D55-AE1C-D117FA62532C}_is1) (Version: 1.11.5 - Soundtheory)
HalfTime 1.0.1 (HKLM\...\HalfTime_is1) (Version: 1.0.1 - CableGuys & Team V.R)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{9B7D5CA0-5521-458D-88D9-AF7D9A06E753}) (Version: 11.1.072 - Intel Corporation)
iZotope Neutron 4 (HKLM\...\Neutron 4_is1) (Version: 4.4.0 - iZotope & Team V.R)
iZotope Ozone Pro (HKLM\...\{35E4D14A-2FA0-4A48-A4F5-935BB4158E67}_is1) (Version: 9.8.0 - iZotope & Team V.R)
Kaspersky Total Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
Kazrog True Iron (HKLM\...\True Iron_is1) (Version: 1.1.2 - Kazrog)
KClip version 3.5.1 (HKLM-x32\...\{D9347BD8-ED00-4067-9444-4334BF809713}_is1) (Version: 3.5.1 - Kazrog)
KIT BB N73 version 1.0.1 (HKLM\...\{0E65E0FE-4B91-4B3F-927B-1729C2BDE470}_is1) (Version: 1.0.1 - KIT Plugins LLC)
KORG M1 (HKLM\...\M1_is1) (Version: 2.3.1 - KORG)
KORG TRITON Extreme (HKLM\...\TRITON Extreme_is1) (Version: 1.0.2 - KORG)
LatencyMon 7.31 (HKLM\...\LatencyMon_is1) (Version: 7.31 - Resplendence Software Projects Sp.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.0.75.0 - Lenovo Group Ltd.)
Malwarebytes version 5.1.4.112 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.4.112 - Malwarebytes)
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.17531.20152 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.67 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.67 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.091.0505.0003 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.17531.20152 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 126.0.1 (x64 de)) (Version: 126.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 119.0 - Mozilla)
Native Access 3.11.1 (HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\c410b7d2-8fce-53b3-8332-e98b6e89a16a) (Version: 3.11.1 - Native Instruments)
Native Instruments Creator Tools (HKLM-x32\...\Native Instruments Creator Tools) (Version: 1.4.0.0 - Native Instruments)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.6.1.139 - Native Instruments)
Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.18.0.0 - Native Instruments)
Native Instruments Raum (HKLM-x32\...\Native Instruments Raum) (Version: 1.3.3.22 - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.4.0.73 - Native Instruments)
NUGEN Audio Stereoizer 3 (HKLM\...\Stereoizer 3_is1) (Version: 3.4.0.1 - NUGEN Audio)
NVIDIA Broadcast 1.4.0.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIABroadcast) (Version: 1.4.0.29 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.114 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.114 - NVIDIA Corporation)
NVIDIA Grafiktreiber 546.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.01 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
oeksound soothe2 (HKLM\...\soothe2_is1) (Version: 1.1.2 - oeksound)
oeksound spiff (HKLM\...\spiff_is1) (Version: 1.3.0 - oeksound)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17531.20152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
OTT by Xfer Records (HKLM-x32\...\OTT) (Version: - )
PACE License Support Win64 (HKLM\...\{AE2ED717-4D24-4abd-8357-B7E86353113E}) (Version: 5.9.0.4455 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{AE2ED717-4D24-4abd-8357-B7E86353113E}) (Version: 5.9.0.4455 - PACE Anti-Piracy, Inc.)
Phaser74 version 0.01 (HKLM\...\Phaser74_is1) (Version: 0.01 - )
Pianoteq Studio version 6.7.0 (HKLM\...\Pianoteq Studio_is1) (Version: 6.7.0 - Modartt)
Plugin Alliance ADPTR MetricAB (HKLM\...\ADPTR MetricAB_is1) (Version: 1.4.0 - Plugin Alliance)
Plugin Alliance Installation Manager 1.2.4 (HKLM-x32\...\Plugin Alliance Installation Manager_is1) (Version: - Plugin Alliance)
Pulsar Audio Pulsar Massive (HKLM\...\Pulsar Massive_is1) (Version: 1.0.8 - Pulsar Audio)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Reveal Sound Spire (HKLM\...\Reveal Sound Spire_is1) (Version: 1.5.16.5294 - Reveal Sound)
Roland VS SRX ELECTRIC PIANO (HKLM\...\SRX ELECTRIC PIANO_is1) (Version: 1.0.2 - Roland VS)
Roland VS SRX ORCHESTRA (HKLM\...\SRX ORCHESTRA_is1) (Version: 1.0.8 - Roland VS)
Serato DJ Pro (HKLM\...\{AA605485-D44F-4A3E-91BF-8946CD0D424A}) (Version: 3.0.12.266 - Serato Limited) Hidden
Serato DJ Pro (HKLM-x32\...\{c40351fc-c7b7-4f90-8f60-bd617402f7c5}) (Version: 3.0.12.266 - Serato Limited)
Seventh Heaven version 1.5.1 (HKLM\...\{39AAAED0-CFDF-40E3-AEC7-FBE2A7CE0708}_is1) (Version: 1.5.1 - LiquidSonics)
Skaka version 1.1.3 (HKLM\...\Skaka_is1) (Version: 1.1.3 - Klevgrand)
Slate Digital Fresh Air (HKLM\...\{af2fe7e8-08f8-4c81-b875-ec4c7a97a204}Slate Digi~4955043A_is1) (Version: 1.0.3.0 - Slate Digital)
Slate Digital Heatwave (HKLM\...\{af2fe7e8-08f8-4c81-b875-ec4c7a97a204}Slate Digi~4DF865E7_is1) (Version: 1.0.0 - Slate Digital)
smart:comp 2 1.0.3 (HKLM\...\smart:comp 2_is1) (Version: 1.0.3 - sonible)
smart:EQ 3 1.2.4 (HKLM\...\{5610F012-50D4-4E7A-BE2B-3431ABFA8F97}_is1) (Version: 1.2.4 - sonible)
smart:limit 1.1.4 (HKLM\...\{2A462C83-2A65-4EBC-B666-2AECCB6F526E}_is1) (Version: 1.1.4 - sonible)
Softube Drawmer S73 (HKLM\...\Drawmer S73_is1) (Version: 2.5.9 - Softube)
Softube Harmonics Analog Saturation Processor (HKLM\...\Harmonics Analog Saturation Processor_is1) (Version: 2.5.9 - Softube)
Softube TSAR-1 Reverb (HKLM\...\TSAR-1 Reverb_is1) (Version: 2.5.9 - Softube)
Sonic Academy ANA2 Ultra Bundle (HKLM\...\ANA2 Ultra Bundle_is1) (Version: 2.0.99 - Sonic Academy)
Sonic Charge Synplant (HKLM-x32\...\Sonic Charge Synplant) (Version: 2.0 - NuEdge Development)
Sonnox Oxford Inflator Native 3.17.0.191 (HKLM-x32\...\Oxford Inflator Native_is1) (Version: 3.17.0.191 - Sonnox Ltd, Oxford, UK)
SonoBus version 1.6.2 (HKLM\...\SonoBus_is1) (Version: 1.6.2 - )
Sound Radix Drum Leveler (HKLM\...\Sound Radix Drum Leveler_is1) (Version: 1.2.1 - Sound Radix)
Sound Radix SurferEQ (HKLM\...\SurferEQ_is1) (Version: 2.1.0 - Sound Radix)
Soundtoys Little Plate 5 64 bit (HKLM\...\Little Plate 5 64 bit_is1) (Version: - Soundtoys Inc)
Spotify (HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\Spotify) (Version: 1.2.38.720.ga4a70a0e - Spotify AB)
SSL USB Audio Driver v5.58.05 (HKLM\...\{C28825F9-E487-4B61-8644-694A9B1B18CC}) (Version: 5.58.05 - Solid State Logic)
Streamliner (HKLM\...\ADPTR Streamliner_is1) (Version: 1.1.0 - ADPTR Audio-Plugin Alliance)
Sugar Bytes WOW2 2.2.2 (HKLM\...\WOW2_is1) (Version: 2.2.2 - Sugar Bytes)
Togu Audio Line TAL-U-NO-LX (HKLM\...\TAL-U-NO-LX_is1) (Version: 4.5.4 - Togu Audio Line)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.02 - Ghisler Software GmbH)
Trash version 2.0.5 (HKLM-x32\...\{4C809F87-3910-4E10-BEF2-F3C6FEA94E2E}_is1) (Version: 2.0.5 - iZotope)
UA Connect 1.4.14 (HKLM\...\c62e79ae-2230-5c20-9316-dd448d27d77b) (Version: 1.4.14 - Universal Audio, Inc.)
Valhalla DSP Valhalla VintageVerb (HKLM\...\Valhalla DSP Valhalla VintageVerb_is1) (Version: 3.0.0 - Valhalla DSP)
VISION 4X version 1.0.3-908 (HKLM\...\VISION 4X_is1) (Version: 1.0.3-908 - )
Vital version 1.5.5 (HKLM\...\Vital_is1) (Version: 1.5.5 - )
Voxengo SPAN (HKLM\...\Voxengo SPAN_is1) (Version: 3.11 - Voxengo)
Wave Alchemy Glow (HKLM\...\Wave Alchemy Glow_is1) (Version: 1.0.2 - Wave Alchemy)
Waves Central (HKLM\...\{ab507e17-892b-5203-838d-d58d8d09c50f}) (Version: 14.4.3 - Waves Audio Ltd)
Wavesfactory Spectre (HKLM\...\Spectre_is1) (Version: 1.5.5 - Wavesfactory)
Wavesfactory Trackspacer (HKLM\...\Trackspacer_is1) (Version: 2.5.7 - Wavesfactory)
WinRAR 6.24 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
Xfer Records Serum (HKLM-x32\...\Serum) (Version: 1.368 - Xfer Records)
XLN Audio RC-20 Retro Color (HKLM\...\RC-20 Retro Color_is1) (Version: 1.0.5 - XLN Audio)
Yamaha Steinberg USB Driver (HKLM\...\{0D804065-3B36-4C98-8565-21BECA0A290D}) (Version: 2.0.4 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\yUninstall_{2938B185-2D57-47B0-9FC8-C90A67BA9277}) (Version: 2.0.4 - Yamaha Corporation)
Zotero (HKLM-x32\...\Zotero 6.0.30 (x86 en-US)) (Version: 6.0.30 - Corporation for Digital Scholarship)
Zynaptiq ADAPTIVERB 1.2.1 (x64) (HKLM\...\{C96ECFC9-AB93-48f0-ABC7-F19D4A6558DA}) (Version: 1.2.1 Build 1 - Zynaptiq)
Zynaptiq INTENSITY (HKLM\...\INTENSITY_is1) (Version: 1.2.0 - Zynaptiq)
Zynaptiq MORPH 2.3.1 (x64) (HKLM\...\{6DB129F3-FF2E-4B62-94FC-91D314043348}) (Version: 2.3.1 Build 5 - Zynaptiq)
Zynaptiq PITCHMAP 1.7p (x64) (HKLM\...\{93B2EAD7-3D33-40ac-80DF-5FEDE8BAEF7B}) (Version: 1.7p Build 72 - Zynaptiq)
Zynaptiq UNCHIRP 1.0.2p (x64) (HKLM\...\{BA32EBF4-658B-4e07-936E-756869389B40}) (Version: 1.0.2p - Zynaptiq)
Zynaptiq UNFILTER 1.3.2p (x64) (HKLM\...\{2BE377AA-76F9-4d1e-A216-9B9F927EAD6E}) (Version: 1.3.2p Build 7 - Zynaptiq)
Zynaptiq UNMIX DRUMS 1.0.3 (x64) (HKLM\...\{A69D5782-6E75-49AE-8559-FFDE2AD3DE29}) (Version: 1.0.3 Build 5 - Zynaptiq)
Zynaptiq UNVEIL 1.7.9p (x64) (HKLM\...\{9995F14D-560C-4082-ACCA-D4FBA0A9F372}) (Version: 1.7.9p Build 4 - Zynaptiq)
Zynaptiq WORMHOLE 1.1.2 (x64) (HKLM\...\{72EF2D70-2DED-4b3a-A13F-2A9E9A84FAC3}) (Version: 1.1.2 Build 4 - Zynaptiq)
Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5487.0_x64__8j3eq9eme6ctt [2024-05-13] (INTEL CORP) [Startup Task]
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2403.25.0_x64__k1h2ywk1493x8 [2024-04-16] (LENOVO INC.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21002.0_x64__8wekyb3d8bbwe [2024-04-08] (Microsoft Corporation) [Startup Task]
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.1293.0_x64__8wekyb3d8bbwe [2024-05-25] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-20] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-11-04] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24051.39.0_x64__cw5n1h2txyewy [2024-05-30] (Microsoft Windows) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-25] (NVIDIA Corp.)
WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-10-28] (Microsoft Corp.)
Windows App Runtime DDLM 2000.802.31.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x6_2000.802.31.0_x64__8wekyb3d8bbwe [2023-10-28] (Microsoft Corporation)
Windows App Runtime DDLM 2000.802.31.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.802.31.0-x8_2000.802.31.0_x86__8wekyb3d8bbwe [2023-10-28] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-05-20] (Microsoft Windows)
Windows Package Manager Source (platform) -> C:\Program Files\WindowsApps\Microsoft.Winget.Platform.Source_2024.105.1947.899_neutral__8wekyb3d8bbwe [2024-04-02] (Microsoft Corporation)
WinRAR -> E:\WinRAR [2023-11-04] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3232964867-2300333657-1746155326-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\edwin\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-3232964867-2300333657-1746155326-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
CustomCLSID: HKU\S-1-5-21-3232964867-2300333657-1746155326-1001_Classes\CLSID\{A7F69DDF-0DDE-450E-AFBF-4E449E90E980}\localserver32 -> E:\FL-Studio\System\Tools\Bridge\64bit\ilbridge.exe (Image Line -> Image-Line)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2024-05-29] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2024-05-29] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-29] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2024-05-29] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_3cf5f53c459bdb0f\nvshext.dll [2023-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2024-05-29] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-29] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-02-20 18:04 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2024-02-20 18:04 - 2012-10-19 14:02 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:EEF49EE5D3688B03 [217]
AlternateDataStreams: C:\Users\All Users:EEF49EE5D3688B03 [217]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:EEF49EE5D3688B03 [217]
AlternateDataStreams: C:\Users\edwin\Desktop\adwcleaner.exe:MBAM.Zone.Identifier [141]
AlternateDataStreams: C:\Users\edwin\Desktop\EnglishFRST64.exe:MBAM.Zone.Identifier [193]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:/Program Files (x86)/Internet Explorer/Citavi Picker/x64/SwissAcademic.Citavi.IEPicker.DLL => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-11] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\sharepoint.com -> hxxps://bwedu-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Eclipse Adoptium\jdk-21.0.1.12-hotspot\bin;%C_EM64T_REDIST11%bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;E:\Serato\QuickTime\QTSystem\
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\edwin\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Logo (Desktop-Hintergrund).png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Ableton Push Control Panel Autostart.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WavesLocalServer.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Hercules DJ Series TrayAgent"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "BrHelp"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_F0FC7AB6BAD7053DFDF75947A8B23F71"
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\StartupApproved\Run: => "LenovoVantageToolbar"
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\StartupApproved\Run: => "electron.app.Notion"
HKU\S-1-5-21-3232964867-2300333657-1746155326-1001\...\StartupApproved\Run: => "electron.app.UA Connect"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{65F9DB81-F5B2-4A7A-BCCA-A5E3FAB01006}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AE028EB5-9A71-420E-B025-0990871F86DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{26CD2474-993E-4D6D-B303-F016A5077311}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8C9739F6-B847-4464-999D-720E3E57A1DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F77BB5A1-95A4-4FFB-9E95-4E5E57006BAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4E29D2EE-3AA2-437E-9AA9-B75A5E17EA41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BFB9544F-A922-43B0-83F5-626100AEE363}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E14D7350-BA60-456B-8CB7-DB4A5ED8B92C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23258.704.2395.9691_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4937C24B-C2AB-4A6E-A615-0BC848519909}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23258.704.2395.9691_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F50E0011-FC12-4B76-9A92-017440F33180}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23275.702.2421.2406_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{83BDB229-EF77-48BD-AA40-D65EEA2A8FCE}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23275.702.2421.2406_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1793C380-15D4-46A2-861B-3315DDFC3BEC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CFFA5B44-B4AE-459A-B040-7781B3AE083B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{55F6DDBF-9A1C-48C5-A03E-42EDDC16ED5A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{051761A6-F403-43A5-99F0-D8AA71F45C55}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D353550D-023E-4B2B-82BF-FB4ED1FB622E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{62E91CD2-59EC-4659-9CB3-73553B0F77BD}] => (Allow) E:\Steam\Steam.exe => No File
FirewallRules: [{B9F8DC7E-94BC-40E0-90A3-950FA8CED32D}] => (Allow) E:\Steam\Steam.exe => No File
FirewallRules: [{76800CD5-5E1C-4A9A-B73D-690A180C347B}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{E93C8073-223D-4DFD-A3CD-7D16BA7975E9}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{FC40D2F4-1EB3-44F0-8B00-DE2FAD318DF8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8A704005-C363-45B6-9549-8576846B32EC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BF0DC631-C6E3-43CA-8EF3-BBC7497EBE91}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0F4024D2-8542-4A92-9201-9AE381E8A361}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B047E2EF-DBC1-4F63-889E-446CB3D76E8A}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24033.813.2773.520_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EEFA7A92-4DE1-4BF9-9CBA-F5CB4F16387B}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24033.813.2773.520_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9C2BD7CC-B4F0-4C67-9C52-459509E83435}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D2BDAAA-C167-4505-9819-08993CEEE6BA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9FF30192-921C-4C5C-B66A-F3D3B72A8038}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0EAAF36-31B5-4067-95A9-3F6F0123364B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
29-05-2024 14:38:10 Windows Update
30-05-2024 00:55:30 AdwCleaner_BeforeCleaning_30/05/2024_00:55:29
==================== Faulty Device Manager Devices ============
Name: Nahimic VAD
Description: Nahimic VAD
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Nahimic
Service: NahimicXVAD
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Nahimic mirroring device
Description: Nahimic mirroring device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Nahimic
Service: Nahimic_Mirroring
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: NVIDIA Broadcast
Description: NVIDIA Broadcast
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvrtxvad_WaveExtensible
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Lenovo UEFI System Firmware 1.36
Description: Lenovo UEFI System Firmware 1.36
Class Guid: {f2e7dd72-6468-4e36-b6f1-6488f42c1b52}
Manufacturer: Lenovo Ltd.
Service:
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Nahimic Easy Surround device
Description: Nahimic Easy Surround device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Nahimic
Service: NahimicBTLink
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (05/30/2024 11:55:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Edwin-Laptop.local. AAAA FE80:0000:0000:0000:6D24:BD69:070E:8EF2
Error: (05/30/2024 11:55:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.66:5353 16 Edwin-Laptop.local. AAAA 2003:00C3:4F0E:0000:03DC:627C:6187:1201
Error: (05/30/2024 11:55:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Edwin-Laptop.local. Addr 192.168.178.66
Error: (05/30/2024 11:55:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.66:5353 16 Edwin-Laptop.local. AAAA 2003:00C3:4F0E:0000:03DC:627C:6187:1201
Error: (05/30/2024 01:13:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Edwin-Laptop.local already in use; will try Edwin-Laptop-2.local instead
Error: (05/30/2024 01:13:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 Edwin-Laptop.local. Addr 192.168.178.66
Error: (05/30/2024 01:13:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.66:5353 16 Edwin-Laptop.local. AAAA FD00:0000:0000:0000:9D9D:63E4:ACB5:0C9D
Error: (05/30/2024 12:56:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Edwin-Laptop.local already in use; will try Edwin-Laptop-2.local instead
System errors:
=============
Error: (05/30/2024 11:57:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (05/30/2024 11:57:42 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.
Error: (05/30/2024 12:58:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (05/30/2024 12:58:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.
Error: (05/30/2024 12:55:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Realtek Audio Universal Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/30/2024 12:55:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Universal Device Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/30/2024 12:55:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Critical Service for Lenovo Vantage" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/30/2024 12:55:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Graphics Command Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
================
Date: 2023-11-04 20:38:35
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {97E321C2-A6C8-463B-A060-D26732934B32}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-11-04 20:08:25
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {6A03BCC3-22D3-4A97-9666-463A3E8E7B46}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
CodeIntegrity:
===============
Date: 2024-05-30 12:02:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2024-05-30 12:02:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-05-30 12:00:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO M0CN35WW 12/19/2023
Motherboard: LENOVO LNVNB161216
Processor: 13th Gen Intel(R) Core(TM) i7-13700H
Percentage of memory in use: 21%
Total physical RAM: 32492.05 MB
Available physical RAM: 25411.05 MB
Total Virtual: 34540.05 MB
Available Virtual: 26922.03 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:951.65 GB) (Free:830.1 GB) (Model: SAMSUNG MZVL21T0HCLR-00BL2) NTFS
Drive d: (FLKEY) (Removable) (Total:0 GB) (Free:0 GB) FAT
Drive e: (Volume) (Fixed) (Total:1863 GB) (Free:1063.07 GB) (Model: Samsung SSD 990 PRO 2TB) NTFS
\\?\Volume{fa37d646-9774-4350-912f-6afa839f2454}\ (WINRE_DRV) (Fixed) (Total:1.95 GB) (Free:1.09 GB) NTFS
\\?\Volume{dd0213ca-f703-45de-a703-dafe73233173}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 9EE0A06C)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 192 KB) (Disk ID: 0FF695D5)
Partition 1: (Not Active) - (Size=161 KB) - (Type=0E)
==================== End of Addition.txt =======================
|
|
30.05.2024, 18:28
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 11: verdächtige/unbekannte Datei in Benutzerordner Erstmal du hier auf diesen Quatsch verzichten: Zitat:
Zweitens: ich seh da sehr viel gecrackte Software. Du wirst nie ein vertrauenswürdiges System haben, wenn du Software aus Schrottquellen gecrackt verwendest.  Cracks, Keygens und andere illegale SoftwareBitte lesen => Cracks, Keygens und andere illegale Software Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.06.2024, 16:46
| #5 |
| /// TB-Ausbilder | Windows 11: verdächtige/unbekannte Datei in Benutzerordner Fehlende Rückmeldung Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Alle anderen bitte hier klicken und ein eigenes Thema erstellen! |
|
| Themen zu Windows 11: verdächtige/unbekannte Datei in Benutzerordner |
| administrator, bytes, datei, download, einstellungen, entdeck, folge, frage, hallo zusammen, installiert, kaspersky, laptop, malware, malwarebytes, meldung, nichts, nutzen, performance, problem, rootkits, seite, trojaner, trojanern, verdacht, verdacht auf trojaner, virus ?, windows, öffnen |
Linear-Darstellung
