Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Alles rund um Windows (https://www.trojaner-board.de/alles-rund-um-windows/)
-   -   Windows 10 Festplatte füllt sich ständig von alleine auch ohne Programmausführung! (https://www.trojaner-board.de/197730-windows-10-festplatte-fuellt-staendig-alleine-ohne-programmausfuehrung.html)

KiwiSB 03.02.2020 12:32
Windows 10 Festplatte füllt sich ständig von alleine auch ohne Programmausführung!
 
hier der "Addition"-Text:

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
durchgeführt von Marcus (03-02-2020 11:35:01)
Gestartet von C:\Users\Marcus\Desktop\Farbar Recovery Scan Tool
Windows 10 Pro Version 1909 18363.592 (X64) (2019-10-08 16:08:47)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2263560041-3636778381-2339849275-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2263560041-3636778381-2339849275-503 - Limited - Disabled)
Gast (S-1-5-21-2263560041-3636778381-2339849275-501 - Limited - Disabled)
Marcus (S-1-5-21-2263560041-3636778381-2339849275-1001 - Administrator - Enabled) => C:\Users\Marcus
WDAGUtilityAccount (S-1-5-21-2263560041-3636778381-2339849275-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Trend Micro Internet Security (Enabled - Up to date) {AFEE279F-FAE7-BAEE-3A88-4BF7277B8551}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Trend Micro Internet Security (Enabled - Up to date) {90387C74-1C56-9484-893C-8ADCB2906C3D}
AS: Trend Micro Internet Security (Enabled - Up to date) {2B599D90-3A6C-9B0A-B38C-B1AEC9172680}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acronis True Image (HKLM-x32\...\{97F880B8-30EB-4E94-A142-0D2AE3601BC8}) (Version: 23.4.14690 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{97F880B8-30EB-4E94-A142-0D2AE3601BC8}Visible) (Version: 23.4.14690 - Acronis)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{C3A282C9-4C8B-4A63-B449-3A064FB378D7}) (Version: 8.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{CC046FB9-E84E-4092-B924-DBE33DA2BE75}) (Version: 8.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Aquantia(R) AQtion Network Adapter Drivers (64 bit) (HKLM\...\{1DB41E52-3CE7-487D-AA2A-AD3EC0F9023F}) (Version: 2.1.005.0 - Aquantia)
BKI Formulare DIN276 v3 (HKLM-x32\...\{D0C83A06-54CC-476C-AFE6-D5CE0335CADD}) (Version: 3.00.0000 - Baukosteninformationszentrum Deutscher Architektenkammern GmbH)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boris Graffiti 7 for Corel VideoStudio Pro X9 64-Bit (HKLM\...\{9C246583-D390-4910-B740-431F89FACC2E}) (Version: 7.0.0001 - Boris FX, Inc.)
Brandschutzatlas (HKLM-x32\...\vrm_Coll_vrm) (Version:  - Rudolf Müller Mediengruppe)
Cardo Update 1.0.1 (HKLM-x32\...\{1df36462-58f9-538c-9cdd-480c8780cceb}) (Version: 1.0.1 - Cardo Systems Ltd.)
ChrisPC Win Experience Index 5.20 (HKLM-x32\...\{1116089C-14B5-1A23-8113-6124567ABCDE}_is1) (Version:  - Chris P.C. srl)
Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.5.1.84 - MAGIX Software GmbH)
Contents (HKLM-x32\...\{C8A4DA60-6A94-4627-B7C9-DB6223D531FE}) (Version: 1.0.0.146 - Corel Corporation) Hidden
Contents64 (HKLM\...\{C2D307EA-96F8-4F6E-880E-E244779D8477}) (Version: 19.5.0.35 - Corel Corporation) Hidden
Corel AfterShot 3 - ICA x64 (HKLM\...\{FE875B02-11A1-4D1E-B57A-8DE2C00C0B51}) (Version: 3.5 - Corel Corporation) Hidden
Corel AfterShot 3 - IPM Content x64 (HKLM\...\{3E064BED-C9D8-4BEF-A2EE-8D67E99C3932}) (Version: 3.4 - Corel Corporation) Hidden
Corel AfterShot 3 - IPM x64 (HKLM\...\{5059B47C-4D7B-46E9-9D7A-1E2FCF5DDBED}) (Version: 3.5.0.350 - Corel Corporation) Hidden
Corel AfterShot 3 x64 (HKLM\...\{05745FF5-A5C1-4A7B-8236-F3EC4119220F}) (Version: 3.5 - Corel Corporation) Hidden
Corel AfterShot 3(64-bit) (HKLM\...\_{FE875B02-11A1-4D1E-B57A-8DE2C00C0B51}) (Version: 3.5.0.350 - Corel Corporation)
Corel FastFlick (HKLM-x32\...\_{10EC8494-8A92-49D8-9677-2483EB01F7F1}) (Version: 1.0.0.146 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{8616305F-122C-4341-9C37-47A9CD322AB2}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{8616305F-122C-4341-9C37-47A9CD322AB2}) (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{4DD94E1E-998D-414B-953C-9BAC44E4CCDD}) (Version: 17.1.572 - Corel Corporation) Hidden
Corel PaintShop Pro 2018 (HKLM-x32\...\_{6000096B-318C-40F8-A450-043B6A602D16}) (Version: 20.2.0.1 - Corel Corporation)
Corel PaintShop Pro 2018 (HKLM-x32\...\{5A150D1D-326B-4C75-8984-2D2C602D1CA1}) (Version: 20.2.0.1 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{67881956-8135-4804-9465-BA1419010638}) (Version: 2.3.180 - Corel corporation) Hidden
Corel Update Manager (HKLM\...\{AF3E1983-6B8F-4D66-81BD-1900FF5730E3}) (Version: 2.9.386 - Corel corporation) Hidden
Corel Update Manager (HKLM\...\{B6C0FB43-0C9B-46E6-93E4-DF171ED80C53}) (Version: 2.9.389 - Corel corporation) Hidden
Corel Update Manager (HKLM-x32\...\{3F8C582C-B21D-49EC-AD5F-C9890041A0CC}) (Version: 2.3.180 - Corel corporation) Hidden
Corel VideoStudio Ultimate X9 (HKLM-x32\...\_{EE80DAA0-0071-475C-A222-F1782888FC55}) (Version: 19.5.0.35 - Corel Corporation)
Corel WinDVD Lite (HKLM-x32\...\_{0E112694-D8B8-423F-A424-F2F7EB1C1178}) (Version: 11.7.0.3 - Corel Corporation)
CorelDRAW Home & Student Suite X7 - Capture (HKLM-x32\...\{8CCD62D0-57BB-44E9-9C93-330A68E3BD5B}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Common (HKLM-x32\...\{BD30CB1C-0180-4153-80ED-B5AE197BE234}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Connect (HKLM-x32\...\{62360B9B-4B45-4068-8D88-9DA12E0FB268}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Custom Data (HKLM-x32\...\{3A665B39-A5A8-47FD-8C4C-D8D06D2BE102}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - DE (HKLM-x32\...\{B8467107-1A08-42A9-8E91-417DC4C10AE5}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - DrawHome (HKLM-x32\...\{CE5BE087-7B19-43F4-950F-CE4BC6BBD4A3}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Filters (HKLM-x32\...\{8DCF04B5-AE81-4070-BA78-6255A80069E3}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - FontNav (HKLM-x32\...\{6AAB0055-3642-434A-A0F6-842A9AFB1FE2}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - IPM (HKLM-x32\...\{C4C6CC00-3D4B-4006-A11B-FC2E4EB9672E}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - IPM Content (HKLM-x32\...\{8E09BAC6-D27D-49EB-B88D-FCE818E5476D}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - PPHome (HKLM-x32\...\{263B9543-61A9-4B0C-894F-088258AD2ED9}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Redist (HKLM-x32\...\{AF2508E5-E1FC-49E2-97EE-3423521B930D}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Setup Files (HKLM-x32\...\{39212C63-B2E9-4ECB-8F91-6E41990093E1}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - VideoBrowser (HKLM-x32\...\{E8B97713-99F8-4503-9644-83192ADB9357}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Writing Tools (HKLM-x32\...\{155E8961-3C9B-4BEF-B638-4AA1955435A2}) (Version: 17.1 -  Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 (HKLM-x32\...\_{39212C63-B2E9-4ECB-8F91-6E41990093E1}) (Version: 17.1.0.572 - Corel Corporation)
CorelDRAW Home & Student Suite X7 (HKLM-x32\...\{2D800669-1238-4C6B-AC3B-7DB71FD63CF2}) (Version: 17.1 - Corel Corporation) Hidden
Creator NXT 7 Content (HKLM-x32\...\{246D31A0-7B8A-41EA-8E31-33C2F2F26B53}) (Version: 20.0.021 - Roxio) Hidden
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.7.2 - REINER SCT)
DAirRegistration (HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\...\{6ead8543-679b-4f9e-bc8a-d305f6b2b4fc}) (Version: 0.9.3.5 - Dainese)
DBD-Baupreise für STLB-Bau (HKLM-x32\...\{FB9E2E73-9F08-4F88-A140-ED74EFC5FB73}) (Version: 18.10.0003 - Dr. Schiller & Partner GmbH)
DBD-Kostenelemente - Einzelplatz, Server (HKLM-x32\...\{E724C24B-D93B-45FB-8005-C7CDBFB96DC4}) (Version: 18.10.0006 - Dr. Schiller & Partner GmbH )
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.71 - NVIDIA Corporation) Hidden
EPSON WF-7620 Series Printer Uninstall (HKLM\...\EPSON WF-7620 Series) (Version:  - SEIKO EPSON Corporation)
F-Stream Tuning v2.0.271 (HKLM-x32\...\F-Stream Tuning_is1) (Version: 2.0.271 - ASRock Inc.)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HTML.Browser.Framework 4.0.1 (x64) (HKLM\...\{12E8A0DB-723A-4BED-B4BE-214D6DC51CF3}) (Version: 4.0.123 - Dr. Schiller & Partner GmbH)
HTML.Browser.Framework 4.0.1 (x86) (HKLM-x32\...\{616229A2-9222-4D24-B604-BA74077840CE}) (Version: 4.0.124 - Dr. Schiller & Partner GmbH)
ICA (HKLM-x32\...\{0E112694-D8B8-423F-A424-F2F7EB1C1178}) (Version:  - Corel Corporation) Hidden
ICA (HKLM-x32\...\{10EC8494-8A92-49D8-9677-2483EB01F7F1}) (Version: 1.0.0.146 - Corel Corporation) Hidden
ICA (HKLM-x32\...\{6000096B-318C-40F8-A450-043B6A602D16}) (Version: 20.2.0.1 - Corel Corporation) Hidden
ICA (HKLM-x32\...\{EE80DAA0-0071-475C-A222-F1782888FC55}) (Version: 19.5.0.35 - Corel Corporation) Hidden
ICA (HKLM-x32\...\{FD799776-5758-48E4-8523-328AC68F3D7A}) (Version: 1.0.0.167 - Corel Corporation) Hidden
iCloud (HKLM\...\{4E727621-3550-4CE0-883E-F27D7D7E0D2C}) (Version: 7.16.0.15 - Apple Inc.)
imagePROGRAF Printer Driver Extra Kit (HKLM-x32\...\{A2FF9286-F7D9-43B9-8CA2-11D48A08810B}) (Version: 2.11.00 - Canon)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1823.12.0.1137 - Intel Corporation)
Intel(R) Network Connections 23.2.0.1006 (HKLM\...\PROSetDX) (Version: 23.2.0.1006 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6195 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.7.0.1009 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c700a043-5a4c-4d61-aa88-6c4191f25b64}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1031-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{262e9c1d-e509-4e2a-86e8-0abb312ac2e9}) (Version: 10.1.17765.8094 - Intel(R) Corporation) Hidden
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)
IPM (HKLM-x32\...\{E9305062-DD94-4CBD-869A-7DDA9540365E}) (Version: 11.5 - Corel Corporation) Hidden
IPM_MIR_COM64 (HKLM\...\{30734396-FBD6-4B6D-83E1-5223C12778C5}) (Version: 1.0.0.167 - Corel Corporation) Hidden
IPM_PSP_COM (HKLM-x32\...\{E366C7D5-FD35-482C-AA33-38AE3BC48021}) (Version: 20.2.0.1 - Corel Corporation) Hidden
IPM_PSP_COM64 (HKLM\...\{2013AABB-7212-4D79-B13B-25E567C2D0E4}) (Version: 20.2.0.1 - Corel Corporation) Hidden
IPM_VS_Pro (HKLM-x32\...\{126FB9B0-85B6-476A-AF26-BE008D8DFC53}) (Version: 1.0 - Corel Corporation) Hidden
IPM_VS_Pro64 (HKLM\...\{1BD7EE90-7C52-4142-B4DD-55C4F28F9EE7}) (Version: 19.0 - Corel Corporation) Hidden
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Kerio Outlook Connector (Offline Edition) (HKLM\...\{A52568E0-AAD6-449E-B0AB-9CF2C51F154B}) (Version: 9.2.4367 - Kerio Technologies Inc.)
Kerio Updater Service (HKLM-x32\...\{e8c6c49b-4e9a-4853-a43b-a859986e95ba}) (Version: 9.2.924 - Kerio Technologies, Inc.) <==== ACHTUNG
Killer E220x Drivers (HKLM\...\{419E1AB9-3E42-42C5-B00E-E5E09DBEAA19}) (Version: 1.1.56.1651 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{DB8A465E-67BE-4450-9C9A-FECEA6222B95}) (Version: 1.1.56.1651 - Rivet Networks)
LabelCreator (HKLM-x32\...\{B8C23400-237A-40F2-854C-9846DF568075}) (Version: 1.00.0000 - Corel Corporation) Hidden
Logitech Options (HKLM\...\LogiOptions) (Version: 7.12.43 - Logitech)
MAGIX Cloud Import (HKLM\...\{E2EC0850-84BF-4A86-842E-4A100473FB22}) (Version: 0.1.0.5 - MAGIX Software GmbH) Hidden
MAGIX Cloud Import (HKLM\...\MX.{E2EC0850-84BF-4A86-842E-4A100473FB22}) (Version: 0.1.0.5 - MAGIX Software GmbH)
MAGIX Photostory Deluxe (Designelemente) (HKLM\...\{6E833142-9BAC-43F5-8658-528BF630617E}) (Version: 18.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory Deluxe (Designelemente) (HKLM\...\MX.{6E833142-9BAC-43F5-8658-528BF630617E}) (Version: 18.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory Deluxe (Filmvorlagen 1) (HKLM\...\{9FC8E076-4B50-478F-B218-287C23085630}) (Version: 18.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory Deluxe (Filmvorlagen 1) (HKLM\...\MX.{9FC8E076-4B50-478F-B218-287C23085630}) (Version: 18.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory Deluxe (Filmvorlagen 2) (HKLM\...\{56042D11-A7FB-40F1-8AAC-C9B317DF622B}) (Version: 18.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory Deluxe (Filmvorlagen 2) (HKLM\...\MX.{56042D11-A7FB-40F1-8AAC-C9B317DF622B}) (Version: 18.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory Deluxe (Fotoshow Maker-Stile) (HKLM\...\{F71555B8-CE99-4434-B801-FF577F590FCC}) (Version: 18.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory Deluxe (Fotoshow Maker-Stile) (HKLM\...\MX.{F71555B8-CE99-4434-B801-FF577F590FCC}) (Version: 18.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory Deluxe (HKLM\...\{306C9DB9-E2A3-49C5-8767-A5DBD4F154B1}) (Version: 18.1.1.28 - MAGIX Software GmbH) Hidden
MAGIX Photostory Deluxe (HKLM\...\MX.{306C9DB9-E2A3-49C5-8767-A5DBD4F154B1}) (Version: 18.1.3.36 - MAGIX Software GmbH)
MAGIX Photostory Deluxe (Individuelle Menüvorlagen) (HKLM\...\{4C2C70C2-5FAE-47B1-AC5B-209F6F13F542}) (Version: 18.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory Deluxe (Individuelle Menüvorlagen) (HKLM\...\MX.{4C2C70C2-5FAE-47B1-AC5B-209F6F13F542}) (Version: 18.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory Deluxe (Menüvorlagen) (HKLM\...\{52352A18-8FF2-4731-8EA3-3CBCE761619A}) (Version: 18.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory Deluxe (Menüvorlagen) (HKLM\...\MX.{52352A18-8FF2-4731-8EA3-3CBCE761619A}) (Version: 18.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory Deluxe (Sound-Effekte) (HKLM\...\{10941089-E238-4B46-BBDF-D52ED4298AFE}) (Version: 18.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory Deluxe (Sound-Effekte) (HKLM\...\MX.{10941089-E238-4B46-BBDF-D52ED4298AFE}) (Version: 18.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory Deluxe (Soundtrack Maker-Stile) (HKLM\...\{31BDBA30-65A0-4903-83D8-C78F8A4662F2}) (Version: 18.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory Deluxe (Soundtrack Maker-Stile) (HKLM\...\MX.{31BDBA30-65A0-4903-83D8-C78F8A4662F2}) (Version: 18.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory Deluxe (Titeleffekte) (HKLM\...\{087ACEFA-B48A-4CA3-8661-53F4A1F298BA}) (Version: 18.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory Deluxe (Titeleffekte) (HKLM\...\MX.{087ACEFA-B48A-4CA3-8661-53F4A1F298BA}) (Version: 18.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory Deluxe (Überblendeffekte) (HKLM\...\{9BB2165B-062C-45EB-A217-DC93B878694F}) (Version: 18.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photostory Deluxe (Überblendeffekte) (HKLM\...\MX.{9BB2165B-062C-45EB-A217-DC93B878694F}) (Version: 18.0.0.0 - MAGIX Software GmbH)
MAGIX Photostory Deluxe (Update Service 5.7.13.67) (HKLM\...\{AFF165AF-6466-3EE9-A8A9-2C6EFA657B2F}) (Version: 5.7.13.67 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM\...\{768BF195-8DAE-4837-8837-70798339F34E}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM-x32\...\MX.{768BF195-8DAE-4837-8837-70798339F34E}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Travel Maps (HKLM\...\{C6C6C471-7C92-4299-984B-BBC37CF2BD7D}) (Version: 1.0.1.245 - MAGIX Software GmbH) Hidden
MAGIX Travel Maps (HKLM\...\MX.{C6C6C471-7C92-4299-984B-BBC37CF2BD7D}) (Version: 1.0.1.245 - MAGIX Software GmbH)
mb WorkSuite 2018 (HKLM\...\{5EC151AD-85D6-4284-BC68-9D3BECDDEB4F}) (Version: 20.18.051.0 - mb AEC Software GmbH)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.12325.20344 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
MIR64 (HKLM\...\{C50F1C9E-B410-4565-917A-EAD2BF2D350D}) (Version: 1.0.0.167 - Corel Corporation) Hidden
MIRContent (HKLM-x32\...\{68DE4372-501F-49E7-A293-305497686165}) (Version: 1.0.0.167 - Corel Corporation) Hidden
MIRHelp (HKLM-x32\...\{27A2EAF9-31BD-47FB-A676-754E8C2CF36E}) (Version: 1.0.0.167 - Corel Corporation) Hidden
Movavi Screen Recorder Studio 10 (HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\...\Movavi Screen Recorder Studio 10) (Version: 10.1.0 - Movavi)
Movavi Video Suite 18 (HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\...\Movavi Video Suite 18) (Version: 18.3.1 - Movavi)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MultiCam Capture (HKLM\...\{D0022B98-719C-4CCE-B371-D17B83BC9460}) (Version: 1.2.2.408 - Corel Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller-Treiber 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Grafiktreiber 441.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Olympus Workspace (HKLM-x32\...\{7FBF5669-B60F-402B-9A08-7F7FF7FBC538}) (Version: 1.0.0 - Olympus Corporation)
ORCA AVA (HKLM-x32\...\{9937DB20-AEB6-4656-8EBD-6EC3ADF0A44F}) (Version: 22.0.9.848 - ORCA Software GmbH)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paragon Festplatten Manager™ 15 Suite (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Architect 6 (HKLM-x32\...\PDF Architect 6) (Version: 6.1.19.842 - pdfforge GmbH)
PDF Architect 7 (HKLM-x32\...\PDF Architect 7) (Version: 7.1.13.1755 - pdfforge GmbH)
PDF Architect 7 Convert Module (HKLM\...\{51249AB5-6F0B-4A35-B1EA-936CE121DBF4}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 Create Module (HKLM\...\{B600CC13-8F68-4D44-8867-93490894FAE5}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 Edit Module (HKLM\...\{BA2C2671-B379-4101-A21C-4C549671FC8D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 Forms Module (HKLM\...\{9F60A73B-1B46-45EE-B8E4-1160560AB8AD}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 Insert Module (HKLM\...\{41408EEB-E22F-4CF7-9EA5-0E735B75713F}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 View Module (HKLM\...\{E947A304-6110-4CFE-98AD-E6909072E87D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PhotoMirage (HKLM-x32\...\_{FD799776-5758-48E4-8523-328AC68F3D7A}) (Version: 1.0.0.167 - Corel Corporation)
Photostory Deluxe Update 2019 (HKLM\...\{6865D620-C587-49C1-BDB1-7CDFF5A1C7B0}) (Version: 18.1.2.48 - MAGIX Software GmbH) Hidden
Photostory Deluxe Update 2019 (HKLM\...\{73DAA539-DD83-4DCC-9E2B-85FE0F372DEE}) (Version: 18.1.3.36 - MAGIX Software GmbH) Hidden
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH) Hidden
proDAD Mercalli 2.0 (64bit) (HKLM\...\proDAD-Mercalli-2.0) (Version: 2.0.123 - proDAD GmbH) Hidden
proDAD Route 4.0 (64bit) (HKLM\...\proDAD-HeroglyphRoute-4.0) (Version: 4.0.241.1 - proDAD GmbH) Hidden
proDAD Script 4.0 (64bit) (HKLM\...\proDAD-HeroglyphScript-4.0) (Version: 4.0.241.1 - proDAD GmbH) Hidden
proDAD Vitascene 2.0 (64bit) (HKLM\...\proDAD-Vitascene-2.0) (Version: 2.0.241 - proDAD GmbH) Hidden
Profi cash Version 11.72 (HKLM-x32\...\{16289E20-A4D6-4E42-B24D-97EECED0EF1C}_is1) (Version: 11.72 - Fiducia & GAD IT AG)
PSPPContent (HKLM-x32\...\{CC719875-8939-48D2-BA50-D5F5673C4C6A}) (Version: 20.2.0.1 - Corel Corporation) Hidden
PSPPHelp (HKLM-x32\...\{BBF5A9A0-82BD-4C51-9EAD-624651FE765B}) (Version: 20.2.0.1 - Corel Corporation) Hidden
PSPPro64 (HKLM\...\{A8A7345E-0111-4A73-9F0F-560A837BF901}) (Version: 20.2.0.1 - Corel Corporation) Hidden
RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8496 - Realtek Semiconductor Corp.)
Roxio Creator NXT 7 Content (HKLM-x32\...\{75E9E494-60DA-4D0A-8221-3AC398F1ABBD}) (Version: 20.0.8.0 - Roxio)
Roxio Creator NXT Pro 7 (HKLM-x32\...\{3E670EAA-F20E-4DF6-BFC1-00BABC555498}) (Version: 20.0.54.0 - Roxio)
Roxio Genie (HKLM\...\{7FDDD20B-A4D0-4749-B159-BB9897478BFD}) (Version: 1.0.0.74 - Corel Corporation) Hidden
Roxio MyDVD (HKLM-x32\...\{436204E5-E93A-4D88-966B-923CAE2ED657}) (Version: 2.0 - Roxio)
Securepoint Antivirus Pro (HKLM-x32\...\{EAB87B1C-0C43-4B92-9515-B601B5804ADC}) (Version: 2.14.56 - Securepoint GmbH)
Setup (HKLM-x32\...\{1BA530AF-5BAC-4909-B160-1B19E59997ED}) (Version:  - Corel Inc.) Hidden
Setup (HKLM-x32\...\{A4D517DC-1201-499A-B344-3576C0C11698}) (Version: 1.0.0.167 - Ihr Firmenname) Hidden
Setup (HKLM-x32\...\{C9C9ACD1-F275-45CB-B507-96486DB5E608}) (Version: 20.2.0.1 - Ihr Firmenname) Hidden
Setup (HKLM-x32\...\{F2BACD4C-71F0-487C-AC11-247833494E52}) (Version: 1.0.0.146 - Corel Corporation) Hidden
Setup (HKLM-x32\...\{F8B95E3C-40A0-49CE-B5F9-3861F238B9FF}) (Version: 19.5.0.35 - Corel Corporation) Hidden
Share (HKLM-x32\...\{4AA35E5E-F12E-4CC9-92CD-049AF647841B}) (Version: 1.0.0.146 - Corel Corporation) Hidden
Share64 (HKLM\...\{A61EEC3A-E37C-49A5-BE61-7AEE04F1A15D}) (Version: 19.5.0.35 - Corel Corporation) Hidden
SketchUp 2018 (HKLM\...\{5EAA3D58-258D-4D24-BA22-C8D8D704F515}) (Version: 18.0.16975 - Trimble Navigation Limited)
SketchUp 2019 (HKLM\...\{0FB756F3-A84B-E5F8-387F-B9F186E6D497}) (Version: 19.0.685.20289 - Trimble, Inc.)
SketchUp 2020 (HKLM\...\{3018111d-9515-967c-baf8-b63c54330f67}) (Version: 20.0.363.132 - Ihr Firmenname) Hidden
SketchUp Language Pack [de] (HKLM\...\{531bb43c-abef-e6e0-e912-cf6dbe0a5946}) (Version: 20 - Ihr Firmenname) Hidden
SketchUp Pro 2020 (HKLM-x32\...\{522800F1-9FCE-44F2-8D2E-2CEC5B25A9C2}) (Version: 20.0.363 - Trimble, Inc.)
STLB-Bau XML V2 - Einzelplatz, Server (HKLM-x32\...\{52B258AA-46EB-473C-B90E-0970BDE3B14D}) (Version: 18.10.0005 - DIN Deutsches Institut für Normung)
Technische Baubestimmungen (HKLM-x32\...\beuth_vrm_Coll_beuth_vrm_tb) (Version:  - Beuth Verlag / Verlagsgesellschaft Rudolf Müller)
Trend Micro Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 16.0 - Trend Micro Inc.)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Virtual Comport Driver (HKLM-x32\...\{C49F032D-7298-4324-8C9A-3892F21CAF9E}) (Version: 1.5.0 - STMicroelectronics) Hidden
Virtual Comport Driver (HKLM-x32\...\InstallShield_{C49F032D-7298-4324-8C9A-3892F21CAF9E}) (Version: 1.5.0 - STMicroelectronics)
VSClassic (HKLM-x32\...\{3342D238-E332-43BB-B406-C6EE82273708}) (Version: 1.0.0.146 - Corel Corporation) Hidden
VSClassic64 (HKLM\...\{99B95309-4793-43D9-8F1C-EC086FC74CB5}) (Version: 19.5.0.35 - Corel Corporation) Hidden
VSPro (HKLM-x32\...\{6AA550DB-4863-44C7-863F-4F4C7D13649F}) (Version: 1.0.0.146 - Corel Corporation) Hidden
VSUltimate64 (HKLM\...\{3F5D769B-346B-487A-851A-A1AF147D5B39}) (Version: 19.5.0.35 - Corel Corporation) Hidden
WhatsApp (HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\...\WhatsApp) (Version: 0.4.315 - WhatsApp)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.32 of 2015-Jul-21 (Build 1504) (Setup) - WIBU-SYSTEMS AG)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22866 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows-Treiberpaket - STMicroelectronics (usbser) Ports  (08/02/2013 1.4.0) (HKLM\...\04B4996F06620A7ECFBFE8F9BCC458F9761E39F7) (Version: 08/02/2013 1.4.0 - STMicroelectronics)
WinDVD Lite (HKLM-x32\...\{DCA9F3CE-6342-47A7-B8EB-C79ECA9E8E71}) (Version:  - Corel Inc.) Hidden
WinRAR 5.71 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1690.1.0_x86__kgqvnymyfvs32 [2020-01-29] (king.com)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-19] (Fitbit)
HEVC-Videoerweiterungen -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.23255.0_x64__8wekyb3d8bbwe [2019-12-15] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa [2020-01-29] (Apple Inc.) [Startup Task]
Jonny -> C:\Program Files\WindowsApps\mbAECSoftwareGmbH.Jonny_2.0.1.0_x64__bmmtg9a99svs0 [2019-09-08] (mb AEC Software GmbH)
kicker -> C:\Program Files\WindowsApps\kickeronline-OlympiaVerla.kicker_2.0.1.0_x64__yd40rcd457tb0 [2019-04-22] (Olympia Verlag GmbH)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft News – Nachrichten -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.10.3282.0_x64__8wekyb3d8bbwe [2020-01-29] (Microsoft Corporation)
MSN Wetter -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-26] (Thumbmunkeys Ltd) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2019-10-28] (Realtek Semiconductor Corp)
Trend Micro Security -> C:\Program Files\WindowsApps\14C78905.5632B21B4008_2.2.1073.0_x64__y1xsffnhj35f6 [2020-01-09] (Trend Micro Inc.)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_3.145.2.0_x86__xpfg3f7e9an52 [2019-12-19] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [      FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
ShellIconOverlayIdentifiers: [    AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [    AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [    AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [    AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2018-11-23] (Acronis International GmbH -> )
ContextMenuHandlers1: [PDFArchitect7_ManagerExt] -> {21989F59-B260-4302-90C3-E51740E03639} => D:\Programme\PDF Architect 7\context-menu.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-12-09] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [Roxio Burn] -> {E8CB9D53-A47A-42B5-9F5B-96B037C9DD4C} => C:\Program Files\Roxio\Roxio Burn\RB_ContextMenu64.dll [2018-11-23] (Corel Corporation -> TODO: <Company name>)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [_MovaviSuite10] -> {9D700AB0-33CE-4ab3-BD66-3A73CC2CEDE3} =>  -> Keine Datei
ContextMenuHandlers1: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [_MovaviSuite10] -> {9D700AB0-33CE-4ab3-BD66-3A73CC2CEDE3} =>  -> Keine Datei
ContextMenuHandlers6: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [msacm.dvacm_vspx9] => C:\Program Files\Corel\Corel VideoStudio X9\DVACM.acm [23552 2016-07-13] (Corel TW Corp.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2013-08-17] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\pdvcodec.dll [265797 2014-05-21] (Matsushita Electric Industrial Co., Ltd.) [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Marcus\Desktop\Tools\Foto Video\VideoStudio X9 Training.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.studiobacklot.tv/videostudioX9

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2019-02-19 23:08 - 2019-02-19 23:08 - 000144896 _____ () [Datei ist nicht signiert] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\libssh2.dll
2019-02-19 23:08 - 2019-02-19 23:08 - 000077824 _____ () [Datei ist nicht signiert] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\zlib.dll
2019-02-05 00:07 - 2019-02-05 00:07 - 000266752 _____ () [Datei ist nicht signiert] D:\Programme\PDF Architect 7\libidn.dll
2018-05-03 11:30 - 2018-05-03 11:30 - 000349696 _____ (Intel(R) Corporation) [Datei ist nicht signiert] C:\WINDOWS\system32\NCS2Setp.dll
2019-04-24 01:12 - 2019-04-24 01:12 - 006018560 _____ (Terra Informatica Software, Inc., British Columbia, Canada.) [Datei ist nicht signiert] D:\Programme\PDF Architect 7\htmlayout.dll
2019-02-19 23:08 - 2019-02-19 23:08 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [Datei ist nicht signiert] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBCURL.dll
2018-12-10 10:29 - 2018-12-10 10:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] D:\Programme\PDF Architect 7\libcurl.dll
2015-07-08 17:54 - 2015-07-08 17:54 - 025338368 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
2015-07-08 17:54 - 2015-07-08 17:54 - 002056704 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
2015-07-08 17:54 - 2015-07-08 17:54 - 001425408 _____ (The ICU Project) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll
2019-02-19 23:08 - 2019-02-19 23:08 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBEAY32.dll
2019-02-19 23:08 - 2019-02-19 23:08 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\SSLEAY32.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 000029184 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\imageformats\qgif.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 000031232 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\imageformats\qico.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 000257536 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\imageformats\qjpeg.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 001155072 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\platforms\qwindows.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 004929024 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\Qt5Core.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 005716480 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\Qt5Gui.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 001052672 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\Qt5Network.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 000319488 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\Qt5OpenGL.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 000314368 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\Qt5PrintSupport.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 003322880 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\Qt5Qml.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 003127296 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\Qt5Quick.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 000187904 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\Qt5Sql.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 024483328 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\Qt5WebKit.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 000211968 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\Qt5WebKitWidgets.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 005107200 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\Qt5Widgets.dll
2018-11-23 12:15 - 2018-11-23 12:15 - 000261632 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Acronis\TrueImageHome\Qt5WinExtras.dll
2020-01-09 09:21 - 2020-01-09 09:21 - 011921920 _____ (Trend Micro Inc.) [Datei ist nicht signiert] C:\Program Files\WindowsApps\14C78905.5632B21B4008_2.2.1073.0_x64__y1xsffnhj35f6\CarbonService.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ==========

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Kerio\Outlook Connector (Offline Edition)\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.1.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\...\StartupApproved\Run: => "QMxNetworkSync"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{D6DF547B-75D3-4380-8694-1D4EDCD5B9AD}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe Keine Datei
FirewallRules: [{130FA4D2-97E8-43BA-8040-1ED17B038F3A}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe Keine Datei
FirewallRules: [{A8AEF148-A0EB-4443-BED3-0DB95358BCA3}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{430669A5-B69A-4535-AA95-037C39C4A808}] => (Allow) c:\Program Files (x86)\Corel\WinDVD Lite\11\\WinDVD Lite.exe (Corel Corporation -> Corel Inc.)
FirewallRules: [{12ECDD5B-0DFE-46BD-9575-B8D71FD6D106}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2EB5B1A6-D607-40CF-B77F-9E1C967152C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD7819C0-2600-4B4A-AA16-7CC74F2F761D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BBB27829-9CD9-43DA-9E03-9B870DB75411}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FF3D36A8-78AC-4DD0-B2D2-F89E0208C62E}] => (Allow) C:\Program Files\Common Files\MAGIX Services\MxCloudSync\MxCloudSync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [{9672343E-6347-4142-BE4C-8F5ABCDB1485}] => (Allow) C:\Program Files\MAGIX\Photostory Deluxe\2019\Fotos_dlx.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{42C9F5AA-DDB9-47F0-8CDB-FB179D5DE797}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{C9ED3D96-BD67-4BFC-BD3B-CAACD0B288AF}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{AB84E380-CD46-4876-B7E6-6925E97C58FC}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{7CE6AE45-4C6D-425A-93CF-7308C88D5771}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{900BC320-DDDF-4670-A0BB-3CDBC6AEA079}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{C746776C-3963-42BD-BB99-C56EEA48D568}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{6BD2D594-CF14-495A-AA34-D98D6A0CF354}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{9867B069-7E1A-480E-8885-C08195B582A4}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{C112DD31-75C2-42F3-B197-7BA31DF00947}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{5A18AD01-5838-4806-9E87-999F8C603B4B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{917F5F73-BC82-4CDC-824C-4282685BBEFB}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{06194E8A-2AA4-41DC-9DB5-B29C7184828B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{CE6AEC2E-6AE7-4ED7-AD30-C0CBB4010FB0}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{EFAEFD3C-43D6-442F-8463-EB866519C5CB}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{C613C032-978C-419D-A3F0-AFFB5436C6B0}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{CF5620E2-C42F-4705-8FCE-3D033EF41421}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Keine Datei
FirewallRules: [{59FE45E7-654D-41F5-BB7B-213DE5FC4F14}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Keine Datei
FirewallRules: [{5C6CDA5E-D116-428D-9390-46C0A9D5C9C8}] => (Allow) C:\Users\Marcus\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe Keine Datei
FirewallRules: [{FB954536-4C5A-4071-9F49-006549D8BEA2}] => (Allow) C:\Users\Marcus\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe Keine Datei
FirewallRules: [{63DCE8B7-AED6-42EE-BBB3-799D1BBE6838}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{5D092B8F-B97C-4B3B-9348-4C1AA0005B55}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{28B547B4-818F-4DD1-BE6D-41E0AF1C06C6}C:\program files (x86)\relevantknowledge\rlvknlg.exe] => (Block) C:\program files (x86)\relevantknowledge\rlvknlg.exe Keine Datei
FirewallRules: [TCP Query User{9A33AB6A-3C52-41CE-BCD8-9B8653C11796}C:\program files (x86)\relevantknowledge\rlvknlg.exe] => (Block) C:\program files (x86)\relevantknowledge\rlvknlg.exe Keine Datei
FirewallRules: [{D62CADFB-5CCF-4FDB-903F-D9867D285183}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Keine Datei
FirewallRules: [{19E42F31-445F-434E-99E1-F4F575A2E42C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Keine Datei
FirewallRules: [{11025B8B-2157-4BF2-BA48-4F51AC9A39F9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe Keine Datei
FirewallRules: [{BDDFE512-92E3-49B4-90FD-EA7D927344CC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe Keine Datei
FirewallRules: [{AFC24A38-052C-4E86-A15F-9AF21B46A8A1}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{3F3CE771-B739-46A4-83FB-721982143DAF}] => (Block) D:\Programme\CorelDRAW Home & Student Suite X7\Programs\PPHome.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{CFB4E7BB-66CE-4E03-ACC7-F4CD40431D3A}] => (Block) D:\Programme\CorelDRAW Home & Student Suite X7\Programs\DrawHome.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{D6BCBD2F-1EC4-4552-99B2-F11D7DF6B766}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{65FBE291-F5C5-486F-8A56-243B7786EBCE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{52AED307-A43B-4258-86AA-864CC5B4E1CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4D1E0B6E-B3E0-4872-AB4B-1A73DC6C5E4B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F78E3C45-6B51-48AB-861C-C9C05922B18B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8CF68519-CF5C-4AF2-BDD3-038E28CE6FAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B62A5E9E-70DE-488B-8B50-3DA66CEBAC6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1E2E3F06-6C1C-42F9-B002-D660C3F70AAA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3905DD7D-A075-48C2-B27D-4E2E7536E2BA}] => (Allow) D:\Spiele\Steam\Steam.exe Keine Datei
FirewallRules: [{F1091349-6EB8-4B73-B4FC-EDF4D6F3A901}] => (Allow) D:\Spiele\Steam\Steam.exe Keine Datei
FirewallRules: [{855C8B96-2760-4A92-9D8B-86AEB390BA71}] => (Allow) D:\Spiele\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Keine Datei
FirewallRules: [{B756D2E8-5453-4A65-9FDA-ED53248B893A}] => (Allow) D:\Spiele\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Keine Datei
FirewallRules: [{1D2A2A4A-9429-4D44-AC69-7198A26C4E48}] => (Allow) D:\Spiele\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe Keine Datei
FirewallRules: [{CED47B7A-A6B8-468E-BB14-1B2679839FA7}] => (Allow) D:\Spiele\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe Keine Datei
FirewallRules: [TCP Query User{309E1982-D153-4D89-8C60-915A6953CE6B}D:\programme\dainese\dairregistration.exe] => (Allow) D:\programme\dainese\dairregistration.exe (Dainese -> )
FirewallRules: [UDP Query User{91AF3228-92D3-4DE3-9B18-F77545CF1F9C}D:\programme\dainese\dairregistration.exe] => (Allow) D:\programme\dainese\dairregistration.exe (Dainese -> )
FirewallRules: [{89EAEBA6-99D2-48B3-8AC8-67AF00E059B5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3DE8F691-AC50-48D8-B0D8-88BE515849C5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D4BA1B9F-8073-421A-B198-0AFF33AA129F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9457ACA-8CDB-4821-A76C-11DF4E80D2D2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A368519F-CF6F-41A6-8179-093ECE62530E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2D649986-24CB-4B50-BB61-76516A89A449}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1272CAF4-F1A0-4BAB-8D5F-1D0B43F32232}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A3C19B14-C333-45CF-8C22-EE22C7FD4996}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (02/03/2020 11:51:13 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14680,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/03/2020 11:30:18 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21412,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/03/2020 11:20:24 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14212,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/03/2020 11:10:39 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (22312,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/03/2020 10:55:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1692,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/03/2020 10:50:24 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21560,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/03/2020 09:54:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5688

Error: (02/03/2020 09:54:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5688


Systemfehler:
=============
Error: (02/03/2020 10:40:48 AM) (Source: DCOM) (EventID: 10000) (User: MARKUS-CAD-DESK)
Description: Ein DCOM-Server konnte nicht gestartet werden: {0F1BE71C-DFE7-41B1-8D52-C76A054D1EAE}. Fehler:
"2147942767"
Aufgetreten beim Start dieses Befehls:
"C:\Program Files\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe" -Embedding

Error: (02/03/2020 10:40:48 AM) (Source: DCOM) (EventID: 10000) (User: MARKUS-CAD-DESK)
Description: Ein DCOM-Server konnte nicht gestartet werden: {0F1BE71C-DFE7-41B1-8D52-C76A054D1EAE}. Fehler:
"2147942767"
Aufgetreten beim Start dieses Befehls:
"C:\Program Files\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe" -Embedding

Error: (02/03/2020 10:40:48 AM) (Source: DCOM) (EventID: 10000) (User: MARKUS-CAD-DESK)
Description: Ein DCOM-Server konnte nicht gestartet werden: {0F1BE71C-DFE7-41B1-8D52-C76A054D1EAE}. Fehler:
"2147942767"
Aufgetreten beim Start dieses Befehls:
"C:\Program Files\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe" -Embedding

Error: (02/03/2020 10:40:48 AM) (Source: DCOM) (EventID: 10000) (User: MARKUS-CAD-DESK)
Description: Ein DCOM-Server konnte nicht gestartet werden: {0F1BE71C-DFE7-41B1-8D52-C76A054D1EAE}. Fehler:
"2147942767"
Aufgetreten beim Start dieses Befehls:
"C:\Program Files\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe" -Embedding

Error: (02/03/2020 07:59:16 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (02/03/2020 06:35:15 AM) (Source: DCOM) (EventID: 10000) (User: MARKUS-CAD-DESK)
Description: Ein DCOM-Server konnte nicht gestartet werden: {0F1BE71C-DFE7-41B1-8D52-C76A054D1EAE}. Fehler:
"2147942767"
Aufgetreten beim Start dieses Befehls:
"C:\Program Files\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe" -Embedding

Error: (02/03/2020 06:35:15 AM) (Source: DCOM) (EventID: 10000) (User: MARKUS-CAD-DESK)
Description: Ein DCOM-Server konnte nicht gestartet werden: {0F1BE71C-DFE7-41B1-8D52-C76A054D1EAE}. Fehler:
"2147942767"
Aufgetreten beim Start dieses Befehls:
"C:\Program Files\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe" -Embedding

Error: (02/03/2020 06:35:15 AM) (Source: DCOM) (EventID: 10000) (User: MARKUS-CAD-DESK)
Description: Ein DCOM-Server konnte nicht gestartet werden: {0F1BE71C-DFE7-41B1-8D52-C76A054D1EAE}. Fehler:
"2147942767"
Aufgetreten beim Start dieses Befehls:
"C:\Program Files\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe" -Embedding


CodeIntegrity:
===================================

Date: 2020-02-03 11:53:56.227
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trend Micro\Titanium\TmWscSvc\WSCHandler.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-02-03 11:53:56.217
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trend Micro\Titanium\TmWscSvc\WSCHandler.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-02-03 11:53:56.205
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Windows signing level requirements.

Date: 2020-02-03 11:44:13.062
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Windows signing level requirements.

Date: 2020-02-03 11:44:13.060
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Windows signing level requirements.

Date: 2020-02-03 11:44:13.048
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Windows signing level requirements.

Date: 2020-02-03 11:37:09.304
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Windows signing level requirements.

Date: 2020-02-03 11:37:09.301
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Windows signing level requirements.

==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. P1.90 12/26/2018
Hauptplatine: ASRock Z390 Taichi Ultimate
Prozessor: Intel(R) Core(TM) i7-9700K CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 11%
Installierter physikalischer RAM: 65455.91 MB
Verfügbarer physikalischer RAM: 57849.41 MB
Summe virtueller Speicher: 75183.91 MB
Verfügbarer virtueller Speicher: 64999.64 MB

==================== Laufwerke ================================

Drive c: (Bootlaufwerk) (Fixed) (Total:464.7 GB) (Free:0 GB) NTFS
Drive d: (Programme) (Fixed) (Total:931.51 GB) (Free:776.25 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Daten 1) (Fixed) (Total:2794.39 GB) (Free:2360.83 GB) NTFS
Drive f: (Photo Extern) (Fixed) (Total:1397.26 GB) (Free:244.34 GB) NTFS

\\?\Volume{5a53eba8-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{5a53eba8-0000-0000-0000-704f74000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5A53EBA8)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=531 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 78708283)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 2794.5 GB) (Disk ID: 0FFE6FFB)

Partition: GPT.

==========================================================
Disk: 3 (MBR Code: Windows 7 or Vista) (Size: 1397.3 GB) (Disk ID: CB67D45A)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt =======================
Ich habe seit bekanntwerden des Problems keine eigenen Schritte unternommen; demnach liegen auch keine anderen Scan-Files vor.

Ich hoffe dass ich eure Anleitung richtig interpretiert habe und warte auf Hinweise wie ich weiter verfahren soll.

Vorab schon mal Danke.
Grüße KiwiSB

KiwiSB 03.02.2020 13:03
Windows 10 Festplatte füllt sich ständig von alleine auch ohne Programmausführung!
 
(Ooops da war was schiefgelaufen mit dem 1. Teil)
Hallo Community,

bei meinem Windows 10 PC gibt es folgendes Problem:
Das Bootlaufwerk c: (ssd 500) wird auch ohne eine Programmausführung ständig zugeschrieben. Auch nach Bereinigung mit dem Windows-Bereinigungstool ist die Festplatte kurzfristig wieder beschrieben und es bleibt 0 Bytes freier Platz; also wird die Platte komplett zugeschrieben. Ich hatte im ersten Moment daran gedacht, dass ich selbst zuviel auf den Desktop gelegt hätte. Aber nach dem Verschieben der Desktopdateien und entfernen meines Garmin-Tourenplaners samt Landkarten (immerhin über 20 GB), war das Bootlaufwerk sofort wieder bei wenigen Bytes.

Ich habe keine weiteren Rettungsversuche gestartet und das Farbar Recovery Tool benutzt.

Anbei die FRST-Datei:

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
durchgeführt von Marcus (Administrator) auf MARKUS-CAD-DESK (03-02-2020 11:33:51)
Gestartet von C:\Users\Marcus\Desktop\Farbar Recovery Scan Tool
Geladene Profile: Marcus (Verfügbare Profile: Marcus)
Platform: Windows 10 Pro Version 1909 18363.592 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(ASROCK Incorporation -> ) C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe
(Corel Corporation -> ) C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
(Corel Corporation -> ) C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
(Corel Corporation -> ) D:\Programme\Roxio Creator NXT Pro 7\Roxio Burn\RoxioBurnLauncher.exe
(Corel Corporation -> InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(GFI Software Development Ltd. -> Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) [Datei ist nicht signiert] C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Marcus\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20011.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\regedit.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(pdfforge GmbH -> pdfforge GmbH) D:\Programme\PDF Architect 7\architect.exe
(pdfforge GmbH -> pdfforge GmbH) D:\Programme\PDF Architect 7\updater-ws.exe
(pdfforge GmbH -> pdfforge GmbH) D:\Programme\PDF Architect 7\ws.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Reiner Kartengeraete GmbH und Co.KG -> REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Trend Micro Inc.) C:\Program Files\WindowsApps\14C78905.5632B21B4008_2.2.1073.0_x64__y1xsffnhj35f6\CarbonFramework\CarbonFramework.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\10011\8.1.2002\8.1.2002\TmsaInstance64.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\DiamondRing\DrSDKCaller.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\SupportTool.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [771528 2018-07-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-07-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [754416 2018-11-23] (Acronis International GmbH -> )
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2177160 2019-03-03] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246112 2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1246368 2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4785640 2018-11-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.  -> Flexera Software, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] => D:\Programme\Roxio Creator NXT Pro 7\Common\RoxWatchTray15.exe [303968 2019-01-29] (Corel Corporation -> Corel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\...\Run: [QMxNetworkSync] => C:\Program Files\Common Files\MAGIX Services\QMxNetworkSync\QMxNetworkSync.exe
HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\...\Run: [BlueCoreInterfaceTrayApp] => C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe
HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-12-09] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-12-09] (Apple Inc. -> Apple Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{3AFAB1A7-F3DB-4DED-B51B-25E34D21D798}] -> C:\WINDOWS\system32\USBKeyCredentialProvider.dll [2014-07-31] (ASROCK Incorporation -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Zahlungserinnerung.lnk [2019-12-18]
ShortcutTarget: Zahlungserinnerung.lnk -> D:\Programme\ProfiCash\wzed.exe (Fiducia & GAD IT AG -> )
GroupPolicy: Beschränkung ? <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {047F91DF-24CE-4D56-BB73-26F503866817} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0AB8F59E-F8E0-4029-8992-6B733EA54AD5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C4B14EB-AB02-4631-AE05-F5B4A3D2571D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2024320 2020-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {105A28F5-101D-4FB4-AA58-74927D03D28A} - System32\Tasks\AsrKM => C:\Program Files (x86)\ASRock Utility\Key Master\AsrKM.exe
Task: {165D33E7-13B6-4B9E-8A4C-4617AEECB61E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-12] (Google Inc -> Google Inc.)
Task: {1F565714-016D-4321-9C3E-343C2DB2DFFE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {231565A1-8985-4017-95AE-18D849FF42AF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {303F3EA6-B7F6-48E7-964B-B147353D94A9} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-12-09] (Apple Inc. -> Apple Inc.)
Task: {32D1A843-CEE6-43FE-B26C-7052DBCAFA46} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [817352 2018-05-15] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {4168F79D-2891-43CA-8B03-E34B921064DE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {42937CA0-ED77-433A-8FCD-77130BBA81F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B0D0CE9-1E4D-46E4-B8D2-2E9AFB347FAD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4F3897B6-49F5-4D48-B9D5-F833DB14599C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050456 2020-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {5488CA3E-5455-42C6-8BDC-DCDF775B4E92} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C28C9D9-4F79-4165-B84F-889BD7614FBB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68778548-8ED3-4567-89EF-E9CF06E16B9E} - System32\Tasks\AsrSP.exe => C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\AsrSP.exe [2646528 2014-12-02] () [Datei ist nicht signiert]
Task: {74C05B9F-B21B-4BDB-97C0-53C9906FFBE5} - System32\Tasks\AsrAPPShop => C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe
Task: {77FF19CF-4A1E-4614-853B-E02CBE7184AA} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [324680 2017-05-10] (MAGIX Software GmbH -> MAGIX Software GmbH)
Task: {81036752-2E96-4B68-9C08-B41C4CF28C7B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8C1109FB-0A0C-4F55-A451-C3FAA418401C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-12] (Google Inc -> Google Inc.)
Task: {B6A079C9-B24A-41B1-BB89-1ED1B0971D1F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050456 2020-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {B92AAC37-2DA7-4504-85C3-221C8015ABE2} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C541D021-635A-45CD-876D-5DB7D2127533} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA2CAD07-80A0-479E-8DDE-BC49127CD51D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC0DFD24-2ECF-4B0C-9F66-75CF855CB614} - System32\Tasks\GoogleUpdateTaskMachineUA1d57a8170d38ef4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-12] (Google Inc -> Google Inc.)
Task: {CE6366F3-37CA-4FC6-8986-0371EAF34AA1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {DB396FD4-B960-48A4-B849-6AD5D38D7E09} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DFCCA37F-A3FC-4F1D-92BB-8831690E2E31} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3FA635B-641B-47B7-B3C1-9AE272632C4E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA123A8B-C902-4621-A82E-983BF2590518} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA196545-A9D7-4B70-9E72-CA0F5D8C7E94} - System32\Tasks\GoogleUpdateTaskMachineCore1d57a8170cf99f5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-12] (Google Inc -> Google Inc.)
Task: {F3FE2879-8197-4579-A2FD-A731F2232758} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F80AD2EE-FBF2-47E8-8E9D-0F35824A13E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{05093e58-00da-4708-b389-319a41ec482d}: [DhcpNameServer] 192.1.1.254
Tcpip\..\Interfaces\{9127d641-5e9d-41cd-b77b-605ac6bdf62c}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{97c7010e-c301-4401-8e5c-8dfe7d5073ee}: [DhcpNameServer] 192.1.1.254
Tcpip\..\Interfaces\{d8ff8d87-a832-4f56-9607-c6118b005b9a}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{eb3e58a5-a519-446c-84aa-683ee947173e}: [NameServer] 192.1.1.254

Internet Explorer:
==================
HKU\S-1-5-21-2263560041-3636778381-2339849275-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> D:\Programme\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2019-10-11] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2019-10-11] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kein Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2019-10-11] (Trend Micro, Inc. -> Trend Micro Inc.)
Toolbar: HKLM - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - D:\Programme\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2019-10-11] (Trend Micro, Inc. -> Trend Micro Inc.)
Toolbar: HKLM-x32 - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2019-10-11] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2019-10-11] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)

Edge:
======
DownloadDir: C:\Users\Marcus\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2263560041-3636778381-2339849275-1001 -> hxxp://google.de/
Edge Notifications: HKU\S-1-5-21-2263560041-3636778381-2339849275-1001 -> hxxps://www.wetteronline.de
Edge Extension: (Trend Micro Security) -> EdgeExtension_14C789055632B21B4008_y1xsffnhj35f6 => C:\Program Files\WindowsApps\14C78905.5632B21B4008_2.2.1073.0_x64__y1xsffnhj35f6 [2020-01-09]

FireFox:
========
FF DefaultProfile: urgcacqn.default
FF DefaultProfile: ma9eri5r.default
FF ProfilePath: C:\Users\Marcus\AppData\Roaming\Rudolf Mueller Mediengruppe (vrm)\Rudolf Mueller Mediengruppe Brandschutzatlas (Coll_vrm)X\Profiles\urgcacqn.default [2019-10-07]
FF ProfilePath: C:\Users\Marcus\AppData\Roaming\Beuth Verlag _ Verlagsgesellschaft Rudolf Müller (beuth_vrm)\Beuth Verlag _ Verlagsgesellschaf#9981ba04cb705d1cc0bdbe54706477a4\Profiles\ma9eri5r.default [2019-12-14]
FF HKLM\...\Firefox\Extensions: [fftmtoolbar@trendmicro.com] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi
FF Extension: (Kein Name) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi [2019-11-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [fftmtoolbar@trendmicro.com] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [504160 2017-12-14] (Corel Corporation -> )
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [4380176 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
R2 Amsp; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [384032 2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 ASRockIOMon; C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe [463112 2014-07-31] (ASROCK Incorporation -> )
R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [46432 2018-11-08] (Corel Corporation -> )
R2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [611336 2018-11-15] (Reiner Kartengeraete GmbH und Co.KG -> REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [530208 2019-04-23] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [762056 2018-05-15] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [505856 2018-05-02] (Intel Corporation) [Datei ist nicht signiert]
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [714952 2018-05-15] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 IviRegMgr; c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [110736 2010-05-20] (Corel Corporation -> InterVideo)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-06-06] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 ktupdaterservice; C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [995280 2018-12-25] (GFI Software Development Ltd. -> Kerio Technologies Inc.)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1765160 2018-11-23] (Acronis International GmbH -> )
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265824 2018-04-17] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
R3 PDF Architect 7; D:\Programme\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 7 Creator; D:\Programme\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; D:\Programme\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1127584 2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 RoxioBurnLauncher; D:\Programme\Roxio Creator NXT Pro 7\Roxio Burn\RoxioBurnLauncher.exe [1233760 2019-01-30] (Corel Corporation -> )
S3 RoxMediaDB15; D:\Programme\Roxio Creator NXT Pro 7\Common\RoxMediaDB15.exe [1163616 2019-01-29] (Corel Corporation -> Corel Corporation)
S2 RoxWatch15; D:\Programme\Roxio Creator NXT Pro 7\Common\RoxWatch15.exe [300896 2019-01-29] (Corel Corporation -> Corel Corporation)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [771528 2018-07-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [6926040 2018-11-23] (Acronis International GmbH -> Acronis International GmbH)
S3 TmWscSvc; C:\Program Files\Trend Micro\Titanium\TmWscSvc\TmWscSvc.exe [406440 2019-11-05] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848288 2018-04-17] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 aqnic; C:\WINDOWS\System32\drivers\aqnic650.sys [1144896 2018-05-16] (Aquantia -> Aquantia Corporation)
R3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2019-01-29] (ASROCK Incorporation -> ASRock Incorporation)
S3 AsrHidFilter; C:\WINDOWS\system32\DRIVERS\AsrHidFilter.sys [20232 2014-06-30] (ASROCK Incorporation -> ASRock Inc.)
S3 cjusb; C:\WINDOWS\System32\drivers\cjusb.sys [43224 2017-03-28] (REINER Kartengeraete GmbH & Co. KG -> REINER SCT)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [667144 2019-02-22] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2019-02-22] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
U5 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [1462720 2015-07-29] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1083424 2018-07-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2105632 2019-04-23] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [25800 2014-05-27] (Intel CASE -> )
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47928 2019-11-29] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8810336 2018-05-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4i.inf_amd64_462657f76ab86475\nvlddmkm.sys [22739600 2019-11-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R1 PxHelpFilter; C:\WINDOWS\system32\Drivers\PxHelpFilter.sys [24032 2018-06-08] (Corel Corporation -> Corel Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [64984 2015-12-15] (Corel Corporation -> Corel Corporation)
R3 RSBCdFilter; C:\WINDOWS\system32\Drivers\RSBCdFilter.sys [25568 2018-06-08] (Corel Corporation -> Corel Corporation)
U5 RSBFilter; C:\Windows\System32\Drivers\RSBFilter.sys [27616 2018-06-08] (Corel Corporation -> Corel Corporation)
R0 RSBFsFilter; C:\WINDOWS\System32\Drivers\RSBFsFilter.sys [28128 2018-06-08] (Corel Corporation -> Corel Corporation)
R0 Sahdad64; C:\WINDOWS\System32\Drivers\Sahdad64.sys [46392 2017-12-14] (Corel Corporation -> Corel Corporation)
R0 Saibad64; C:\WINDOWS\System32\Drivers\Saibad64.sys [38200 2017-12-14] (Corel Corporation -> Corel Corporation)
R1 SaibVdAd64; C:\WINDOWS\System32\Drivers\SaibVdAd64.sys [45880 2017-12-14] (Corel Corporation -> Corel Corporation)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [885880 2019-02-22] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [173536 2019-02-22] (Acronis International GmbH -> Acronis International GmbH)
R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [74760 2019-06-04] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [147672 2017-05-10] (Trend Micro, Inc. -> Trend Micro Inc.)
S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [37552 2019-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Trend Micro Inc.)
R1 tmeyes; C:\WINDOWS\system32\DRIVERS\tmeyes.sys [679712 2019-07-12] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [562296 2018-03-07] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [157448 2019-09-23] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [137776 2019-05-04] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2019-02-22] (Acronis International GmbH -> Acronis International GmbH)
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102576 2015-07-24] (Paragon Software GmbH -> )
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25904 2015-07-24] (Paragon Software GmbH -> )
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-07-24] (Paragon Software GmbH -> )
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331976 2019-02-22] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2019-02-22] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [106760 2017-10-19] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R3 Wibukey2_64; C:\WINDOWS\system32\drivers\wibukey2_64.sys [22320 2017-10-19] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2020-02-03 11:30 - 2020-02-03 11:33 - 000000000 ____D C:\Users\Marcus\Desktop\Farbar Recovery Scan Tool
2020-02-03 11:07 - 2020-02-03 11:34 - 000000000 ____D C:\FRST
2020-02-03 06:14 - 2020-02-03 06:14 - 000000000 ___HD C:\OneDriveTemp
2020-02-02 13:59 - 2020-02-02 13:59 - 000000000 ____D C:\Users\Marcus\Apple
2020-02-01 12:32 - 2020-02-01 12:32 - 000000000 ____D C:\Users\Marcus\AppData\Roaming\naviextras
2020-01-30 10:39 - 2020-01-30 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2020
2020-01-15 11:11 - 2020-01-15 11:11 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 11:11 - 2020-01-15 11:11 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 11:11 - 2020-01-15 11:11 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 11:11 - 2020-01-15 11:11 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 11:11 - 2020-01-15 11:11 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 11:11 - 2020-01-15 11:11 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 11:11 - 2020-01-15 11:11 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 11:11 - 2020-01-15 11:11 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 11:11 - 2020-01-15 11:11 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 11:11 - 2020-01-15 11:11 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 11:11 - 2020-01-15 11:11 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 11:11 - 2020-01-15 11:11 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 11:11 - 2020-01-15 11:11 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 11:11 - 2020-01-15 11:11 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 11:11 - 2020-01-15 11:11 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 11:11 - 2020-01-15 11:11 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 11:11 - 2020-01-15 11:11 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-15 11:11 - 2020-01-15 11:11 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 11:11 - 2020-01-15 11:11 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WSDScan.sys
2020-01-15 11:11 - 2020-01-15 11:11 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 11:11 - 2020-01-15 11:11 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 11:08 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 11:08 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-14 14:46 - 2019-11-06 04:23 - 011839864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-01-14 14:46 - 2019-11-06 04:23 - 010164944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-01-14 14:46 - 2019-11-06 04:23 - 001074080 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-14 14:46 - 2019-11-06 04:23 - 001074080 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-14 14:46 - 2019-11-06 04:23 - 000931768 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-14 14:46 - 2019-11-06 04:23 - 000931768 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-14 14:46 - 2019-11-06 04:23 - 000848800 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-14 14:46 - 2019-11-06 04:23 - 000848800 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-14 14:46 - 2019-11-06 04:23 - 000706464 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-14 14:46 - 2019-11-06 04:23 - 000706464 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-01-14 14:46 - 2019-11-06 04:23 - 000450600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-14 14:46 - 2019-11-06 04:23 - 000352728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-14 14:46 - 2019-11-06 04:22 - 002074736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-01-14 14:46 - 2019-11-06 04:22 - 001568920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-01-14 14:46 - 2019-11-06 04:22 - 001483848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-01-14 14:46 - 2019-11-06 04:22 - 001370240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-01-14 14:46 - 2019-11-06 04:22 - 001144280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-01-14 14:46 - 2019-11-06 04:22 - 000824920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-01-14 14:46 - 2019-11-06 04:22 - 000686800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-01-14 14:46 - 2019-11-06 04:22 - 000677280 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-01-14 14:46 - 2019-11-06 04:22 - 000558288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-01-14 14:46 - 2019-11-06 04:22 - 000545320 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-01-14 14:46 - 2019-11-06 04:22 - 000056080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2020-01-14 14:46 - 2019-11-06 04:21 - 040510848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-01-14 14:46 - 2019-11-06 04:21 - 035379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-01-14 14:46 - 2019-11-06 04:21 - 017461248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-01-14 14:46 - 2019-11-06 04:21 - 015028568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-14 14:46 - 2019-11-06 04:21 - 005380512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-01-14 14:46 - 2019-11-06 04:21 - 004716584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-01-14 14:46 - 2019-11-06 04:21 - 001733672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444112.dll
2020-01-14 14:46 - 2019-11-06 04:21 - 001491704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444112.dll
2020-01-14 14:46 - 2019-11-06 04:21 - 001065624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-01-14 14:46 - 2019-11-06 04:21 - 000813016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-01-14 14:46 - 2019-11-06 04:21 - 000658888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-01-14 14:46 - 2019-11-06 04:17 - 004205568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2020-02-03 11:33 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-03 10:44 - 2019-07-02 15:00 - 000000000 ____D C:\Users\Marcus\Documents\Outlook-Dateien
2020-02-03 09:14 - 2019-10-08 17:38 - 000000000 ____D C:\Users\Marcus\AppData\Local\B7155F05-53EB-4AA9-BA7D-67CA31E9CF64.aplzod
2020-02-03 08:53 - 2019-01-29 14:02 - 000000000 ____D C:\ProgramData\Trend Micro
2020-02-03 07:51 - 2019-03-28 22:49 - 000000000 ____D C:\ProgramData\Garmin
2020-02-03 07:51 - 2019-03-28 22:44 - 000000000 ____D C:\Program Files (x86)\Garmin
2020-02-03 07:51 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-03 07:51 - 2018-12-20 09:50 - 000000000 ____D C:\ProgramData\Package Cache
2020-02-03 07:18 - 2019-02-19 08:52 - 000000000 ____D C:\Program Files (x86)\epson
2020-02-03 07:17 - 2019-02-22 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2020-02-03 07:14 - 2019-02-22 18:27 - 000000000 ____D C:\Program Files\Common Files\MAGIX Services
2020-02-03 07:13 - 2019-02-22 18:26 - 000000000 ____D C:\Program Files (x86)\MAGIX
2020-02-03 07:12 - 2019-02-22 18:26 - 000000000 ____D C:\ProgramData\MAGIX
2020-02-03 07:05 - 2019-02-12 16:03 - 000000000 ____D C:\Users\Marcus\AppData\Local\Google
2020-02-03 07:05 - 2019-02-12 16:03 - 000000000 ____D C:\Program Files (x86)\Google
2020-02-03 07:03 - 2019-01-29 16:48 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-02-03 07:01 - 2019-02-19 09:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2020-02-03 07:01 - 2019-02-19 09:28 - 000000000 ____D C:\Program Files (x86)\Epson Software
2020-02-03 07:01 - 2019-02-19 08:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2020-02-03 06:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-02-03 06:46 - 2019-02-22 23:05 - 000000000 ____D C:\Users\Marcus\Desktop\AKS
2020-02-03 06:45 - 2019-02-22 23:12 - 000000000 ____D C:\Users\Marcus\Desktop\Projekte
2020-02-03 06:23 - 2019-02-22 23:10 - 000000000 ____D C:\Users\Marcus\Desktop\Büro allgemeein
2020-02-03 06:16 - 2018-12-19 18:46 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-03 06:14 - 2019-10-08 17:08 - 000003054 _____ C:\WINDOWS\system32\Tasks\AsrSP.exe
2020-02-03 06:14 - 2019-07-02 15:02 - 000000000 ___RD C:\Users\Marcus\iCloudDrive
2020-02-03 06:14 - 2018-12-19 18:39 - 000000000 ___RD C:\Users\Marcus\OneDrive
2020-02-03 05:56 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-03 05:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-03 05:56 - 2018-12-19 18:38 - 000000000 ____D C:\Users\Marcus\AppData\Local\Packages
2020-02-03 05:49 - 2019-10-08 17:07 - 001725108 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-03 05:49 - 2019-03-19 13:16 - 000743888 _____ C:\WINDOWS\system32\perfh007.dat
2020-02-03 05:49 - 2019-03-19 13:16 - 000150212 _____ C:\WINDOWS\system32\perfc007.dat
2020-02-03 05:45 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-02-03 05:43 - 2019-10-08 17:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-03 05:42 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-02-03 05:36 - 2019-04-25 21:37 - 000000000 ___RD C:\Users\Marcus\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2020-02-03 04:50 - 2019-10-08 17:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-03 04:50 - 2019-01-29 13:24 - 000000000 ____D C:\Users\Public\Logi
2020-02-03 01:59 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-02-02 13:59 - 2019-10-08 17:02 - 000000000 ____D C:\Users\Marcus
2020-02-02 13:59 - 2019-01-29 19:39 - 000000000 ____D C:\Users\Marcus\AppData\Roaming\Apple Computer
2020-02-01 13:47 - 2019-02-14 12:26 - 000000000 ____D C:\ProgramData\firebird
2020-01-30 23:18 - 2019-05-02 16:21 - 000000000 ____D C:\Users\Marcus\AppData\Roaming\WhatsApp
2020-01-30 13:51 - 2019-10-08 17:08 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2263560041-3636778381-2339849275-1001
2020-01-30 13:51 - 2019-10-08 17:02 - 000002398 _____ C:\Users\Marcus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-30 11:22 - 2019-02-21 10:00 - 000000000 ____D C:\ProgramData\ORCA AVA
2020-01-30 10:50 - 2019-02-22 21:56 - 000000000 ____D C:\Users\Marcus\AppData\Roaming\SketchUp
2020-01-30 10:50 - 2019-02-22 21:56 - 000000000 ____D C:\Users\Marcus\AppData\Local\SketchUp
2020-01-30 10:50 - 2019-01-30 21:10 - 000000000 ____D C:\Users\Marcus\Desktop\Architektursoftware
2020-01-30 10:38 - 2019-02-22 21:56 - 000000000 ____D C:\ProgramData\SketchUp
2020-01-27 14:21 - 2019-11-21 11:48 - 000000000 ____D C:\Users\Marcus\AppData\Roaming\PDF Architect 7
2020-01-26 11:19 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-26 11:18 - 2019-01-29 15:10 - 000000000 ____D C:\Program Files\Microsoft Office
2020-01-23 09:51 - 2019-01-29 15:36 - 000000000 ____D C:\Users\Marcus\Desktop\Tools
2020-01-23 09:50 - 2019-02-22 23:04 - 000000000 ____D C:\Users\Marcus\Desktop\Privat
2020-01-22 20:41 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-21 18:11 - 2019-11-21 11:52 - 000000000 ____D C:\Users\Marcus\Documents\PDF Architect
2020-01-18 11:04 - 2019-05-02 16:21 - 000000000 ____D C:\Users\Marcus\AppData\Local\WhatsApp
2020-01-15 19:21 - 2019-10-08 17:00 - 000914136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-15 18:58 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-15 18:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-15 18:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-15 18:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 12:14 - 2018-12-19 18:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 11:12 - 2018-12-19 18:50 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-14 14:46 - 2018-12-19 18:46 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-14 14:46 - 2018-12-19 18:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-01-10 17:07 - 2019-12-13 07:12 - 000000000 ____D C:\Users\Marcus\AppData\Roaming\TeamViewer

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2019-01-29 17:39 - 2019-01-29 17:47 - 000000000 _____ () C:\Users\Marcus\AppData\Local\Driver_LOM_8161Present.flag
2019-01-29 14:02 - 2019-01-29 14:02 - 000000036 _____ () C:\Users\Marcus\AppData\Local\housecall.guid.cache

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
Die Addition-Datei müsste schon vorher im Board gelandet sein.

Ich hoffe es kann jemand helfen. Ich warte auf Nachricht und werde die Anweisungen befolgen.

KiwiSB

cosinus 03.02.2020 13:14
Um es gleich von Anfang an klarzustellen: das Problem wird zu 99,999 % NICHTS mit Schädlingen zu tun haben.

Erstmal müssen wir herausfinden wer den Platz da zumüllt. Hast du da Infos zu? Wenn nein, schau nach, das Tool TreeSize könnte helfen.

KiwiSB 03.02.2020 13:29
Zitat:
Zitat von cosinus (Beitrag 1729706)
Um es gleich von Anfang an klarzustellen: das Problem wird zu 99,999 % NICHTS mit Schädlingen zu tun haben.

Erstmal müssen wir herausfinden wer den Platz da zumüllt. Hast du da Infos zu? Wenn nein, schau nach, das Tool TreeSize könnte helfen.
Zunächst mal recht herzlichen Dank für die schnelle Antwort. Bin erschrocken wie schnell reagiert wurde!

Da fängt das Problem schon an. Festplatte C: hat 0 Bytes frei und ich bekomme TreeSize nicht installiert. Auf D: wird behauptet es wäre unvollständig.

cosinus 03.02.2020 13:57
Dann kannst du nur manuell ran. Also Ordner abklappern per Rechtsklick -> Eigenschaften. Oder du schaufelst ein paar hundert MB frei, damit das zumindest erstmal installieren kann.

KiwiSB 03.02.2020 14:18
Zitat:
Zitat von cosinus (Beitrag 1729709)
Dann kannst du nur manuell ran. Also Ordner abklappern per Rechtsklick -> Eigenschaften. Oder du schaufelst ein paar hundert MB frei, damit das zumindest erstmal installieren kann.
Parallel war ich auf den gleichen Trichter gekommen. Manchmal hat man Scheuklappen. Ich hatte da eine Idee die mit iTunes zusammenhängt; iTunes hat meine Handysicherungen auf c: gelegt und schwups war die Platte voll. :stirn: (scheiß 512 GB Handys!)
Ich schiebe jetzt alle Handysicherungen auf Datenlaufwerk und werde die Entwicklung des Verhaltens an Laufwerk c: im auge behalten. Es ist mir immer noch ein Rätsel warum das Laufwerk auch ohne eine Aktivität auf 0 runter ging. das hatte ich noch nie.

Auf jeden Fall schon mal :dankeschoen: für die Sicht von Außen auf die Dinge. Ich sag Bescheid wie es sich entwickelt.


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:45 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131