Trojaner-Board
Seite 1 von 4 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Alles rund um Windows (https://www.trojaner-board.de/alles-rund-um-windows/)
-   -   Windows 10 Defender lässt sich nich mehr aktivieren (https://www.trojaner-board.de/201406-windows-10-defender-laesst-nich-mehr-aktivieren.html)

Phaeton 15.03.2021 22:58
Windows 10 Defender lässt sich nich mehr aktivieren
 
Ich kann den Viren und Bedrohungsschutz nicht mehr aktivieren, außerdem friert bei Rechtsklick kurz der Rechner ein wenn ich etwas
Währe schön wenn mir wer helfen könnte. Ich wollte ein Inplace update machen bekomme aber die Fehlermeldung das ich Virtual Box deinstalieren soll finde aber nichts

Hier sind die FRST Logfile

Danke


Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2021
Ran by SYSTEM on MININT-1DRBOPI (15-03-2021 22:19:53)
Running from f:\
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Language: Deutsch (Deutschland) -> Deutsch (Deutschland)
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.


==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [768448 2018-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\SYSTEM32\DRIVERSTORE\FILEREPOSITORY\WAVESAPO77AC.INF_AMD64_1C72DFBD7A8B521F\WAVESSVC64.EXE [1287440 2018-05-30] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [iTunesHelper] => "D:\Program Files\iTunes\iTunesHelper.exe"
HKLM\...\Windows x64\Print Processors\Canon TS8200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEK.DLL [482816 2018-11-26] (CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8200 series: C:\Windows\system32\CNMLMEK.DLL [904192 2018-11-26] (CANON INC.)
HKLM\...\Print\Monitors\HP B111 Status Monitor: C:\Windows\system32\hpinkstsB111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0DBE97F8-6C00-413B-9880-CEF0C3E3144F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [507392 2021-01-13] ()
Task: {143C69E5-5FD5-4558-A6BA-99056575EC72} - \Microsoft\Windows\Windows Error Reporting\SysInfo -> No File <==== ATTENTION
Task: {1C71DCDF-E249-4B96-9C87-81E7B1B18336} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {27B5F7F6-0E1C-499F-9969-B3C9A7176502} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7071000 2019-08-29] (Nero AG -> Nero AG)
Task: {28519E13-FAD4-4EB3-90E6-F16C060A8576} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {29064211-797B-4302-A9B1-CD339219720D} - System32\Tasks\Agent Activation Runtime\S-1-5-21-4274780374-310312604-1853351802-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-12-06] ()
Task: {2AE11AF1-8D11-47DA-8F01-468864E5458B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BED9E85-9FFF-4456-80F4-C0DD0A0DC905} - System32\Tasks\dmci => C:\Users\ANDREA~1\dmci\ohxobu.exe -> C:\Users\ANDREA~1\dmci\fnnd.ssm
Task: {2BF5EA0D-5835-4222-A6AF-854D81E7CF8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2020-08-16] (Google Inc -> Google LLC)
Task: {2C20BB6A-F3DD-4ED3-B288-D13FC87029EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {2D713917-6A46-4A07-9990-82FEE9F3D5EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {332D52C9-E8FE-45B0-9732-35E8270ED02A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {36972BE7-3BA2-4B90-8F44-1472DE441194} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37ACB099-7453-41AA-9C67-00F332364B07} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {3DCD2779-CFB2-4880-ACC7-2046CEE42473} - System32\Tasks\CareCenter\AppleIEDAV_Reg_HKCURun_S-1-5-21-4274780374-310312604-1853351802-1001 => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {4045B47F-B3BA-4D17-AE11-A97AB0CC7FED} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {412D8276-8D08-40CE-8F92-3CCE8002566C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-09-13] (Acer Incorporated -> TODO: <Company name>)
Task: {451001C9-378B-4AE3-9E64-B3F99F121789} - System32\Tasks\CareCenter\Folder Size_Reg_HKCURun_S-1-5-21-4274780374-310312604-1853351802-1001 => C:\Program Files\FolderSize\FolderSize.exe [169472 2013-02-12] (Brio)
Task: {48C1D5D3-51A8-40F5-91A6-E91D933AAADB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B980566-1FA1-4317-9B56-39FA8CA885AD} - \PC Cleaner repairing -> No File <==== ATTENTION
Task: {4C79F391-64E0-4EEB-A0C5-EAC4C3953168} - System32\Tasks\IMF_SkipUAC_Andreas Ebner => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
Task: {4DCF3553-E408-48F8-967A-ED143F919B23} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {509B46F4-E139-4699-9E8F-7032C6F7B533} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris Trojan Remover\ltr.exe [17908736 2021-01-07] (Loaris Inc.)
Task: {5413A72E-71CB-47EE-B77C-DBA6849DAD87} - System32\Tasks\IMF_SkipUAC_adm => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
Task: {622E3556-B0D5-4FE0-A048-8C16AEAF86D6} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {63A780BE-553B-4160-8F75-3933807C6F94} - System32\Tasks\BlueStacksHelper => D:\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {669D58B1-FD25-4C91-BD10-8682412158A5} - System32\Tasks\Norton Security Scan for Andreas Ebner => C:\PROGRA~2\NORTON~2\Engine\461~1.150\Nss.exe
Task: {670B7F97-D28A-49D5-A25C-83B58E6DFE93} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {67C67D30-C919-448D-B9C5-4EBDECAD47C0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {6A067CC0-C766-4833-84BA-142539FAE128} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E5E9A48-2165-4040-ABB1-AF7673845C61} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302184 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {7E2D93D1-98CA-4313-8091-AEFCE59ADE76} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {875096B5-CC77-4225-9C3F-0F5B8E826ECA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8B45FE22-1046-47F6-A071-2E6F58937F53} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {8C267C9B-EDFD-4510-94EF-40FBCD45A1ED} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446256 2019-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {8DEF72EB-E500-44BF-9302-FBF0034816DE} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {8F0C014E-4FF3-4186-9948-151E434BA141} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Andreas Ebner\Desktop\esetonlinescanner_enu.exe
Task: {8F476193-8984-4554-96FB-E3927F6404A0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {91BE893C-DD86-41D6-94E1-757499446792} - System32\Tasks\CareCenter\ApplePhotoStreams_Reg_HKCURun_S-1-5-21-4274780374-310312604-1853351802-1001 => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {92E1468D-5693-4592-80AD-D3BBFB38B6A4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {9966559E-E12A-4EB0-931D-8365FD62F8A9} - System32\Tasks\PredatorSense UI => C:\Program Files\Acer\PredatorSense Service\PSLauncher.exe [580888 2019-10-09] (Acer Incorporated -> Acer Incorporated)
Task: {9E47636E-7D34-4F42-A796-CF81F7E27BB2} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4696880 2018-05-28] (Acer Incorporated -> )
Task: {A0D0CFEF-EBED-4DE8-A5BE-FB94EEA7B015} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {A315D83E-F948-473F-B5EA-93952D03FEB4} - System32\Tasks\CareCenter\Syncios device service_Reg_HKLMWow6432Run => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [2944120 2019-07-11] (Anvsoft Inc. -> )
Task: {B02372F9-44E2-4C29-8199-16F0EEA19CA4} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-10-30] (Acer Incorporated -> )
Task: {B39E20EE-88BC-479D-BFCF-3A2C09C24AF9} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [64320 2019-07-11] (Acer Incorporated -> Acer)
Task: {C1017873-A0B3-45F9-830C-92F5EE4ABF62} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-10-30] (Acer Incorporated -> )
Task: {C54F7330-639B-4617-9A81-CDB32055B55C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {C8F8901B-498B-4DA8-94E0-904BCD0E96EF} - System32\Tasks\PredatorSense => C:\Program Files\Acer\PredatorSense Service\PSLauncher.exe [580888 2019-10-09] (Acer Incorporated -> Acer Incorporated)
Task: {C99E434D-288E-43E9-91D7-E8C917F7C0FC} - System32\Tasks\CareCenter\AdobeAAMUpdater-1.0_Reg_HKLMRun => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CE397CA2-1479-43C6-B287-D9FBC29C3C3B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {CEB723EE-D84D-49A9-AB75-9F95C2A08945} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantAllUsersRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {D0720991-C887-41BE-A650-4A090FA84E12} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [91440 2017-09-26] (Acer Incorporated -> Microsoft)
Task: {D4EE7AFA-FEBC-4C0D-A7B9-4D612AC01FB9} - System32\Tasks\UAC => C:\Users\Andreas [Argument = Ebner\AppData\Roaming\NsMiner\IMG001.exe]
Task: {D54A2E50-0475-4A5E-BB13-49BCD6EBE6DD} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {D9E6FBB8-8C39-4FF2-84F6-EA9A619CB4E7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe
Task: {DAF737BA-4855-4070-B610-E9D128DFE022} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4274780374-310312604-1853351802-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {DC1A0475-072A-4CD2-8AE4-C4078D3E02F4} - System32\Tasks\CareCenter\iCloudServices_Reg_HKCURun_S-1-5-21-4274780374-310312604-1853351802-1001 => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {DD513BEA-24FF-4B3A-ABF2-2BE399713D3E} - System32\Tasks\CareCenter\GXT155gmmouseRun_Reg_HKLMWow6432Run => C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\GXT155mon.exe [3435520 2018-06-11] ()
Task: {DEF9ABC2-8F13-40AD-A0F7-2B3621169028} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {DF1D8E4A-02EE-434D-9D07-B427480E08AB} - System32\Tasks\CareCenter\Killer Control Center.lnk_FolderCommonAppdata => C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe [1564864 2018-03-06] (Rivet Networks LLC -> Rivet Networks)
Task: {E113C8C6-B2C3-413F-B2A3-3FCABE397FA4} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Andreas Ebner\Desktop\esetonlinescanner_enu.exe
Task: {EECAFCC8-3809-4567-987E-4552D7178D18} - System32\Tasks\CareCenter\Open-Shell Start Menu_Reg_HKLMRun => C:\Program Files\Open-Shell\StartMenu.exe [224768 2019-10-26] (Open-Shell)
Task: {F59C6A1E-869F-4078-A9DC-B166C143FE04} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2019-10-09] (Acer Incorporated -> Acer Incorporated)
Task: {F7B68233-3F15-45F9-93BB-3ED28D383FEC} - System32\Tasks\CareCenter\iCloudDrive_Reg_HKCURun_S-1-5-21-4274780374-310312604-1853351802-1001 => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {F906CD2B-59B1-4F90-BEE2-A63490DE6296} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2020-08-16] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\Windows\Tasks\UAC.job => C:\Users\Andreas)Ebner\AppData\Roaming\NsMiner\IMG001.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
S2 CdRomAccessAgentService; C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe [96152 2020-10-02] (Shenzhen Moyea Software -> Leawo Software)
S2 ETGMGlcsSrv; C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\ETGMSrv.exe [1181544 2012-04-24] (Eastern Times Technology Co.,Ltd -> )
S2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-12] (Brio)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 GoogleChromeElevationService1d6b87fd0753326; C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\elevation_service.exe [1509488 2021-03-11] (Google LLC -> Google LLC)
S2 Killer Network Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2319320 2018-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Rivet Networks)
S2 MBAMIService; C:\ProgramData\MB3Install\MBAMIService.exe [231120 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-22] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2535000 2021-02-24] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3480152 2021-02-24] (Electronic Arts, Inc. -> Electronic Arts)
S3 PSSvc; C:\Program Files\Acer\PredatorSense Service\PSSvc.exe [979736 2019-10-09] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466224 2019-09-26] (Acer Incorporated -> Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [508208 2019-09-26] (Acer Incorporated -> Acer Incorporated)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [384512 2019-10-15] ()
S3 sshd; C:\Windows\System32\OpenSSH\sshd.exe [974848 2019-10-15] ()
S2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-09-13] (Acer Incorporated -> acer)
S2 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [47616 2020-12-24] (KeepSolid Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WireGuardTunnel$VPNUWireguard; C:\Program Files (x86)\VPN Unlimited\WireVPNUImpl.exe [17920 2020-10-12] ()
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 GoogleChromeElevationService; "C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.193\elevation_service.exe" [X]
S3 Rockstar Service; "D:\Rockstar Games Launcher\RockstarService.exe" [X]
S2 SecurityServiceMonitor; C:\Program Files (x86)\TotalAV\SecurityService.exe --monitor [X] <==== ATTENTION
S3 VBoxSDS; "C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [18432 2019-12-07] (Microsoft Corporation)
S1 afunix; C:\Windows\system32\drivers\afunix.sys [41984 2020-10-09] (Microsoft Corporation)
S1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2020-10-09] (Microsoft Corporation)
S1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [292864 2019-12-07] (Microsoft Corporation)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2020-10-09] (Microsoft Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [9728 2019-12-07] (Windows (R) Win 7 DDK provider)
S1 Beep; C:\Windows\System32\Drivers\Beep.sys [10240 2019-12-07] (Microsoft Corporation)
S2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [117760 2021-01-13] (Microsoft Corporation)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2020-10-09] (Microsoft Corporation)
S3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [113664 2021-03-11] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [65536 2019-12-07] (Microsoft Corporation)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [106496 2020-10-09] (Microsoft Corporation)
S3 BthMini; C:\Windows\System32\drivers\BTHMINI.sys [45568 2021-03-11] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation)
S3 BthPan; C:\Windows\System32\drivers\bthpan.sys [133632 2019-12-07] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\drivers\BTHport.sys [1560064 2021-03-11] (Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\drivers\BTHUSB.sys [110592 2021-03-11] (Microsoft Corporation)
S1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [91136 2021-03-11] ()
S3 circlass; C:\Windows\System32\drivers\circlass.sys [52224 2019-12-07] (Microsoft Corporation)
S2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [495104 2021-02-06] (Microsoft Corporation)
S1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [152064 2021-03-11] (Microsoft Corporation)
S1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [59392 2019-12-07] (Microsoft Corporation)
S1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8704 2019-12-07] (Microsoft Corporation)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [430080 2020-10-09] (Microsoft Corporation)
S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [120320 2020-10-09] (Microsoft Corporation)
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [48640 2019-12-07] (Microsoft Corporation)
S1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-11-11] (Martin Malik - REALiX -> REALiX(tm))
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [30208 2019-12-07] (Microsoft Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [47104 2020-10-09] (Microsoft Corporation)
S3 intelpmax; C:\Windows\System32\drivers\intelpmax.sys [30720 2019-12-07] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [90112 2019-12-07] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [225280 2019-12-07] (Microsoft Corporation)
S2 lltdio; C:\Windows\System32\drivers\lltdio.sys [72704 2019-12-07] (Microsoft Corporation)
S2 luafv; C:\Windows\system32\drivers\luafv.sys [140800 2021-03-11] (Microsoft Corporation)
S2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220616 2021-03-15] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-03-14] (Malwarebytes Inc -> Malwarebytes)
S3 MbbCx; C:\Windows\System32\drivers\MbbCx.sys [386048 2020-10-09] (Microsoft Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [65024 2019-12-07] (Microsoft Corporation)
S2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [53248 2020-10-09] (Microsoft Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [47104 2021-01-13] (Microsoft Corporation)
S3 monitor; C:\Windows\System32\drivers\monitor.sys [80896 2020-10-09] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [157696 2019-12-07] (Microsoft Corporation)
S3 MsBridge; C:\Windows\System32\drivers\bridge.sys [127488 2019-12-07] (Microsoft Corporation)
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [12288 2019-12-07] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [34816 2020-11-10] (Microsoft Corporation)
S2 MsLldp; C:\Windows\System32\drivers\mslldp.sys [78848 2019-12-07] (Microsoft Corporation)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [740864 2021-03-11] (Microsoft Corporation)
S1 NdisCap; C:\Windows\System32\drivers\ndiscap.sys [54272 2019-12-07] (Microsoft Corporation)
S3 NdisImPlatform; C:\Windows\System32\drivers\NdisImPlatform.sys [135168 2020-10-09] (Microsoft Corporation)
S3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [28672 2020-10-09] (Microsoft Corporation)
S3 NdisWan; C:\Windows\System32\drivers\ndiswan.sys [206848 2020-10-09] (Microsoft Corporation)
S3 ndiswanlegacy; C:\Windows\System32\DRIVERS\ndiswan.sys [206848 2020-10-09] (Microsoft Corporation)
S3 ndproxy; C:\Windows\System32\DRIVERS\NDProxy.sys [93696 2020-10-09] (Microsoft Corporation)
S2 Ndu; C:\Windows\System32\drivers\Ndu.sys [131584 2019-12-07] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [207360 2021-02-06] (Microsoft Corporation)
S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [341504 2020-10-09] (Microsoft Corporation)
S1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [48640 2020-10-09] (Microsoft Corporation)
S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [822784 2020-10-09] (Microsoft Corporation)
S3 PNPMEM; C:\Windows\System32\drivers\pnpmem.sys [17408 2019-12-07] (Microsoft Corporation)
S3 PptpMiniport; C:\Windows\System32\drivers\raspptp.sys [101888 2020-10-09] (Microsoft Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [53248 2019-12-07] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [20480 2020-10-09] (Microsoft Corporation)
S3 RasAgileVpn; C:\Windows\System32\drivers\AgileVpn.sys [118784 2020-11-10] (Microsoft Corporation)
S3 Rasl2tp; C:\Windows\System32\drivers\rasl2tp.sys [110080 2020-10-09] (Microsoft Corporation)
S3 RasSstp; C:\Windows\System32\drivers\rassstp.sys [86016 2020-10-09] (Microsoft Corporation)
S3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [28672 2019-12-07] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [174080 2020-12-06] (Microsoft Corporation)
S3 RFCOMM; C:\Windows\System32\drivers\rfcomm.sys [213504 2019-12-07] (Microsoft Corporation)
S3 RfeCoSvc; C:\Windows\System32\drivers\RivetNetworks\Killer\RfeCo10X64.sys [150152 2018-04-26] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [115712 2019-12-07] (Microsoft Corporation)
S1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-07-09] (Audials AG -> Audials AG)
S2 rspndr; C:\Windows\System32\drivers\rspndr.sys [89088 2019-12-07] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [44032 2021-03-11] (Microsoft Corporation)
S3 spaceparser; C:\Windows\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Corporation)
S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [782848 2020-12-09] (Microsoft Corporation)
S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [315392 2020-11-10] (Microsoft Corporation)
S3 Synth3dVsc; C:\Windows\System32\drivers\Synth3dVsc.sys [67072 2019-12-07] (Microsoft Corporation)
S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [54784 2019-12-07] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [66560 2019-12-07] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [37888 2019-12-07] (Microsoft Corporation)
S3 tunnel; C:\Windows\System32\drivers\tunnel.sys [129024 2019-12-07] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [160256 2019-12-07] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [188416 2019-12-07] (Microsoft Corporation)
S3 UcmUcsiAcpiClient; C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys [36864 2019-12-07] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\Windows\System32\Drivers\UcmUcsiCx.sys [113152 2020-10-09] (Microsoft Corporation)
S5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 usbaudio; C:\Windows\system32\drivers\usbaudio.sys [210432 2021-02-06] (Microsoft Corporation)
S3 usbaudio2; C:\Windows\System32\drivers\usbaudio2.sys [260608 2019-12-07] (Microsoft Corporation)
S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [107520 2019-12-07] (Microsoft Corporation)
S3 usbglcs1100302; C:\Windows\system32\drivers\usbglcs1100302.sys [25600 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [35328 2019-12-07] (Microsoft Corporation)
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239872 2021-01-07] (Oracle Corporation -> Oracle Corporation)
S1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249776 2021-01-07] (Oracle Corporation -> Oracle Corporation)
S3 VirtualRender; C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Corporation)
S2 wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [93184 2020-10-09] (Microsoft Corporation)
S3 wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [93184 2020-10-09] (Microsoft Corporation)
S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [93184 2021-03-11] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [958976 2021-03-11] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [259584 2021-03-11] (Microsoft Corporation)
S3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [38176 2020-08-21] (WireGuard LLC -> WireGuard LLC)
S3 WINUSB; C:\Windows\System32\drivers\WinUSB.SYS [107008 2019-12-07] (Microsoft Corporation)
S3 WSDPrintDevice; C:\Windows\System32\drivers\WSDPrint.sys [23552 2019-12-07] (Microsoft Corporation)
S3 WSDScan; C:\Windows\system32\DRIVERS\WSDScan.sys [26112 2020-10-09] (Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [136192 2019-12-07] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [315392 2019-12-07] (Microsoft Corporation)
S3 WUDFWpdFs; C:\Windows\System32\drivers\WUDFRd.sys [315392 2019-12-07] (Microsoft Corporation)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [329216 2021-03-11] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [51712 2021-03-11] (Microsoft Corporation)
S4 ekrn; no ImagePath
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
UpperFilters: [{71A27CDD-812A-11D0-BEC7-08002BE2092F}] -> [volsnap fltsrv]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (All) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-15 22:19 - 2021-03-15 22:19 - 000000000 ____D C:\FRST
2021-03-15 22:11 - 2021-03-15 22:11 - 000002328 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2021-03-15 21:40 - 2021-03-15 21:40 - 000000000 ____D C:\Users\Andreas Ebner\RevoUninstallerProPortable
2021-03-15 21:37 - 2021-03-15 21:41 - 000000000 ____D C:\Users\Andreas Ebner\Desktop\Topf
2021-03-15 20:35 - 2021-03-15 20:35 - 000003840 _____ C:\Windows\System32\Tasks\EOSv3 Scheduler onLogOn
2021-03-15 20:35 - 2021-03-15 20:35 - 000003398 _____ C:\Windows\System32\Tasks\EOSv3 Scheduler onTime
2021-03-15 20:05 - 2021-03-15 20:05 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\ESET
2021-03-15 19:43 - 2021-03-15 19:54 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2021-03-15 19:43 - 2021-03-15 19:43 - 000255928 _____ (Malwarebytes) C:\Windows\System32\Drivers\214197E3.sys
2021-03-15 19:21 - 2021-03-15 19:35 - 000000000 ___HD C:\$WINDOWS.~BT
2021-03-15 16:07 - 2021-03-15 17:25 - 000000000 ____D C:\ProgramData\HitmanPro
2021-03-15 15:52 - 2021-03-15 17:25 - 000000000 ____D C:\Users\Andreas Ebner\AppData\LocalLow\IGDump
2021-03-15 15:19 - 2021-03-15 15:19 - 000000000 ____D C:\Windows\System32\Tasks\McAfee
2021-03-15 13:50 - 2021-01-07 10:18 - 001037824 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxDrv.sys
2021-03-15 13:50 - 2021-01-07 10:18 - 000187888 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxUSBMon.sys
2021-03-15 13:32 - 2021-03-15 13:32 - 019463448 _____ (Microsoft Corporation) C:\Users\Andreas Ebner\Downloads\MediaCreationTool20H2 (2).exe
2021-03-15 13:32 - 2021-03-15 13:32 - 000000000 ___HD C:\$Windows.~WS
2021-03-15 13:31 - 2021-03-15 13:31 - 019463448 _____ (Microsoft Corporation) C:\Users\Andreas Ebner\Downloads\MediaCreationTool20H2 (1).exe
2021-03-15 13:22 - 2021-03-15 13:22 - 019463448 _____ (Microsoft Corporation) C:\Users\Andreas Ebner\Downloads\MediaCreationTool20H2.exe
2021-03-15 09:17 - 2021-03-15 09:18 - 000000000 ____D C:\ProgramData\EaseUS Todo PCTrans
2021-03-15 08:59 - 2021-03-15 08:59 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\DontSleep
2021-03-15 01:30 - 2021-03-15 01:30 - 000220616 _____ (Malwarebytes) C:\Windows\System32\Drivers\MbamChameleon.sys
2021-03-15 00:48 - 2021-03-15 00:48 - 000000000 ____D C:\MATS
2021-03-14 23:11 - 2021-03-14 23:11 - 000002936 _____ C:\Windows\System32\Tasks\IMF_SkipUAC_adm
2021-03-14 23:09 - 2021-03-15 22:12 - 000000000 ____D C:\Users\Administrator\AppData\Local\OpenShell
2021-03-14 23:09 - 2021-03-14 23:11 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2021-03-14 23:09 - 2021-03-14 23:09 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2021-03-14 23:09 - 2021-03-14 23:09 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\OpenShell
2021-03-14 19:02 - 2021-03-15 17:25 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\wureset
2021-03-14 19:02 - 2021-03-14 19:02 - 000000000 ____D C:\Program Files\wureset
2021-03-14 18:51 - 2021-03-14 18:51 - 000000000 ___RD C:\Users\Andreas Ebner\Documents\Scanned Documents
2021-03-14 18:51 - 2021-03-14 18:51 - 000000000 ____D C:\Users\Andreas Ebner\Documents\Fax
2021-03-14 18:19 - 2021-03-14 18:19 - 000214174 _____ C:\Users\Andreas Ebner\Downloads\WindowsFirewall.diagcab
2021-03-14 17:24 - 2021-03-14 17:24 - 000002956 _____ C:\Windows\System32\Tasks\IMF_SkipUAC_Andreas Ebner
2021-03-14 16:56 - 2021-03-14 16:56 - 008823656 _____ (Intel Corporation) C:\Windows\System32\Drivers\Netwtw08.sys
2021-03-14 16:56 - 2021-03-14 16:56 - 002673724 _____ C:\Windows\System32\Drivers\Netwfw08.dat
2021-03-14 16:56 - 2021-03-14 16:56 - 001058152 _____ (Intel Corporation) C:\Windows\System32\IntelIHVRouter08.dll
2021-03-14 16:55 - 2021-03-14 16:55 - 006161712 _____ (Intel Corporation) C:\Windows\System32\Drivers\ibtusb.sys
2021-03-14 16:55 - 2021-03-14 16:55 - 003734352 _____ (Microsoft Corporation) C:\Windows\System32\mcupdate_GenuineIntel.dll
2021-03-14 16:55 - 2021-03-14 16:55 - 000539440 _____ (Intel Corporation) C:\Windows\System32\ibtsiva.exe
2021-03-14 16:55 - 2021-03-14 16:55 - 000441648 _____ (Intel Corporation) C:\Windows\System32\ibtproppage.dll
2021-03-14 16:26 - 2021-03-14 16:26 - 000000000 ___HD C:\$SysReset
2021-03-14 13:16 - 2021-03-14 13:16 - 000000000 ____D C:\Program Files\iPod
2021-03-13 09:38 - 2021-03-13 09:38 - 000000000 ____D C:\Windows\System32\Tasks\Mozilla
2021-03-11 16:58 - 2021-03-11 16:58 - 026273280 _____ (Microsoft Corporation) C:\Windows\System32\edgehtml.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 024272384 _____ (Microsoft Corporation) C:\Windows\System32\Hydrogen.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 023451136 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 019870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 018082304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 017544704 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 014762496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 010842448 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 010352424 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Protection.PlayReady.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 008899800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 008237056 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 008015592 _____ (Microsoft Corporation) C:\Windows\System32\OneCoreUAPCommonProxyStub.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 007965496 _____ (Microsoft Corporation) C:\Windows\System32\windows.storage.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 007784448 _____ (Microsoft Corporation) C:\Windows\System32\Chakra.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 007639536 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 007634432 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 007109120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 006433792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 006361144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 006236160 _____ (Microsoft Corporation) C:\Windows\System32\twinui.pcshell.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 006187008 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 006004312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 005858144 _____ (Microsoft Corporation) C:\Windows\System32\Windows.StateRepository.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 005751264 _____ (Microsoft Corporation) C:\Windows\System32\StartTileData.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 005424256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 005070336 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 004901888 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 004824576 _____ (Microsoft Corporation) C:\Windows\System32\cdp.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 004795784 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 004743168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 004732416 _____ (Microsoft Corporation) C:\Windows\System32\InputService.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 004704744 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 004650576 _____ (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 004629312 _____ (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 004534784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 004437776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 004272640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 004123184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 004008960 _____ (Microsoft Corporation) C:\Windows\System32\SystemSettingsThresholdAdminFlowUI.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003938304 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_nt.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003901952 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003869184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003852800 _____ (Microsoft Corporation) C:\Windows\System32\SRH.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003824192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003815424 _____ (Microsoft Corporation) C:\Windows\System32\win32kfull.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 003785552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 003764224 _____ (Microsoft Corporation) C:\Windows\System32\Microsoft.Bluetooth.Service.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003749888 _____ (Microsoft Corporation) C:\Windows\System32\EdgeContent.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003592192 _____ (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003557584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003507000 _____ (Microsoft Corporation) C:\Windows\System32\combase.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003394560 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003329536 _____ (Microsoft Corporation) C:\Windows\System32\esent.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003301376 _____ (Microsoft Corporation) C:\Windows\System32\tquery.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003293184 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003178832 _____ (Microsoft Corporation) C:\Windows\System32\mispace.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003094016 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Logon.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 003067904 _____ (Microsoft Corporation) C:\Windows\System32\UIAutomationCore.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002990904 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 002970624 _____ (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002919424 _____ (Microsoft Corporation) C:\Windows\System32\win32kbase.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 002821632 _____ (Microsoft Corporation) C:\Windows\System32\WsmSvc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002810296 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-03-11 16:58 - 2021-03-11 16:58 - 002755584 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2021-03-11 16:58 - 2021-03-11 16:58 - 002750976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 002659328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002635128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002602496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002594128 _____ (Microsoft Corporation) C:\Windows\System32\UpdateAgent.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002520072 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002495824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002472040 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002454528 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.onecore.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002453384 _____ (Microsoft Corporation) C:\Windows\System32\WMVCORE.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 002437632 _____ (Microsoft Corporation) C:\Windows\System32\InstallService.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002378752 _____ (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 002349568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002339744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002321800 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002309120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002268968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002251264 _____ (Microsoft Corporation) C:\Windows\System32\ISM.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002246480 _____ (Microsoft Corporation) C:\Windows\System32\workfolderssvc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002204160 _____ (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002179584 _____ (Microsoft Corporation) C:\Windows\System32\pnidui.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002137264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 002111488 _____ (Microsoft Corporation) C:\Windows\System32\windowsudk.shellcommon.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002040144 _____ (Microsoft Corporation) C:\Windows\System32\wsp_fs.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002024224 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 002007352 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001956552 _____ (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001956352 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001952912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001886208 _____ (Microsoft Corporation) C:\Windows\System32\wevtsvc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001866240 _____ (Microsoft Corporation) C:\Windows\System32\dbghelp.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001843712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001828352 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Input.Inking.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001824056 _____ (Microsoft Corporation) C:\Windows\System32\rdpserverbase.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001822272 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2021-03-11 16:58 - 2021-03-11 16:58 - 001787904 _____ (Microsoft Corporation) C:\Windows\System32\enterprisecsps.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001784512 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001767936 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.desktop.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001751448 _____ (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001721168 _____ (Microsoft Corporation) C:\Windows\System32\wsp_health.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001720320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001712128 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001696232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001695744 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll

Phaeton 15.03.2021 23:05
Hier der Rest

Code:
2021-03-11 16:58 - 2021-03-11 16:58 - 001695248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001686016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001587512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001570640 _____ (Microsoft Corporation) C:\Windows\System32\hvix64.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 001560064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 001555136 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 001548624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001532416 _____ (Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 001509728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001496064 _____ (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001494016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001479680 _____ (Microsoft Corporation) C:\Windows\System32\usermgr.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001434624 _____ (Microsoft Corporation) C:\Windows\System32\SystemSettings.Handlers.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001425440 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001415168 _____ (Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 001394024 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2021-03-11 16:58 - 2021-03-11 16:58 - 001393984 _____ (Microsoft Corporation) C:\Windows\System32\WinTypes.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001391616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001369600 _____ (Microsoft Corporation) C:\Windows\System32\tsf3gip.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001352768 _____ (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001337704 _____ (Microsoft Corporation) C:\Windows\System32\Windows.StateRepositoryPS.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001335632 _____ (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001335296 _____ (Microsoft Corporation) C:\Windows\System32\gpsvc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001314640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001314128 _____ (Microsoft Corporation) C:\Windows\System32\SecConfig.efi
2021-03-11 16:58 - 2021-03-11 16:58 - 001301608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001290176 _____ (Microsoft Corporation) C:\Windows\System32\dsreg.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001278976 _____ (Microsoft Corporation) C:\Windows\System32\localspl.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001268048 _____ (Microsoft Corporation) C:\Windows\System32\hvax64.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 001257472 _____ (Microsoft Corporation) C:\Windows\System32\reseteng.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001256448 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001240576 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_IME.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001233920 _____ (Microsoft Corporation) C:\Windows\System32\webplatstorageserver.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001215816 _____ (Microsoft Corporation) C:\Windows\System32\ApplyTrustOffline.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 001213744 _____ (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 001198312 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 001163776 _____ C:\Windows\System32\MBR2GPT.EXE
2021-03-11 16:58 - 2021-03-11 16:58 - 001148416 _____ (Microsoft Corporation) C:\Windows\System32\TpmCoreProvisioning.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001139536 _____ (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001129056 _____ (Microsoft Corporation) C:\Windows\System32\msctf.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001126096 _____ (Microsoft Corporation) C:\Windows\System32\DolbyDecMFT.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001097728 _____ (Microsoft Corporation) C:\Windows\System32\MusUpdateHandlers.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001094656 _____ (Microsoft Corporation) C:\Windows\System32\taskbarcpl.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001094464 _____ (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001092096 _____ (Microsoft Corporation) C:\Windows\System32\HoloSI.PCShell.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001068368 _____ (Microsoft Corporation) C:\Windows\System32\DismApi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001064448 _____ (Microsoft Corporation) C:\Windows\System32\opengl32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001055696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001051136 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 001044304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001044304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001040896 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Core.TextInput.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001021144 _____ (Microsoft Corporation) C:\Windows\System32\TextInputFramework.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001021112 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentClient.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001019904 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Management.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001014872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 001009232 _____ (Microsoft Corporation) C:\Windows\System32\propsys.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000995840 _____ (Microsoft Corporation) C:\Windows\System32\FrameServer.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000981504 _____ (Microsoft Corporation) C:\Windows\System32\rasapi32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000973312 _____ (Microsoft Corporation) C:\Windows\System32\PayloadRestrictions.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000971264 _____ (Microsoft Corporation) C:\Windows\System32\rasmans.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000965280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000958976 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdiWiFi.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000951384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000948736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000944640 _____ (Microsoft Corporation) C:\Windows\System32\EdgeManager.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000943416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000940544 _____ (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000937472 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Management.Service.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000923648 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000923136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\opengl32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000922112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000907776 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000906576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms2.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000896064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000893952 _____ (Microsoft Corporation) C:\Windows\System32\WorkfoldersControl.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000889856 _____ (Microsoft Corporation) C:\Windows\System32\PhoneProviders.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000887808 _____ (Microsoft Corporation) C:\Windows\System32\ieproxy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000887296 _____ (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 000887296 _____ (Microsoft Corporation) C:\Windows\System32\agentactivationruntimewindows.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000873984 _____ (Microsoft Corporation) C:\Windows\System32\LogonController.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000864256 _____ (Microsoft Corporation) C:\Windows\System32\agentactivationruntime.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000863744 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000862208 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000860472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000858112 _____ (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000837632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000832512 _____ (Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000822232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000809472 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.ConversationalAgent.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000805888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000805168 _____ (Microsoft Corporation) C:\Windows\System32\tcblaunch.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000798208 _____ (Microsoft Corporation) C:\Windows\System32\ActivationManager.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000765400 _____ (Microsoft Corporation) C:\Windows\System32\WUDFx02000.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000764728 _____ (Microsoft Corporation) C:\Windows\System32\wimgapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000759728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000754688 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_Language.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000754072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000752640 _____ (Microsoft Corporation) C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000751616 _____ (Microsoft Corporation) C:\Windows\System32\d3d9on12.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000740864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PayloadRestrictions.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000734208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000725616 _____ (Microsoft Corporation) C:\Windows\System32\StateRepository.Core.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000715264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000715264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000714240 _____ (Microsoft Corporation) C:\Windows\System32\SettingSync.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000714240 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000713528 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000708096 _____ (Microsoft Corporation) C:\Windows\System32\configmanager2.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000707016 _____ C:\Windows\System32\TextShaping.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000706872 _____ (Microsoft Corporation) C:\Windows\System32\upshared.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000702800 _____ (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000689664 _____ (Microsoft Corporation) C:\Windows\System32\WMVXENCD.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000685056 _____ (Microsoft Corporation) C:\Windows\System32\daxexec.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000684544 _____ (Microsoft Corporation) C:\Windows\System32\LockController.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000680960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 000678400 _____ (Microsoft Corporation) C:\Windows\System32\MusNotification.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000677712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000676112 _____ (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000668672 _____ (Microsoft Corporation) C:\Windows\System32\twinapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000668672 _____ (Microsoft Corporation) C:\Windows\System32\ApplicationFrame.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000667136 _____ (Microsoft Corporation) C:\Windows\System32\dmenrollengine.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000654848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000649216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\agentactivationruntimewindows.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\agentactivationruntime.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000637952 _____ (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000630592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000628224 _____ (Microsoft Corporation) C:\Windows\System32\iprtrmgr.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000616960 _____ (Microsoft Corporation) C:\Windows\System32\rasdlg.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000616960 _____ (Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000615424 _____ (Microsoft Corporation) C:\Windows\System32\resutils.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000611952 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000611840 _____ (Microsoft Corporation) C:\Windows\System32\TileDataRepository.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000608768 _____ (Microsoft Corporation) C:\Windows\System32\sppcext.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000603960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000603264 _____ (Microsoft Corporation) C:\Windows\System32\d3d11on12.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000602176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000601600 _____ (Microsoft Corporation) C:\Windows\System32\EnterpriseAppMgmtSvc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000596992 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.LowLevel.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000596992 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000587248 _____ (Microsoft Corporation) C:\Windows\System32\AppResolver.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000583600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000577024 _____ (Microsoft Corporation) C:\Windows\System32\wbemcomn.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000573776 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000568632 _____ (Microsoft Corporation) C:\Windows\System32\WerFault.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000568144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000567296 _____ (Microsoft Corporation) C:\Windows\System32\usosvc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9on12.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000561152 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_PCDisplay.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000555008 _____ (Microsoft Corporation) C:\Windows\System32\bdesvc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000554496 _____ (Microsoft Corporation) C:\Windows\System32\rasgcw.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000553472 _____ (Microsoft Corporation) C:\Windows\System32\cloudAP.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000546816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000546304 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Bluetooth.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000544256 _____ (Microsoft Corporation) C:\Windows\System32\DMPushRouterCore.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000539648 _____ (Microsoft Corporation) C:\Windows\System32\InputSwitch.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000539648 _____ (Microsoft Corporation) C:\Windows\System32\IESettingSync.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000539248 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.Enumeration.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000531984 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000530952 _____ (Microsoft Corporation) C:\Windows\System32\mf.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000522064 _____ (Microsoft Corporation) C:\Windows\System32\wimserv.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000520192 _____ (Microsoft Corporation) C:\Windows\System32\mprdim.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000519064 _____ (Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000517120 _____ (Microsoft Corporation) C:\Windows\System32\wuuhext.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000517120 _____ (Microsoft Corporation) C:\Windows\System32\SettingsEnvironment.Desktop.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000516096 _____ (Microsoft Corporation) C:\Windows\System32\WinBioDataModel.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000502608 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2021-03-11 16:58 - 2021-03-11 16:58 - 000500224 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 000495616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000491520 _____ (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000488632 _____ (Microsoft Corporation) C:\Windows\System32\Faultrep.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000482104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000479744 _____ (Microsoft Corporation) C:\Windows\System32\DeviceEnroller.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000471552 _____ (Microsoft Corporation) C:\Windows\System32\upnphost.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000470016 _____ (Microsoft Corporation) C:\Windows\System32\taskcomp.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000468448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11on12.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000461112 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000457728 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_WorkAccess.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000457216 _____ (Microsoft Corporation) C:\Windows\System32\LockHostingFramework.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000456192 _____ (Microsoft Corporation) C:\Windows\System32\LockAppBroker.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000456088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000454992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000448000 _____ (Microsoft Corporation) C:\Windows\System32\edgeIso.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000447488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000443904 _____ (Microsoft Corporation) C:\Windows\System32\AarSvc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000442880 _____ (Microsoft Corporation) C:\Windows\System32\WalletService.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TileDataRepository.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000437248 _____ (Microsoft Corporation) C:\Windows\System32\wincorlib.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000436736 _____ (Microsoft Corporation) C:\Windows\System32\omadmclient.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000423224 _____ (Microsoft Corporation) C:\Windows\System32\MSAudDecMFT.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000419328 _____ (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000419328 _____ (Microsoft Corporation) C:\Windows\System32\AboveLockAppHost.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000412464 _____ (Microsoft Corporation) C:\Windows\System32\CloudExperienceHost.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000410064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000403792 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\clfs.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000403456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000403456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000403456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000403392 _____ (Microsoft Corporation) C:\Windows\System32\wevtapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000402944 _____ (Microsoft Corporation) C:\Windows\System32\Search.ProtocolHandler.MAPI2.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000401920 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_SpeechPrivacy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000392192 _____ (Microsoft Corporation) C:\Windows\System32\provplatformdesktop.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000389432 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000388888 _____ (Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000388096 _____ (Microsoft Corporation) C:\Windows\System32\ConsoleLogon.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000382464 _____ (Microsoft Corporation) C:\Windows\System32\provengine.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000381952 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000381952 _____ (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000379904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000379192 _____ (Microsoft Corporation) C:\Windows\System32\input.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000378880 _____ (Microsoft Corporation) C:\Windows\System32\Windows.FileExplorer.Common.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000378368 _____ (Microsoft Corporation) C:\Windows\System32\credprovs.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000374952 _____ (Microsoft Corporation) C:\Windows\System32\AudioSrvPolicyManager.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000362496 _____ (Microsoft Corporation) C:\Windows\System32\WsmWmiPl.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000362032 _____ (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000361072 _____ (Microsoft Corporation) C:\Windows\System32\SIHClient.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000361056 _____ (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000355328 _____ (Microsoft Corporation) C:\Windows\System32\ncryptprov.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000350208 _____ (Microsoft Corporation) C:\Windows\System32\drvinst.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AarSvc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_Authentication.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000336896 _____ (Microsoft Corporation) C:\Windows\System32\mdmregistration.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000330240 _____ (Microsoft Corporation) C:\Windows\System32\dmenterprisediagnostics.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000329216 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\xboxgip.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000326144 _____ (Microsoft Corporation) C:\Windows\System32\newdev.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000324608 _____ (Microsoft Corporation) C:\Windows\System32\UpdateDeploymentProvider.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000323072 _____ (Microsoft Corporation) C:\Windows\System32\vdsbas.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000322048 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000316928 _____ (Microsoft Corporation) C:\Windows\System32\msIso.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000312832 _____ (Microsoft Corporation) C:\Windows\System32\smartscreenps.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000312832 _____ (Microsoft Corporation) C:\Windows\System32\framedynos.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000312632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000297984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000296448 _____ (Microsoft Corporation) C:\Windows\System32\wc_storage.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000296448 _____ (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000295424 _____ (Microsoft Corporation) C:\Windows\System32\provops.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000291840 _____ (Microsoft Corporation) C:\Windows\System32\wevtutil.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000289792 _____ (Microsoft Corporation) C:\Windows\System32\wkssvc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConsoleLogon.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000288256 _____ (Microsoft Corporation) C:\Windows\System32\DeviceSetupManager.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000288048 _____ (Microsoft Corporation) C:\Windows\System32\Dism.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000286720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000285184 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.AppDefaults.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000279040 _____ (Microsoft Corporation) C:\Windows\System32\provhandlers.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000275968 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.FileExplorer.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000272384 _____ (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000272384 _____ (Microsoft Corporation) C:\Windows\System32\cdd.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000268800 _____ (Microsoft Corporation) C:\Windows\System32\Windows.StateRepositoryUpgrade.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000265216 _____ (Microsoft Corporation) C:\Windows\System32\SCardSvr.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000264704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000260944 _____ (Microsoft Corporation) C:\Windows\System32\offlinesam.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000259896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000259584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\winnat.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provplatformdesktop.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000252928 _____ (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000250704 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Management.Workplace.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000249680 _____ (Microsoft Corporation) C:\Windows\System32\Windows.StateRepositoryClient.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000249344 _____ (Microsoft Corporation) C:\Windows\System32\wuuhosdeployment.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000248320 _____ (Microsoft Corporation) C:\Windows\System32\werui.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glu32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000245248 _____ (Microsoft Corporation) C:\Windows\System32\container.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000237568 _____ (Microsoft Corporation) C:\Windows\System32\KnobsCore.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000237056 _____ (Microsoft Corporation) C:\Windows\System32\rasplap.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000237056 _____ (Microsoft Corporation) C:\Windows\System32\provisioningcsp.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000236544 _____ (Microsoft Corporation) C:\Windows\System32\IndexedDbLegacy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000236032 _____ (Microsoft Corporation) C:\Windows\System32\fidocredprov.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000235008 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_Region.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000234496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000231936 _____ (Microsoft Corporation) C:\Windows\System32\InstallServiceTasks.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.FileExplorer.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000231248 _____ C:\Windows\System32\containerdevicemanagement.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000230400 _____ (Microsoft Corporation) C:\Windows\System32\WorkFoldersShell.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000227840 _____ (Microsoft Corporation) C:\Windows\System32\C_G18030.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 000223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000223640 _____ (Microsoft Corporation) C:\Windows\System32\omadmapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000221184 _____ (Microsoft Corporation) C:\Windows\System32\WsmAuto.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000219648 _____ (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000219648 _____ (Microsoft Corporation) C:\Windows\System32\Analog.Shell.Broker.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000218936 _____ (Microsoft Corporation) C:\Windows\System32\tcbloader.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtutil.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000215888 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\spacedump.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000214528 _____ (Microsoft Corporation) C:\Windows\System32\mssph.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000210944 _____ (Microsoft Corporation) C:\Windows\System32\AppXApplicabilityBlob.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000210432 _____ (Microsoft Corporation) C:\Windows\System32\Win32CompatibilityAppraiserCSP.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000209408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000205312 _____ (Microsoft Corporation) C:\Windows\System32\ScDeviceEnum.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000203536 _____ (Microsoft Corporation) C:\Windows\System32\COLORCNV.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 000202544 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wcifs.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000202240 _____ (Microsoft Corporation) C:\Windows\System32\updatepolicy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasplap.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000196608 _____ (Microsoft Corporation) C:\Windows\System32\certprop.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000187392 _____ (Microsoft Corporation) C:\Windows\System32\profsvcext.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000185344 _____ (Microsoft Corporation) C:\Windows\System32\rtm.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000183808 _____ (Microsoft Corporation) C:\Windows\System32\net1.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fidocredprov.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000180736 _____ (Microsoft Corporation) C:\Windows\System32\spacebridge.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000180048 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwfs.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000179536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Management.Workplace.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000176944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000176136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 000176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000175624 _____ (Microsoft Corporation) C:\Windows\System32\BCP47mrm.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000174024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\omadmapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000171584 _____ (Microsoft Corporation) C:\Windows\System32\vertdll.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000171024 _____ (Microsoft Corporation) C:\Windows\System32\WerFaultSecure.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000166912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000166912 _____ (Microsoft Corporation) C:\Windows\System32\cimfs.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000165376 _____ (Microsoft Corporation) C:\Windows\System32\dmcertinst.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000164352 _____ (Microsoft Corporation) C:\Windows\System32\glu32.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000163328 _____ (Microsoft Corporation) C:\Windows\System32\winrscmd.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000161792 _____ (Microsoft Corporation) C:\Windows\System32\Windows.SharedPC.CredentialProvider.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000157048 _____ (Microsoft Corporation) C:\Windows\System32\profext.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000155960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\stornvme.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000155136 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.SerialCommunication.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000155136 _____ (Microsoft Corporation) C:\Windows\System32\MDMAppInstaller.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000152064 _____ (Microsoft Corporation) C:\Windows\System32\mdmmigrator.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000152064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000151864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000149784 _____ (Microsoft Corporation) C:\Windows\System32\Windows.System.Profile.HardwareId.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000149328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bindflt.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000145920 _____ (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvsetup.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000142336 _____ (Microsoft Corporation) C:\Windows\System32\InputLocaleManager.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000140800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\luafv.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000138752 _____ (Microsoft Corporation) C:\Windows\System32\CustomInstallExec.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000138240 _____ (Microsoft Corporation) C:\Windows\System32\usoapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000136704 _____ (Microsoft Corporation) C:\Windows\System32\wcimage.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000133728 _____ (Microsoft Corporation) C:\Windows\System32\gpapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000132920 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000132760 _____ (Microsoft Corporation) C:\Windows\System32\win32u.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000132608 _____ (Microsoft Corporation) C:\Windows\System32\samlib.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000131072 _____ (Microsoft Corporation) C:\Windows\System32\mssitlb.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000131072 _____ (Microsoft Corporation) C:\Windows\System32\AppxSysprep.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000129536 _____ (Microsoft Corporation) C:\Windows\System32\WSManMigrationPlugin.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000127288 _____ (Microsoft Corporation) C:\Windows\System32\DTUHandler.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrscmd.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000126552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000125952 _____ (Microsoft Corporation) C:\Windows\System32\KnobsCsp.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000124928 _____ (Microsoft Corporation) C:\Windows\System32\RjvMDMConfig.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000122424 _____ (Microsoft Corporation) C:\Windows\System32\DevDispItemProvider.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000121856 _____ (Microsoft Corporation) C:\Windows\System32\dbnetlib.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000119296 _____ (Microsoft Corporation) C:\Windows\System32\updatecsp.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000118784 _____ (Microsoft Corporation) C:\Windows\System32\MDMAgent.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000117584 _____ (Microsoft Corporation) C:\Windows\System32\Windows.StateRepositoryBroker.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000117248 _____ (Microsoft Corporation) C:\Windows\System32\DuCsps.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000116736 _____ (Microsoft Corporation) C:\Windows\System32\AxInstSv.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000115728 _____ (Microsoft Corporation) C:\Windows\System32\profapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000114160 _____ (Microsoft Corporation) C:\Windows\System32\VIDRESZR.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 000113664 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\System32\spfileq.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000110592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2021-03-11 16:58 - 2021-03-11 16:58 - 000108544 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000107008 _____ (Microsoft Corporation) C:\Windows\System32\NFCProvisioningPlugin.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000105472 _____ (Microsoft Corporation) C:\Windows\System32\WorkFolders.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbnetlib.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000103936 _____ (Microsoft Corporation) C:\Windows\System32\bindfltapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000103424 _____ (Microsoft Corporation) C:\Windows\System32\aadjcsp.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000100672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 000099840 _____ (Microsoft Corporation) C:\Windows\System32\provdatastore.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000099632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000093696 _____ (Microsoft Corporation) C:\Windows\System32\ProvPluginEng.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000093184 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wcnfs.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000092944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\System32\BarcodeProvisioningPlugin.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000091136 _____ C:\Windows\System32\Drivers\cimfs.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spfileq.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000089600 _____ (Microsoft Corporation) C:\Windows\System32\UsoClient.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000089600 _____ (Microsoft Corporation) C:\Windows\System32\omadmprc.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000089360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000088576 _____ (Microsoft Corporation) C:\Windows\System32\wsmprovhost.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000088576 _____ (Microsoft Corporation) C:\Windows\System32\EditBufferTestHook.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000088064 _____ (Microsoft Corporation) C:\Windows\System32\autopilot.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000087040 _____ (Microsoft Corporation) C:\Windows\System32\provtool.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000086832 _____ (Microsoft Corporation) C:\Windows\System32\spaceman.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000084992 _____ (Microsoft Corporation) C:\Windows\System32\WSManHTTPConfig.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000084992 _____ (Microsoft Corporation) C:\Windows\System32\MdmDiagnosticsTool.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000084480 _____ (Microsoft Corporation) C:\Windows\System32\SCardDlg.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000079872 _____ (Microsoft Corporation) C:\Windows\System32\ofdeploy.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000079360 _____ (Microsoft Corporation) C:\Windows\System32\WinBioDataModelOOBE.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000077488 _____ (Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManagerForUser.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000077312 _____ (Microsoft Corporation) C:\Windows\System32\ntlanman.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000075264 _____ (Microsoft Corporation) C:\Windows\System32\ncobjapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000072704 _____ (Microsoft Corporation) C:\Windows\System32\xboxgipsvc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000071168 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000071168 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000070968 _____ (Microsoft Corporation) C:\Windows\System32\GameInput.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000070656 _____ (Microsoft Corporation) C:\Windows\System32\udhisapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000068608 _____ (Microsoft Corporation) C:\Windows\System32\RemovableMediaProvisioningPlugin.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000068608 _____ (Microsoft Corporation) C:\Windows\System32\dmpushproxy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditBufferTestHook.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000066048 _____ (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000065536 _____ (Microsoft Corporation) C:\Windows\System32\iemigplugin.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000064000 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000063488 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000061952 _____ (Microsoft Corporation) C:\Windows\System32\WsmRes.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000061752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GameInput.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000060928 _____ (Microsoft Corporation) C:\Windows\System32\AxInstUI.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000059904 _____ (Microsoft Corporation) C:\Windows\System32\AssignedAccessRuntime.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000058392 _____ (Microsoft Corporation) C:\Windows\System32\Windows.StateRepositoryCore.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000056832 _____ (Microsoft Corporation) C:\Windows\System32\enrollmentapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000051712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\xinputhid.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000051200 _____ (Microsoft Corporation) C:\Windows\System32\SCardBi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmpushproxy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000047616 _____ (Microsoft Corporation) C:\Windows\System32\printfilterpipelineprxy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AssignedAccessRuntime.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\devauthe.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000045568 _____ (Microsoft Corporation) C:\Windows\System32\XInput1_4.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000045568 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BthMini.SYS
2021-03-11 16:58 - 2021-03-11 16:58 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000045056 _____ (Microsoft Corporation) C:\Windows\System32\LaunchWinApp.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\System32\WordBreakers.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000043008 _____ (Microsoft Corporation) C:\Windows\System32\upnpcont.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000042312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XInput1_4.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000036176 _____ (Microsoft Corporation) C:\Windows\System32\smphost.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000034304 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Management.Provisioning.ProxyStub.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WordBreakers.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000033104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smphost.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000032768 _____ (Microsoft Corporation) C:\Windows\System32\WsmAgent.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000031744 _____ (Microsoft Corporation) C:\Windows\System32\FaxPrinterInstaller.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\System32\odbcconf.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\System32\wci.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\System32\msimsg.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\System32\autopilotdiag.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000024312 _____ (Microsoft Corporation) C:\Windows\System32\WerEnc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000023552 _____ (Microsoft Corporation) C:\Windows\System32\DTUHandlerPS.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000020632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerEnc.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000018608 _____ (Microsoft Corporation) C:\Windows\System32\wshhyperv.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000017920 _____ (Microsoft Corporation) C:\Windows\System32\C_IS2022.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 000017232 _____ (Microsoft Corporation) C:\Windows\System32\hal.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000016384 _____ (Microsoft Corporation) C:\Windows\System32\wsmplpxy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000015360 _____ (Microsoft Corporation) C:\Windows\System32\c_GSM7.DLL
2021-03-11 16:58 - 2021-03-11 16:58 - 000012288 _____ (Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000011776 _____ (Microsoft Corporation) C:\Windows\System32\LaunchTM.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000011776 _____ (Microsoft Corporation) C:\Windows\System32\iprtprio.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000011359 _____ C:\Windows\System32\DrtmAuthTxt.wim
2021-03-11 16:58 - 2021-03-11 16:58 - 000010752 _____ (Microsoft Corporation) C:\Windows\System32\DMAlertListener.ProxyStub.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchTM.exe
2021-03-11 16:58 - 2021-03-11 16:58 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCertResources.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000003584 _____ (Microsoft Corporation) C:\Windows\System32\TpmCertResources.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000002560 _____ (Microsoft Corporation) C:\Windows\System32\tier2punctuations.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000002560 _____ (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000002560 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2021-03-11 16:54 - 2021-02-09 07:52 - 000391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2021-03-11 16:54 - 2021-02-09 07:13 - 000495616 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2021-02-27 21:35 - 2021-02-24 13:53 - 001855208 _____ C:\Windows\System32\vulkaninfo-1-999-0-0-0.exe
2021-02-27 21:35 - 2021-02-24 13:53 - 001855208 _____ C:\Windows\System32\vulkaninfo.exe
2021-02-27 21:35 - 2021-02-24 13:53 - 001452336 _____ (Khronos Group) C:\Windows\System32\OpenCL.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 001435880 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-02-27 21:35 - 2021-02-24 13:53 - 001435880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-02-27 21:35 - 2021-02-24 13:53 - 001191728 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 001094888 _____ C:\Windows\System32\vulkan-1-999-0-0-0.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 001094888 _____ C:\Windows\System32\vulkan-1.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 000948968 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 000948968 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-02-27 21:35 - 2021-02-24 13:51 - 000678704 _____ C:\Windows\System32\nvofapi64.dll
2021-02-27 21:35 - 2021-02-24 13:51 - 000546096 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 002102576 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 001587504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 001511192 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 001163544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 000811824 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 000671512 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFROpenGL.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 000655664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 000556816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 008260880 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 007391512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 004610320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 002729776 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 001730864 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6446172.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 001490200 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6446172.dll
2021-02-27 21:35 - 2021-02-24 13:42 - 006072896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-02-24 14:49 - 2021-02-24 14:49 - 000162958 _____ C:\FolderDescriptions.reg
2021-02-24 14:35 - 2021-02-24 14:35 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\LockHunter
2021-02-24 14:35 - 2021-02-24 14:35 - 000000000 ____D C:\Program Files\LockHunter
2021-02-24 10:54 - 2021-02-24 10:54 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\FreeGrabApp
2021-02-24 10:54 - 2021-02-24 10:54 - 000000000 ____D C:\ProgramData\FreeGrabApp
2021-02-24 10:54 - 2021-02-24 10:54 - 000000000 ____D C:\Program Files (x86)\FreeGrabApp
2021-02-22 12:02 - 2021-02-22 12:02 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-22 11:46 - 2021-02-22 11:46 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\GUI.Win
2021-02-21 10:13 - 2021-02-24 17:12 - 000000000 ____D C:\Program Files\Loaris Trojan Remover
2021-02-16 08:58 - 2021-02-16 08:58 - 000000000 ____D C:\Users\Andreas Ebner\Downloads\kann_man_bei_tvnow_herunterladen
2021-02-16 08:57 - 2021-02-16 08:57 - 000001877 _____ C:\Users\Andreas Ebner\Downloads\kann_man_bei_tvnow_herunterladen.zip
2021-02-14 13:01 - 2021-02-14 13:01 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\WhatsApp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-15 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-03-15 22:14 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\System32\config\BBI
2021-03-15 22:13 - 2020-11-10 18:46 - 001733632 _____ C:\Windows\System32\PerfStringBackup.INI
2021-03-15 22:13 - 2020-09-27 08:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-03-15 22:13 - 2019-12-07 15:50 - 000748644 _____ C:\Windows\System32\perfh007.dat
2021-03-15 22:13 - 2019-12-07 15:50 - 000151474 _____ C:\Windows\System32\perfc007.dat
2021-03-15 22:13 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-03-15 22:13 - 2019-03-23 09:24 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2021-03-15 22:12 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-03-15 22:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-15 22:11 - 2019-01-31 09:12 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-15 22:11 - 2019-01-08 12:58 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-15 22:10 - 2019-01-08 13:19 - 000000000 ____D C:\Users\Andreas Ebner\AppData\LocalLow\Mozilla
2021-03-15 22:09 - 2020-11-10 18:49 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\OpenShell
2021-03-15 22:08 - 2020-09-27 06:50 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-15 22:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-15 21:48 - 2019-07-18 19:28 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2021-03-15 21:40 - 2020-11-10 18:15 - 000000000 ____D C:\users\Andreas Ebner
2021-03-15 21:39 - 2020-11-10 18:44 - 000000000 ____D C:\Windows\System32\Tasks\CareCenter
2021-03-15 21:34 - 2019-01-08 15:04 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\JDownloader 2.0
2021-03-15 20:12 - 2020-09-28 17:40 - 000000000 ____D C:\Users\Andreas Ebner\Documents\VlcpVideoV1.0.1
2021-03-15 19:43 - 2021-02-01 23:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-15 19:37 - 2020-11-11 11:06 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\IObit
2021-03-15 19:37 - 2020-11-11 11:06 - 000000000 ____D C:\ProgramData\IObit
2021-03-15 19:37 - 2020-11-11 11:06 - 000000000 ____D C:\Program Files (x86)\IObit
2021-03-15 19:21 - 2020-11-10 18:43 - 000001890 _____ C:\Windows\diagwrn.xml
2021-03-15 19:21 - 2020-11-10 18:43 - 000001890 _____ C:\Windows\diagerr.xml
2021-03-15 19:21 - 2020-11-10 17:42 - 000000000 ___DC C:\Windows\Panther
2021-03-15 19:14 - 2020-01-22 11:59 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\vlc
2021-03-15 19:07 - 2020-09-27 06:50 - 000000000 ____D C:\Windows\System32\SleepStudy
2021-03-15 17:25 - 2020-11-10 18:15 - 000000000 ____D C:\users\Administrator
2021-03-15 17:25 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-03-15 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\Catroot2.bak
2021-03-15 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\AppLocker
2021-03-15 17:25 - 2019-11-25 22:50 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\Backuptrans Android iPhone WhatsApp Transfer + (x64)
2021-03-15 17:25 - 2019-04-10 06:57 - 000000000 ____D C:\Users\Andreas Ebner\Desktop\RevoUninstallerProPortable
2021-03-15 17:25 - 2019-01-08 14:06 - 000000000 ____D C:\Program Files\Common Files\AV
2021-03-15 17:25 - 2018-10-26 19:10 - 000000000 ____D C:\ProgramData\Norton
2021-03-15 17:22 - 2020-11-10 17:20 - 000000000 ____D C:\Windows\SoftwareDistribution.bak
2021-03-15 17:22 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\registration
2021-03-15 17:22 - 2019-01-11 17:16 - 000000000 __RHD C:\MSOCache
2021-03-15 16:40 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-03-15 15:33 - 2019-01-08 13:09 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\Packages
2021-03-15 15:19 - 2019-01-08 16:04 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\CrashDumps
2021-03-15 14:05 - 2020-09-27 08:54 - 000000000 ____D C:\ProgramData\Packages
2021-03-15 14:05 - 2019-01-08 13:16 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\PlaceholderTileLogoFolder
2021-03-15 13:40 - 2020-08-10 15:52 - 000000000 ____D C:\ESD
2021-03-15 10:51 - 2019-01-11 09:19 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\D3DSCache
2021-03-15 10:49 - 2019-03-05 13:34 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\ElevatedDiagnostics
2021-03-15 10:22 - 2020-11-10 17:37 - 000000000 ___HD C:\$GetCurrent
2021-03-15 09:16 - 2019-04-14 19:23 - 000000000 ____D C:\ProgramData\SystemAcCrux
2021-03-15 08:40 - 2019-01-08 20:42 - 131005360 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2021-03-15 01:21 - 2019-02-20 10:53 - 000000306 __RSH C:\ProgramData\ntuser.pol
2021-03-15 00:48 - 2019-01-08 20:37 - 000000000 ____D C:\Program Files\rempl
2021-03-15 00:32 - 2020-11-10 18:44 - 000000276 _____ C:\Windows\WindowsUpdate.log.bak
2021-03-15 00:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-03-15 00:12 - 2019-03-23 09:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2021-03-14 23:15 - 2020-11-10 18:44 - 000004186 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{59980136-2A6A-449B-A722-C0892DAA3EB4}
2021-03-14 23:13 - 2019-06-28 23:34 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\Origin
2021-03-14 23:13 - 2019-01-09 00:06 - 000000000 ____D C:\ProgramData\Origin
2021-03-14 23:09 - 2019-03-23 09:24 - 000000000 ___RD C:\Users\Administrator\3D Objects
2021-03-14 17:35 - 2020-12-14 12:27 - 000248992 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbamswissarmy.sys
2021-03-14 16:55 - 2019-08-30 17:35 - 000164600 _____ (Qualcomm Atheros, Inc.) C:\Windows\System32\Drivers\e2xw10x64.sys
2021-03-14 15:14 - 2019-02-14 12:40 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\Apple Computer
2021-03-14 13:26 - 2018-10-26 18:47 - 001755928 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2021-03-14 13:01 - 2021-01-29 10:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-14 13:01 - 2019-01-08 14:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-14 04:27 - 2020-09-08 22:51 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\TeraCopy
2021-03-11 17:11 - 2020-08-12 09:54 - 000000000 ____D C:\Users\Andreas Ebner\.fontconfig
2021-03-11 17:09 - 2020-09-27 06:50 - 000668760 _____ C:\Windows\System32\FNTCACHE.DAT
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\WinBioPlugIns
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\SystemResetPlatform
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\setup
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\oobe
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\Dism
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-03-11 16:54 - 2019-01-08 20:42 - 000000000 ____D C:\Windows\System32\MRT
2021-03-11 16:51 - 2019-02-04 17:42 - 000000000 ____D C:\Program Files\dotnet
2021-03-11 16:51 - 2018-10-26 18:30 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-11 15:50 - 2020-08-20 00:43 - 000000000 ___HD C:\$WinREAgent
2021-03-10 23:12 - 2020-10-01 13:21 - 000000128 _____ C:\Users\Andreas Ebner\AppData\Roaming\winscp.rnd
2021-03-10 22:45 - 2019-01-08 15:08 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\NVIDIA
2021-03-09 22:05 - 2017-09-29 14:46 - 000000167 _____ C:\Windows\win.ini
2021-03-08 19:34 - 2021-01-04 21:42 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\TunePat Netflix Video Downloader
2021-03-04 06:42 - 2020-11-28 07:58 - 000003606 _____ C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b788ddf1b3e0
2021-03-04 06:42 - 2020-09-27 08:52 - 000003700 _____ C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-03 19:20 - 2019-07-18 19:07 - 000000000 ____D C:\Program Files (x86)\Origin
2021-02-28 16:47 - 2020-12-29 07:59 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\TuneCable Spotify Downloader
2021-02-24 13:42 - 2020-10-15 14:51 - 007117744 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2021-02-24 11:28 - 2020-09-28 22:09 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\FileBot
2021-02-24 02:51 - 2020-10-15 14:51 - 000061257 _____ C:\Windows\System32\nvinfo.pb
2021-02-23 22:53 - 2020-04-03 22:36 - 005627248 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 002635632 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 001758064 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 000990064 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshext.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 000120176 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 000082288 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshextr.dll
2021-02-23 01:14 - 2020-06-13 20:25 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\SFDL.NET 3
2021-02-20 23:19 - 2020-08-15 02:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-15 13:46 - 2019-05-02 10:09 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\RenPy
2021-02-14 14:58 - 2020-03-05 14:41 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\WhatsApp
2021-02-14 13:01 - 2020-03-05 14:41 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\SquirrelTemp

==================== FLock ==============================

2021-01-03 11:31 C:\Users\Andreas Ebner\AppData\Roaming\FileZilla

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\Windows\SysWOW64\version_IObitDel.dll [2020-11-11] <==== ATTENTION (zero byte File/Folder)

==================== KnownDLLs (Whitelisted) =========================


==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe
[2021-03-11 16:58] - [2021-03-11 16:58] - 000907776 _____ (Microsoft Corporation) DE4C860EC6038509E06E580F1BC375E9

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2021-03-11 16:58] - [2021-03-11 16:58] - 004704744 _____ (Microsoft Corporation) 91BCFCAB8092A94CB7D60509BA75ED1C

C:\Windows\SysWOW64\explorer.exe
[2021-03-11 16:58] - [2021-03-11 16:58] - 004123184 _____ (Microsoft Corporation) 5E384A7E1F5A78A091ED7B0AD4D62724

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\dllhost.exe => MD5 is legit
C:\Windows\SysWOW64\dllhost.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============


==================== Restore Points  =========================

Restore point date: 2021-03-15 13:51
Restore point date: 2021-03-15 16:15
Restore point date: 2021-03-15 16:16
Restore point date: 2021-03-15 19:19
Restore point date: 2021-03-15 19:37
Restore point date: 2021-03-15 19:40
Restore point date: 2021-03-15 19:40
Restore point date: 2021-03-15 19:58
Restore point date: 2021-03-15 21:43
Restore point date: 2021-03-15 21:44
Restore point date: 2021-03-15 21:45
Restore point date: 2021-03-15 21:47
Restore point date: 2021-03-15 21:48
Restore point date: 2021-03-15 21:48
Restore point date: 2021-03-15 21:50
Restore point date: 2021-03-15 21:51
Restore point date: 2021-03-15 22:14

==================== Memory info ===========================

Percentage of memory in use: 8%
Total physical RAM: 16287.8 MB
Available physical RAM: 14854.23 MB
Total Virtual: 16287.8 MB
Available Virtual: 14905.11 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:237.36 GB) (Free:111.72 GB) NTFS
Drive d: (Spiele SSD) (Fixed) (Total:465.75 GB) (Free:311.94 GB) NTFS
Drive f: (Stick) (Removable) (Total:32 GB) (Free:31.93 GB) NTFS
Drive g: (Recovery) (Fixed) (Total:1 GB) (Free:0.5 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.49 GB) (Free:0.49 GB) NTFS
Drive y: (Data) (Fixed) (Total:931.51 GB) (Free:576.47 GB) NTFS

\\?\Volume{ef626c3c-fed6-49d9-913d-dee05596b177}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 065D87BF)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 00CC3198)

Partition: GPT.

==========================================================
Disk: 2 (Size: 238.5 GB) (Disk ID: 065D8751)

Partition: GPT.

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 58.4 GB) (Disk ID: AAAA903F)
Partition 1: (Active) - (Size=32 GB) - (Type=07 NTFS)
==================== End of FRST.txt ========================

cosinus 15.03.2021 23:20
Was soll denn das mit dem abgesicherten Modus? Begründung?
Ist der Rechner im normalen Modus überhaupt nicht mehr bedienbar?
Was hat das zerschossene System mit Schädlingen zu tun?

Zitat:
Ich wollte ein Inplace update machen
Schonmal gehört, dass man regelmäßig Backups macht, besonders vor solchen Eingriffen ins System?

Phaeton 15.03.2021 23:33
Ich weiß jetzt nich was du meinst mit abgesicherten Modus... Sorry
Der Rechner ist bedienbar
Updates werde ich in Zukunft machen wenn der Rechner wieder läuft.

Ich denke ich habe Schadsoftware drauf, das zerschossene System wie Du so schön sagst hab ich leider einen Pseudo Experten zu verdanken!

Was kann ich jetzt machen mei Laptop ist ein Acer Predator Helios 500

cosinus 15.03.2021 23:53
Sagmal du musst doch wissen was du selbst da am Rechner treibst!!

Zitat:
Boot Mode: Recovery
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Von allein geht Windows nicht in den agesicherten Modus :kloppen:

Zitat:
Ich denke ich habe Schadsoftware drauf, das zerschossene System wie Du so schön sagst hab ich leider einen Pseudo Experten zu verdanken!
Du hast ein zerschossenes System durch irgendeinen Unfug, da muss man jetzt nicht irgendeine Malware erfinden nur um dieser die Schuld dafür zu geben. Das ist doch Unsinn und Selbstbetrug.

Zitat:
Was kann ich jetzt machen mei Laptop ist ein Acer Predator Helios 500
Vernünftiges FRST-Log im normalen Modus wäre ein Anfang.

Phaeton 16.03.2021 00:03

FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2021
durchgeführt von Andreas Ebner (Administrator) auf LAPTOP-CQ0D7NOI (Acer Predator PH517-51) (16-03-2021 00:13:05)
Gestartet von I:\
Geladene Profile: Andreas Ebner
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() [Datei ist nicht signiert] C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\GXT155mon.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\PredatorSense Service\PSAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\PredatorSense Service\PSAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\PredatorSense Service\PSSvc.exe
(Acer Incorporated -> Microsoft) C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Anvsoft Inc. -> ) C:\Program Files (x86)\Anvsoft\Syncios\devicenotifier.exe
(Anvsoft Inc. -> ) C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Brio) [Datei ist nicht signiert] C:\Program Files\FolderSize\FolderSizeSvc.exe
(Code Sector -> Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Eastern Times Technology Co.,Ltd -> ) C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\ETGMSrv.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_62a0e7f4cd3e6c99\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(KeepSolid Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe
(Malwarebytes Corporation -> Malwarebytes) C:\ProgramData\MB3Install\MBAMIService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Open-Shell) [Datei ist nicht signiert] C:\Program Files\Open-Shell\StartMenu.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
(Shenzhen Moyea Software -> Leawo Software) C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_1c72dfbd7a8b521f\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_1c72dfbd7a8b521f\WavesSysSvc64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [768448 2018-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\SYSTEM32\DRIVERSTORE\FILEREPOSITORY\WAVESAPO77AC.INF_AMD64_1C72DFBD7A8B521F\WAVESSVC64.EXE [1287440 2018-05-30] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.)
HKLM\...\Windows x64\Print Processors\Canon TS8200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEK.DLL [482816 2018-11-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8200 series: C:\Windows\system32\CNMLMEK.DLL [904192 2018-11-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP B111 Status Monitor: C:\Windows\system32\hpinkstsB111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-15] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0DBE97F8-6C00-413B-9880-CEF0C3E3144F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {143C69E5-5FD5-4558-A6BA-99056575EC72} - \Microsoft\Windows\Windows Error Reporting\SysInfo -> Keine Datei <==== ACHTUNG
Task: {1C71DCDF-E249-4B96-9C87-81E7B1B18336} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {27B5F7F6-0E1C-499F-9969-B3C9A7176502} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7071000 2019-08-29] (Nero AG -> Nero AG)
Task: {28519E13-FAD4-4EB3-90E6-F16C060A8576} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2AE11AF1-8D11-47DA-8F01-468864E5458B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BED9E85-9FFF-4456-80F4-C0DD0A0DC905} - System32\Tasks\dmci => C:\Users\ANDREA~1\dmci\ohxobu.exe -> C:\Users\ANDREA~1\dmci\fnnd.ssm
Task: {2BF5EA0D-5835-4222-A6AF-854D81E7CF8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2020-08-16] (Google Inc -> Google LLC)
Task: {2C20BB6A-F3DD-4ED3-B288-D13FC87029EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {2D713917-6A46-4A07-9990-82FEE9F3D5EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {332D52C9-E8FE-45B0-9732-35E8270ED02A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {36972BE7-3BA2-4B90-8F44-1472DE441194} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37ACB099-7453-41AA-9C67-00F332364B07} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {3DCD2779-CFB2-4880-ACC7-2046CEE42473} - System32\Tasks\CareCenter\AppleIEDAV_Reg_HKCURun_S-1-5-21-4274780374-310312604-1853351802-1001 => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {4045B47F-B3BA-4D17-AE11-A97AB0CC7FED} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {412D8276-8D08-40CE-8F92-3CCE8002566C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-09-13] (Acer Incorporated -> TODO: <Company name>)
Task: {451001C9-378B-4AE3-9E64-B3F99F121789} - System32\Tasks\CareCenter\Folder Size_Reg_HKCURun_S-1-5-21-4274780374-310312604-1853351802-1001 => C:\Program Files\FolderSize\FolderSize.exe [169472 2013-02-12] (Brio) [Datei ist nicht signiert]
Task: {48C1D5D3-51A8-40F5-91A6-E91D933AAADB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B980566-1FA1-4317-9B56-39FA8CA885AD} - \PC Cleaner repairing -> Keine Datei <==== ACHTUNG
Task: {4C79F391-64E0-4EEB-A0C5-EAC4C3953168} - System32\Tasks\IMF_SkipUAC_Andreas Ebner => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
Task: {4DCF3553-E408-48F8-967A-ED143F919B23} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {509B46F4-E139-4699-9E8F-7032C6F7B533} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris Trojan Remover\ltr.exe [17908736 2021-01-07] (Loaris Inc.) [Datei ist nicht signiert]
Task: {5413A72E-71CB-47EE-B77C-DBA6849DAD87} - System32\Tasks\IMF_SkipUAC_adm => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
Task: {622E3556-B0D5-4FE0-A048-8C16AEAF86D6} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {63A780BE-553B-4160-8F75-3933807C6F94} - System32\Tasks\BlueStacksHelper => D:\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {669D58B1-FD25-4C91-BD10-8682412158A5} - System32\Tasks\Norton Security Scan for Andreas Ebner => C:\PROGRA~2\NORTON~2\Engine\461~1.150\Nss.exe
Task: {670B7F97-D28A-49D5-A25C-83B58E6DFE93} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {67C67D30-C919-448D-B9C5-4EBDECAD47C0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {6A067CC0-C766-4833-84BA-142539FAE128} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E5E9A48-2165-4040-ABB1-AF7673845C61} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302184 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {7E2D93D1-98CA-4313-8091-AEFCE59ADE76} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {875096B5-CC77-4225-9C3F-0F5B8E826ECA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8B45FE22-1046-47F6-A071-2E6F58937F53} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {8C267C9B-EDFD-4510-94EF-40FBCD45A1ED} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446256 2019-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {8DEF72EB-E500-44BF-9302-FBF0034816DE} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {8F0C014E-4FF3-4186-9948-151E434BA141} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Andreas Ebner\Desktop\esetonlinescanner_enu.exe
Task: {8F476193-8984-4554-96FB-E3927F6404A0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {91BE893C-DD86-41D6-94E1-757499446792} - System32\Tasks\CareCenter\ApplePhotoStreams_Reg_HKCURun_S-1-5-21-4274780374-310312604-1853351802-1001 => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {92E1468D-5693-4592-80AD-D3BBFB38B6A4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {9966559E-E12A-4EB0-931D-8365FD62F8A9} - System32\Tasks\PredatorSense UI => C:\Program Files\Acer\PredatorSense Service\PSLauncher.exe [580888 2019-10-09] (Acer Incorporated -> Acer Incorporated)
Task: {9E47636E-7D34-4F42-A796-CF81F7E27BB2} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4696880 2018-05-28] (Acer Incorporated -> )
Task: {A0D0CFEF-EBED-4DE8-A5BE-FB94EEA7B015} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {A315D83E-F948-473F-B5EA-93952D03FEB4} - System32\Tasks\CareCenter\Syncios device service_Reg_HKLMWow6432Run => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [2944120 2019-07-11] (Anvsoft Inc. -> )
Task: {B02372F9-44E2-4C29-8199-16F0EEA19CA4} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-10-30] (Acer Incorporated -> )
Task: {B39E20EE-88BC-479D-BFCF-3A2C09C24AF9} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [64320 2019-07-11] (Acer Incorporated -> Acer)
Task: {C1017873-A0B3-45F9-830C-92F5EE4ABF62} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-10-30] (Acer Incorporated -> )
Task: {C54F7330-639B-4617-9A81-CDB32055B55C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {C8F8901B-498B-4DA8-94E0-904BCD0E96EF} - System32\Tasks\PredatorSense => C:\Program Files\Acer\PredatorSense Service\PSLauncher.exe [580888 2019-10-09] (Acer Incorporated -> Acer Incorporated)
Task: {C99E434D-288E-43E9-91D7-E8C917F7C0FC} - System32\Tasks\CareCenter\AdobeAAMUpdater-1.0_Reg_HKLMRun => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CE397CA2-1479-43C6-B287-D9FBC29C3C3B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {CEB723EE-D84D-49A9-AB75-9F95C2A08945} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {D0720991-C887-41BE-A650-4A090FA84E12} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [91440 2017-09-26] (Acer Incorporated -> Microsoft)
Task: {D4EE7AFA-FEBC-4C0D-A7B9-4D612AC01FB9} - System32\Tasks\UAC => C:\Users\Andreas [Argument = Ebner\AppData\Roaming\NsMiner\IMG001.exe]
Task: {D54A2E50-0475-4A5E-BB13-49BCD6EBE6DD} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {D9E6FBB8-8C39-4FF2-84F6-EA9A619CB4E7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {DAF737BA-4855-4070-B610-E9D128DFE022} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4274780374-310312604-1853351802-500 => C:\Users\Andreas Ebner\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {DC1A0475-072A-4CD2-8AE4-C4078D3E02F4} - System32\Tasks\CareCenter\iCloudServices_Reg_HKCURun_S-1-5-21-4274780374-310312604-1853351802-1001 => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {DD513BEA-24FF-4B3A-ABF2-2BE399713D3E} - System32\Tasks\CareCenter\GXT155gmmouseRun_Reg_HKLMWow6432Run => C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\GXT155mon.exe [3435520 2018-06-11] () [Datei ist nicht signiert]
Task: {DEF9ABC2-8F13-40AD-A0F7-2B3621169028} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Andreas Ebner\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {DF1D8E4A-02EE-434D-9D07-B427480E08AB} - System32\Tasks\CareCenter\Killer Control Center.lnk_FolderCommonAppdata => C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe [1564864 2018-03-06] (Rivet Networks LLC -> Rivet Networks)
Task: {E113C8C6-B2C3-413F-B2A3-3FCABE397FA4} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Andreas Ebner\Desktop\esetonlinescanner_enu.exe
Task: {EECAFCC8-3809-4567-987E-4552D7178D18} - System32\Tasks\CareCenter\Open-Shell Start Menu_Reg_HKLMRun => C:\Program Files\Open-Shell\StartMenu.exe [224768 2019-10-26] (Open-Shell) [Datei ist nicht signiert]
Task: {F59C6A1E-869F-4078-A9DC-B166C143FE04} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2019-10-09] (Acer Incorporated -> Acer Incorporated)
Task: {F7B68233-3F15-45F9-93BB-3ED28D383FEC} - System32\Tasks\CareCenter\iCloudDrive_Reg_HKCURun_S-1-5-21-4274780374-310312604-1853351802-1001 => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {F906CD2B-59B1-4F90-BEE2-A63490DE6296} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2020-08-16] (Google Inc -> Google LLC)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\UAC.job => C:\Users\Andreas)Ebner\AppData\Roaming\NsMiner\IMG001.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{046a620e-7093-4d77-b616-2ef61dd65007}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{759d83ac-f5e0-c89b-38c2-ca581e218a0c}: [NameServer] 10.100.0.1

Edge:
=======
Edge Extension: (Amazon Assistant) -> xxx_AmazoncomAmazonAssistant_343d40qqvtj1t => C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1910.9.0_neutral__343d40qqvtj1t [2021-03-15]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Andreas Ebner\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-16]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: dwreqduu.default
FF DefaultProfile: e28ier59.default-1548431725211
FF ProfilePath: C:\Users\Andreas Ebner\AppData\Roaming\Waterfox\Profiles\dwreqduu.default [2020-11-11]
FF ProfilePath: C:\Users\Andreas Ebner\AppData\Roaming\Waterfox\Profiles\biqe5yt2.68-edition-default [2021-03-04]
FF ProfilePath: C:\Users\Andreas Ebner\AppData\Roaming\Mozilla\Firefox\Profiles\e28ier59.default-1548431725211 [2021-03-16]
FF DownloadDir: D:\Downloads
FF Session Restore: Mozilla\Firefox\Profiles\e28ier59.default-1548431725211 -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\e28ier59.default-1548431725211 -> hxxps://crackwatch.com; hxxps://www.instagram.com
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\Andreas Ebner\AppData\Roaming\Mozilla\Firefox\Profiles\e28ier59.default-1548431725211\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-02-25] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Andreas Ebner\AppData\Roaming\Mozilla\Firefox\Profiles\e28ier59.default-1548431725211\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-02-02]
FF Extension: (Dark Fox) - C:\Users\Andreas Ebner\AppData\Roaming\Mozilla\Firefox\Profiles\e28ier59.default-1548431725211\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2021-02-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Andreas Ebner\AppData\Local\Google\Chrome\User Data\Default [2021-03-15]
CHR Extension: (Präsentationen) - C:\Users\Andreas Ebner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-15]
CHR Extension: (Docs) - C:\Users\Andreas Ebner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-15]
CHR Extension: (Google Drive) - C:\Users\Andreas Ebner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-15]
CHR Extension: (YouTube) - C:\Users\Andreas Ebner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-15]
CHR Extension: (Tabellen) - C:\Users\Andreas Ebner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-15]
CHR Extension: (Google Docs Offline) - C:\Users\Andreas Ebner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Andreas Ebner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-15]
CHR Extension: (Google Mail) - C:\Users\Andreas Ebner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-15]
CHR Extension: (Chrome Media Router) - C:\Users\Andreas Ebner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-15]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R2 CdRomAccessAgentService; C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe [96152 2020-10-02] (Shenzhen Moyea Software -> Leawo Software)
R2 ETGMGlcsSrv; C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\ETGMSrv.exe [1181544 2012-04-24] (Eastern Times Technology Co.,Ltd -> )
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-12] (Brio) [Datei ist nicht signiert]
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 GoogleChromeElevationService1d6b87fd0753326; C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\elevation_service.exe [1509488 2021-03-11] (Google LLC -> Google LLC)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2319320 2018-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Rivet Networks)
R2 MBAMIService; C:\ProgramData\MB3Install\MBAMIService.exe [231120 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-22] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2535000 2021-02-24] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3480152 2021-02-24] (Electronic Arts, Inc. -> Electronic Arts)
R3 PSSvc; C:\Program Files\Acer\PredatorSense Service\PSSvc.exe [979736 2019-10-09] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466224 2019-09-26] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [508208 2019-09-26] (Acer Incorporated -> Acer Incorporated)
S3 Rockstar Service; D:\Rockstar Games Launcher\RockstarService.exe [474256 2019-12-05] (Rockstar Games, Inc. -> Rockstar Games)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-09-13] (Acer Incorporated -> acer)
R2 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [47616 2020-12-24] (KeepSolid Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WireGuardTunnel$VPNUWireguard; C:\Program Files (x86)\VPN Unlimited\WireVPNUImpl.exe [17920 2020-10-12] () [Datei ist nicht signiert]
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 GoogleChromeElevationService; "C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.193\elevation_service.exe" [X]
S2 SecurityServiceMonitor; C:\Program Files (x86)\TotalAV\SecurityService.exe --monitor [X] <==== ACHTUNG
S3 VBoxSDS; "C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-11-11] (Martin Malik - REALiX -> REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-03-15] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-14] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2018-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 RfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\RfeCo10X64.sys [150152 2018-04-26] (Rivet Networks LLC -> Rivet Networks, LLC.)
S1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-07-09] (Audials AG -> Audials AG)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 usbglcs1100302; C:\WINDOWS\system32\drivers\usbglcs1100302.sys [25600 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239872 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249776 2021-01-07] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [38176 2020-08-21] (WireGuard LLC -> WireGuard LLC)
U4 ekrn; kein ImagePath
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-03-15 22:19 - 2021-03-16 00:13 - 000000000 ____D C:\FRST
2021-03-15 22:11 - 2021-03-15 22:11 - 000002328 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2021-03-15 21:40 - 2021-03-15 21:40 - 000000000 ____D C:\Users\Andreas Ebner\RevoUninstallerProPortable
2021-03-15 21:37 - 2021-03-15 21:41 - 000000000 ____D C:\Users\Andreas Ebner\Desktop\Topf
2021-03-15 20:35 - 2021-03-15 20:35 - 000003840 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-03-15 20:35 - 2021-03-15 20:35 - 000003398 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-03-15 20:05 - 2021-03-15 20:07 - 000000804 _____ C:\Users\Andreas Ebner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-03-15 20:05 - 2021-03-15 20:05 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\ESET
2021-03-15 19:43 - 2021-03-15 19:54 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2021-03-15 19:43 - 2021-03-15 19:43 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\214197E3.sys
2021-03-15 19:21 - 2021-03-15 19:35 - 000000000 ___HD C:\$WINDOWS.~BT
2021-03-15 16:07 - 2021-03-15 17:25 - 000000000 ____D C:\ProgramData\HitmanPro
2021-03-15 15:52 - 2021-03-15 17:25 - 000000000 ____D C:\Users\Andreas Ebner\AppData\LocalLow\IGDump
2021-03-15 15:19 - 2021-03-15 15:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-03-15 13:50 - 2021-01-07 10:18 - 001037824 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2021-03-15 13:50 - 2021-01-07 10:18 - 000187888 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2021-03-15 13:32 - 2021-03-15 13:32 - 000000000 ___HD C:\$Windows.~WS
2021-03-15 09:17 - 2021-03-15 09:18 - 000000000 ____D C:\ProgramData\EaseUS Todo PCTrans
2021-03-15 09:16 - 2021-03-15 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans
2021-03-15 08:59 - 2021-03-15 08:59 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\DontSleep
2021-03-15 01:30 - 2021-03-15 01:30 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-03-15 00:48 - 2021-03-15 00:48 - 000000000 ____D C:\MATS
2021-03-14 23:11 - 2021-03-14 23:11 - 000002936 _____ C:\WINDOWS\system32\Tasks\IMF_SkipUAC_adm
2021-03-14 23:09 - 2021-03-15 22:12 - 000000000 ____D C:\Users\Administrator\AppData\Local\OpenShell
2021-03-14 23:09 - 2021-03-14 23:11 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2021-03-14 23:09 - 2021-03-14 23:09 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2021-03-14 23:09 - 2021-03-14 23:09 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\OpenShell
2021-03-14 19:02 - 2021-03-15 17:25 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\wureset
2021-03-14 19:02 - 2021-03-14 19:02 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reset Windows Update Tool
2021-03-14 19:02 - 2021-03-14 19:02 - 000000000 ____D C:\Program Files\wureset
2021-03-14 18:51 - 2021-03-14 18:51 - 000000000 ___RD C:\Users\Andreas Ebner\Documents\Scanned Documents
2021-03-14 18:51 - 2021-03-14 18:51 - 000000000 ____D C:\Users\Andreas Ebner\Documents\Fax
2021-03-14 18:19 - 2021-03-14 18:19 - 000214174 _____ C:\Users\Andreas Ebner\Downloads\WindowsFirewall.diagcab
2021-03-14 17:24 - 2021-03-14 17:24 - 000002956 _____ C:\WINDOWS\system32\Tasks\IMF_SkipUAC_Andreas Ebner
2021-03-14 16:56 - 2021-03-14 16:56 - 008823656 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys
2021-03-14 16:56 - 2021-03-14 16:56 - 002673724 _____ C:\WINDOWS\system32\Drivers\Netwfw08.dat
2021-03-14 16:56 - 2021-03-14 16:56 - 001058152 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2021-03-14 16:55 - 2021-03-14 16:55 - 006161712 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2021-03-14 16:55 - 2021-03-14 16:55 - 000539440 _____ (Intel Corporation) C:\WINDOWS\system32\ibtsiva.exe
2021-03-14 16:55 - 2021-03-14 16:55 - 000441648 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2021-03-14 16:26 - 2021-03-14 16:26 - 000000000 ___HD C:\$SysReset
2021-03-14 13:16 - 2021-03-14 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-03-14 13:16 - 2021-03-14 13:16 - 000000000 ____D C:\Program Files\iPod
2021-03-13 09:38 - 2021-03-13 09:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-11 16:58 - 2021-03-11 16:58 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-11 16:58 - 2021-03-11 16:58 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-11 16:58 - 2021-03-11 16:58 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-11 16:58 - 2021-03-11 16:58 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-11 16:58 - 2021-03-11 16:58 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-11 16:58 - 2021-03-11 16:58 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-11 16:58 - 2021-03-11 16:58 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-27 21:35 - 2021-02-24 13:53 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-02-27 21:35 - 2021-02-24 13:53 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-02-27 21:35 - 2021-02-24 13:53 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-02-27 21:35 - 2021-02-24 13:53 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-02-27 21:35 - 2021-02-24 13:53 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-02-27 21:35 - 2021-02-24 13:51 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-02-27 21:35 - 2021-02-24 13:51 - 000546096 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 001511192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 001163544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 000671512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 000655664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 000556816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 008260880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 007391512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 004610320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 002729776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 001730864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446172.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 001490200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446172.dll
2021-02-27 21:35 - 2021-02-24 13:42 - 006072896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-02-24 14:49 - 2021-02-24 14:49 - 000162958 _____ C:\FolderDescriptions.reg
2021-02-24 14:35 - 2021-02-24 14:35 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\LockHunter
2021-02-24 14:35 - 2021-02-24 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LockHunter
2021-02-24 14:35 - 2021-02-24 14:35 - 000000000 ____D C:\Program Files\LockHunter
2021-02-24 11:28 - 2021-02-24 14:26 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileBot
2021-02-24 10:54 - 2021-02-24 10:54 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\FreeGrabApp
2021-02-24 10:54 - 2021-02-24 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeGrabApp
2021-02-24 10:54 - 2021-02-24 10:54 - 000000000 ____D C:\ProgramData\FreeGrabApp
2021-02-24 10:54 - 2021-02-24 10:54 - 000000000 ____D C:\Program Files (x86)\FreeGrabApp
2021-02-22 12:02 - 2021-02-22 12:02 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-22 11:46 - 2021-02-22 11:46 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\GUI.Win
2021-02-21 10:13 - 2021-02-24 17:12 - 000000000 ____D C:\Program Files\Loaris Trojan Remover
2021-02-21 10:13 - 2021-02-21 10:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loaris Trojan Remover
2021-02-16 08:58 - 2021-02-16 08:58 - 000000000 ____D C:\Users\Andreas Ebner\Downloads\kann_man_bei_tvnow_herunterladen
2021-02-16 08:57 - 2021-02-16 08:57 - 000001877 _____ C:\Users\Andreas Ebner\Downloads\kann_man_bei_tvnow_herunterladen.zip
2021-02-14 13:01 - 2021-02-14 13:01 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\WhatsApp

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-03-16 00:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-16 00:02 - 2020-11-10 18:49 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\OpenShell
2021-03-15 23:51 - 2019-01-08 15:04 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\JDownloader 2.0
2021-03-15 22:30 - 2020-11-10 18:46 - 001733632 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-15 22:30 - 2019-12-07 15:50 - 000748644 _____ C:\WINDOWS\system32\perfh007.dat
2021-03-15 22:30 - 2019-12-07 15:50 - 000151474 _____ C:\WINDOWS\system32\perfc007.dat
2021-03-15 22:30 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-15 22:27 - 2020-11-10 18:44 - 000004186 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{59980136-2A6A-449B-A722-C0892DAA3EB4}
2021-03-15 22:25 - 2019-01-31 09:12 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-15 22:25 - 2019-01-08 12:58 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-15 22:24 - 2019-01-08 13:19 - 000000000 ____D C:\Users\Andreas Ebner\AppData\LocalLow\Mozilla
2021-03-15 22:23 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-15 22:23 - 2020-09-27 06:50 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-15 22:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-15 22:14 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-15 22:13 - 2019-03-23 09:24 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2021-03-15 22:12 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-15 22:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-15 21:48 - 2019-07-18 19:28 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2021-03-15 21:40 - 2020-11-10 18:15 - 000000000 ____D C:\Users\Andreas Ebner
2021-03-15 21:39 - 2020-11-10 18:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\CareCenter
2021-03-15 20:47 - 2020-09-27 08:53 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-15 20:12 - 2020-09-28 17:40 - 000000000 ____D C:\Users\Andreas Ebner\Documents\VlcpVideoV1.0.1
2021-03-15 19:43 - 2021-02-01 23:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-15 19:37 - 2020-11-11 11:06 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\IObit
2021-03-15 19:37 - 2020-11-11 11:06 - 000000000 ____D C:\ProgramData\IObit
2021-03-15 19:37 - 2020-11-11 11:06 - 000000000 ____D C:\Program Files (x86)\IObit
2021-03-15 19:21 - 2020-11-10 18:43 - 000001890 _____ C:\WINDOWS\diagwrn.xml
2021-03-15 19:21 - 2020-11-10 18:43 - 000001890 _____ C:\WINDOWS\diagerr.xml
2021-03-15 19:21 - 2020-11-10 17:42 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-15 19:14 - 2020-01-22 11:59 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\vlc
2021-03-15 19:07 - 2020-09-27 06:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-15 17:25 - 2020-11-10 18:15 - 000000000 ____D C:\Users\Administrator
2021-03-15 17:25 - 2020-04-15 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisPC VideoTube Downloader Pro
2021-03-15 17:25 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-15 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Catroot2.bak
2021-03-15 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2021-03-15 17:25 - 2019-11-25 22:50 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\Backuptrans Android iPhone WhatsApp Transfer + (x64)
2021-03-15 17:25 - 2019-04-10 06:57 - 000000000 ____D C:\Users\Andreas Ebner\Desktop\RevoUninstallerProPortable
2021-03-15 17:25 - 2019-01-08 14:06 - 000000000 ____D C:\Program Files\Common Files\AV
2021-03-15 17:25 - 2018-10-26 19:10 - 000000000 ____D C:\ProgramData\Norton
2021-03-15 17:22 - 2020-11-10 17:20 - 000000000 ____D C:\WINDOWS\SoftwareDistribution.bak
2021-03-15 17:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-03-15 17:22 - 2019-01-11 17:16 - 000000000 __RHD C:\MSOCache
2021-03-15 16:40 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-15 15:33 - 2019-01-08 13:09 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\Packages
2021-03-15 15:19 - 2019-01-08 16:04 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\CrashDumps
2021-03-15 14:05 - 2020-09-27 08:54 - 000000000 ____D C:\ProgramData\Packages
2021-03-15 14:05 - 2019-01-08 13:16 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\PlaceholderTileLogoFolder
2021-03-15 13:40 - 2020-08-10 15:52 - 000000000 ____D C:\ESD
2021-03-15 13:27 - 2020-08-16 22:53 - 000002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-15 10:51 - 2019-01-11 09:19 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\D3DSCache
2021-03-15 10:49 - 2019-03-05 13:34 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\ElevatedDiagnostics
2021-03-15 10:22 - 2020-11-10 17:37 - 000000000 ___HD C:\$GetCurrent
2021-03-15 09:16 - 2019-04-14 19:23 - 000000000 ____D C:\ProgramData\SystemAcCrux
2021-03-15 08:40 - 2019-01-08 20:42 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-15 01:21 - 2019-02-20 10:53 - 000000306 __RSH C:\ProgramData\ntuser.pol
2021-03-15 00:48 - 2019-01-08 20:37 - 000000000 ____D C:\Program Files\rempl
2021-03-15 00:32 - 2020-11-10 18:44 - 000000276 _____ C:\WINDOWS\WindowsUpdate.log.bak
2021-03-15 00:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-15 00:12 - 2019-03-23 09:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2021-03-14 23:13 - 2019-06-28 23:34 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\Origin
2021-03-14 23:13 - 2019-01-09 00:06 - 000000000 ____D C:\ProgramData\Origin
2021-03-14 23:09 - 2019-03-23 09:24 - 000000000 ___RD C:\Users\Administrator\3D Objects
2021-03-14 17:35 - 2020-12-14 12:27 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-03-14 16:55 - 2019-08-30 17:35 - 000164600 _____ (Qualcomm Atheros, Inc.) C:\WINDOWS\system32\Drivers\e2xw10x64.sys
2021-03-14 15:14 - 2019-02-14 12:40 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\Apple Computer
2021-03-14 13:26 - 2018-10-26 18:47 - 001755928 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2021-03-14 13:01 - 2021-01-29 10:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-14 13:01 - 2019-01-08 14:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-14 04:27 - 2020-09-08 22:51 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\TeraCopy
2021-03-13 15:52 - 2019-01-09 10:13 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-13 09:38 - 2019-01-08 14:53 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-11 17:11 - 2020-08-12 09:54 - 000000000 ____D C:\Users\Andreas Ebner\.fontconfig
2021-03-11 17:09 - 2020-09-27 06:50 - 000668760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-11 16:54 - 2019-01-08 20:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-11 16:51 - 2019-02-04 17:42 - 000000000 ____D C:\Program Files\dotnet
2021-03-11 16:51 - 2019-01-11 17:17 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-03-11 16:51 - 2018-10-26 18:30 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-11 15:50 - 2020-08-20 00:43 - 000000000 ___HD C:\$WinREAgent
2021-03-10 23:12 - 2020-10-01 13:21 - 000000128 _____ C:\Users\Andreas Ebner\AppData\Roaming\winscp.rnd
2021-03-10 22:45 - 2019-01-08 15:08 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\NVIDIA
2021-03-09 22:05 - 2017-09-29 14:46 - 000000167 _____ C:\WINDOWS\win.ini
2021-03-08 19:34 - 2021-01-04 21:42 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\TunePat Netflix Video Downloader
2021-03-04 06:42 - 2020-11-28 07:58 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b788ddf1b3e0
2021-03-04 06:42 - 2020-09-27 08:52 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-03 19:20 - 2019-07-18 19:07 - 000000000 ____D C:\Program Files (x86)\Origin
2021-03-01 08:42 - 2020-11-11 11:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 8
2021-02-28 16:47 - 2020-12-29 07:59 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\TuneCable Spotify Downloader
2021-02-24 13:42 - 2020-10-15 14:51 - 007117744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-02-24 11:28 - 2020-09-28 22:09 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\FileBot
2021-02-24 02:51 - 2020-10-15 14:51 - 000061257 _____ C:\WINDOWS\system32\nvinfo.pb
2021-02-23 22:53 - 2020-04-03 22:36 - 005627248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 002635632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 001758064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 000990064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 000120176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 000082288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-02-23 01:14 - 2020-06-13 20:25 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\SFDL.NET 3
2021-02-22 12:03 - 2021-02-01 23:36 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-20 23:19 - 2020-08-15 02:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-15 13:46 - 2019-05-02 10:09 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\RenPy
2021-02-14 14:58 - 2020-03-05 14:41 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\WhatsApp
2021-02-14 13:01 - 2020-03-05 14:41 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-02-14 13:01 - 2020-03-05 14:41 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\SquirrelTemp

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2019-05-12 08:39 - 2018-09-15 08:29 - 000045136 ___SH (Microsoft Corporation) C:\Users\Andreas Ebner\RegSvcs.exe
2019-03-26 22:06 - 2019-03-26 22:06 - 000000648 _____ () C:\Program Files (x86)\gruppe.txt
2020-03-17 14:24 - 2020-03-17 14:24 - 000000012 _____ () C:\Users\Andreas Ebner\AppData\Roaming\57194d7fac3eeb8711f0ca1082e7e000
2020-03-17 14:20 - 2020-03-17 14:20 - 000000171 _____ () C:\Users\Andreas Ebner\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-04-28 21:44 - 2019-10-28 10:49 - 000000047 _____ () C:\Users\Andreas Ebner\AppData\Roaming\sysvar
2020-10-01 13:21 - 2021-03-10 23:12 - 000000128 _____ () C:\Users\Andreas Ebner\AppData\Roaming\winscp.rnd
2019-10-09 10:44 - 2019-12-16 12:38 - 000000458 _____ () C:\Users\Andreas Ebner\AppData\Local\Tempcheckcoverage_cookie.txt

==================== FCheck ================================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2020-11-11] <==== ACHTUNG (Null Byte Datei/Ordner)

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
--- --- ---

cosinus 16.03.2021 00:06
Bitte mal etwas mehr Sorgfalt. Jetzt hast du 2x dasselbe Log gepostet. Korrigiere das und dann machst du am besten morgen weiter, das führt zu nichts mehr.

Phaeton 16.03.2021 00:27
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-03-2021
durchgeführt von Andreas Ebner (16-03-2021 00:14:05)
Gestartet von I:\
Windows 10 Home Version 20H2 19042.867 (X64) (2020-11-10 17:44:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4274780374-310312604-1853351802-500 - Administrator - Enabled) => C:\Users\Administrator
Andreas Ebner (S-1-5-21-4274780374-310312604-1853351802-1001 - Administrator - Enabled) => C:\Users\Andreas Ebner
DefaultAccount (S-1-5-21-4274780374-310312604-1853351802-503 - Limited - Disabled)
Gast (S-1-5-21-4274780374-310312604-1853351802-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4274780374-310312604-1853351802-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3uTools (HKLM-x32\...\3uTools) (Version: 2.38.010 - ShangHai ZhangZheng Network Technology Co., Ltd.)
7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3038 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{353B4583-ED04-4DF2-A1D6-A5A3EF5C4EBF}) (Version: 3.2.18270.20 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3028 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3005 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
AltServer (HKLM-x32\...\{F6FFD3DD-A872-4F18-BD81-334A52EF9BFE}) (Version: 1.4.1 - Riley Testut)
Amazon Music (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Amazon Amazon Music) (Version: 7.12.0.2203 - Amazon.com Services LLC)
Anti-Twin (Installation 04.03.2019) (HKLM-x32\...\Anti-Twin 2019-03-04 18.17.18) (Version:  - Joerg Rosenthal, Germany)
AnyTrans (HKLM-x32\...\AnyTrans) (Version: 8.1.0.0 - iMobie Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Auto FTP Manager 7 (HKLM-x32\...\Auto FTP Manager 7_is1) (Version:  - DeskShare Inc.)
Avidemux VC++ 64bits (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\{8a390b8c-33a4-488b-adb2-1c204cadb2b7}) (Version: 2.7.5 - Mean)
AVS Audio Converter 9.1.2 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 9.1.2.600 - Online Media Technologies Ltd.)
Backuptrans Android iPhone WhatsApp Transfer + (x64) 3.2.129 (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Backuptrans Android iPhone WhatsApp Transfer + (x64)) (Version: 3.2.129 - Backuptrans)
BaZnGa IPTV M3U Editor version 1.2.0.60 (HKLM-x32\...\{24E17CFF-94B3-46A8-B7A6-2EDACB841E03}_is1) (Version: 1.2.0.60 - BaZnGa IPTV)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.260.0.1032 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.5.5 - Canon Inc.)
Canon PosterArtist Lite (HKLM-x32\...\{6C3D298C-B03A-49B9-863E-8E6D182033BB}) (Version: 2.99.00.001 - Ihr Firmenname) Hidden
Canon PosterArtist Lite (HKLM-x32\...\Canon PosterArtist Lite) (Version: 3.20.00 - Canon Inc.)
ChrisPC VideoTube Downloader Pro 12.03.31 (HKLM-x32\...\{6006089C-84B5-4F18-8113-9876543210ED}_is1) (Version:  - Chris P.C. srl)
CopyTrans Control Center nur deinstallieren (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\CopyTrans Suite) (Version: 4.100 - WindSolutions)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Crucial Storage Executive (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Crucial Storage Executive 3.60.082018.04) (Version: 3.60.082018.04 - Crucial)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 4.11 - Infonautics GmbH, Switzerland)
Directory List & Print Pro 4.11 (HKLM-x32\...\Directory List & Print Pro 4.11) (Version: 4.11 - Infonautics)
Driver Booster 8 (HKLM-x32\...\Driver Booster_is1) (Version: 8.3.0 - IObit)
EaseUS Todo PCTrans 11.8 (HKLM-x32\...\EaseUS Todo PCTrans_is1) (Version:  - EaseUS)
ExifCleaner 3.1.0 (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\8457e380-8acb-5e7f-a000-5966971ba7cc) (Version: 3.1.0 - szTheory)
FFMPEG Addon (HKLM-x32\...\{111124AF-1ED4-44EF-B674-111111985342}_is1) (Version: 1.00 - FFMPEG)
FileBot (HKLM\...\{3154A34A-121F-49A4-92E3-BB977772C397}) (Version: 4.9.3 - Reinhard Pointner)
FileZilla Client 3.50.0 (HKLM-x32\...\FileZilla Client) (Version: 3.50.0 - Tim Kosse)
FlashFXP 5 (HKLM-x32\...\FlashFXP 5) (Version: 5.4.0.3970 - OpenSight Software LLC)
FlixGrab version 5.1.11.217 (HKLM-x32\...\FlixGrab_is1) (Version: 5.1.11.217 - FreeGrabApp Ltd)
FLV-Media-Player (HKLM-x32\...\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}) (Version: 2.0.3.2532 - HYBRIDWEB.de)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
FonePaw 6.2.0 (HKLM-x32\...\{77B09C3A-839E-4ea7-81BA-E5864F6BF388}_is1) (Version: 6.2.0 - FonePaw)
Free M4a to MP3 Converter 9.7 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
GetFLV 13.8558.858 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.1868.0 - Rockstar Games)
H2rename (HKLM-x32\...\H2rename) (Version: 0.7.4 - c't Magazin für Computertechnik)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
IJ Network Device Setup Utility (HKLM-x32\...\IJ Network Device Setup Utility) (Version: 1.10.0 - Canon Inc.)
iMazing 2.7.5.0 (HKLM\...\iMazing_is1) (Version: 2.7.5.0 - DigiDNA)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000000-0210-1031-84C8-B8D95FA3C8C3}) (Version: 21.00.0.4 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{ed99f619-885c-48d6-b971-0bc85013cd92}) (Version: 10.1.18010.8141 - Intel(R) Corporation)
IP-TV Player 49.4 (HKLM-x32\...\IP-TV_Player) (Version: 49.4 - ADSL Club Co Ltd)
IPTV Smarters Player 3.0.0 (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\fee38e36-bd5c-5f8c-a4c4-29d7f942a22c) (Version: 3.0.0 - IPTV Smarters Player)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
iTunes (HKLM\...\{DE0F48FE-04C1-4646-AA58-2BE7A1A58742}) (Version: 12.11.0.26 - Apple Inc.)
Jihosoft iTunes Backup Unlocker version 3.0.4.0 (HKLM-x32\...\{3274F1E0-E2AC-4CA5-883C-6DF994D4C172}_is1) (Version: 3.0.4.0 - Jihosoft Studio)
Killer Performance Driver Suite (HKLM\...\{CF4699BC-19FA-4FDC-A16F-E2A340622F8A}) (Version: 1.5.1852 - Rivet Networks)
Kodi (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Kodi) (Version:  - XBMC-Foundation)
Leawo Blu-ray Player Version  2.2.0.0 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 2.2.0.0 - Leawo Software)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Loaris Trojan Remover 3.1.60 (HKLM\...\{29988DC6-9C4A-49B2-AC86-5C380B29ADB9}_is1) (Version: 3.1.60 - Loaris Inc.)
LockHunter 3.3, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft .NET Core SDK 2.2.103 (x64) (HKLM-x32\...\{730ee99f-7165-41f7-b107-ced51cbb0c19}) (Version: 2.2.103 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.54 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4274780374-310312604-1853351802-500\...\OneDriveSetup.exe) (Version: 20.134.0705.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.13 (x64) (HKLM-x32\...\{df32638d-0722-47cb-b084-3dd851b1146e}) (Version: 3.1.13.29816 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movavi Video Converter 20 Premium (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Movavi Video Converter 20 Premium) (Version: 20.2.1 - Movavi)
Mozilla Firefox 86.0.1 (x64 de) (HKLM\...\Mozilla Firefox 86.0.1 (x64 de)) (Version: 86.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
Mp3tag v3.02 (HKLM-x32\...\Mp3tag) (Version: 3.02 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Grafiktreiber 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Open-Shell (HKLM\...\{1CAB353D-D3F9-4C5D-A305-33D7BF270F1B}) (Version: 4.4.142 - The Open-Shell Team)
Oracle VM VirtualBox 6.1.18 (HKLM\...\{B1B2878D-9F1A-4403-84E7-6378D7D43C83}) (Version: 6.1.18 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.94.46774 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PassFab iPhone Unlocker 2.1.4.8 (HKLM-x32\...\{PassFab iPhone Unlocker}_is1) (Version: 2.1.4.8 - PassFab, Inc.)
PhotoStage Diashow-Programm (HKLM-x32\...\PhotoStage) (Version: 7.09 - NCH Software)
Pixillion Bildkonverter (HKLM-x32\...\Pixillion) (Version: 7.25 - NCH Software)
PredatorSense Service (HKLM\...\{8D399C7A-8693-4BDE-9D22-D43CBB8BBF62}) (Version: 3.00.3136 - Acer Incorporated)
Reset Windows Update Tool (HKLM\...\Reset Windows Update Tool11.0.0.9) (Version: 11.0.0.9 - Manuel Gil)
Revo Uninstaller Pro (HKLM\...\Revo Uninstaller Pro) (Version:  - VS Revo Group)
Revo Uninstaller Pro 4.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.5 - VS Revo Group, Ltd.)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.17.199 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.3 - Rockstar Games)
SopCast 4.2.0 (HKLM-x32\...\SopCast) (Version: 4.2.0 - www.sopcast.com)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.55254 - Electronic Arts)
Sticky Password 8.2.3.43 (HKLM-x32\...\Sticky Password_is1) (Version: 8.2 - Lamantine Software)
Telegram Desktop version 2.5.1 (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.5.1 - Telegram FZ-LLC)
TeraCopy version 3.4 beta (HKLM\...\TeraCopy_is1) (Version: 3.4 beta - Code Sector)
Thunderbolt™ Software (HKLM-x32\...\{6ECDE40C-4023-419A-8A4E-50FB71275876}) (Version: 17.3.73.350 - Intel Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52 - Ghisler Software GmbH)
Trust GXT 155 Gaming Mouse version 1.2 (HKLM-x32\...\{A523DAD0-3DF2-4FFB-9B36-58A4C2600EDD}_is1) (Version: 1.2 - TRUST)
TuneCable Spotify Downloader 1.2.0 (HKLM-x32\...\TuneCable Spotify Downloader) (Version: 1.2.0 - TuneCable)
TunePat Amazon Music Converter version 1.34 (HKLM-x32\...\{51244439-F4C9-2020-6666-90091911AAA}_is1) (Version: 1.34 - )
TunePat Netflix Video Downloader 1.4.1 (HKLM-x32\...\TunePat Netflix Video Downloader) (Version: 1.4.1 - TunePat)
TunSetupVPNU (HKLM\...\{3E4BC5B7-104F-40B3-BEC4-9CEF0BCD0EF8}) (Version: 1.0.0 - Keepsolid Inc.)
TV-Browser 4.2 (HKLM\...\tvbrowser-full) (Version: 4.2 - TV-Browser Team)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version:  - Microsoft)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VEGAS Pro 17.0 (HKLM\...\{8D4A5730-17CF-11EA-B57F-00155D6302F2}) (Version: 17.0.387 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VLC media player 3.0.8 (64-bit) (HKLM\...\{34A66242-34A2-4049-9808-1A693370FACE}) (Version: 3.0.8.0 - VideoLAN)
VPN Unlimited 8.3.1 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 8.3.1 - KeepSolid Inc.)
WATCHED 0.18.0 (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\6811d8ec-23f6-5ad3-9bb7-0e515c178d2a) (Version: 0.18.0 - WATCHED AG)
WhatsApp (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\WhatsApp) (Version: 2.2102.9 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.91 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
WinSCP 5.17.9 (HKLM-x32\...\winscp3_is1) (Version: 5.17.9 - Martin Prikryl)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter(Build 11.7.0.3) (HKLM-x32\...\UniConverter_is1) (Version: 11.7.0.3 - Wondershare Software)

Packages:
=========
@{Microsoft.XboxDevices_300.1809.28002.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxDevices/Resources/LandingPageTitle/Text} -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.1809.28002.0_x64__8wekyb3d8bbwe [2019-03-23] (0)
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2021-03-15] (Acer Incorporated)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3024.0_x64__48frkmn4z8aw4 [2021-03-15] (Acer Incorporated)
Amazon Assistant -> C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1910.9.0_neutral__343d40qqvtj1t [2021-03-15] (Amazon.com)
Best Player -> C:\Program Files\WindowsApps\2949193320E78.BestPlayer8.1_7.1.5.0_x64__pg6a145mvhp7p [2021-03-15] (marios g.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2021-03-15] (Canon Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2021-03-15] (Dolby Laboratories)
Dolby Atmos for Headphones -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforHeadphones_2.3.303.0_x64__rz1tebttyb220 [2021-03-15] (Dolby Laboratories)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2020.4.45.0_x64__t5j2fzbtdg37r [2021-03-15] (DTS, Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2021-03-15] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft-Remotedesktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1701.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
MyIPTV Player -> C:\Program Files\WindowsApps\41879VbfnetApps.MyIPTVPlayer_4.2.5.0_x64__7casf8sqhfy78 [2021-03-15] (Vbfnet Apps) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-03-15] (Netflix, Inc.)
Netzkino -> C:\Program Files\WindowsApps\35124netzkino.Netzkino_3.3.1.1_neutral__843rhjq2hbnd4 [2021-03-15] (netzkino) [MS Ad]
PDF Reader - Ansehen, Kommentieren, Teilen -> C:\Program Files\WindowsApps\0D9A1B2D.PDFReaderUWP_1.11.0.0_x64__jhretta7p24aw [2021-03-15] (Kdan Mobile Software Ltd.)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2021-03-15] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2021-03-15] (CYBERLINK COM CORP)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2021-03-15] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0 [2021-03-15] (Spotify AB) [Startup Task]
Übersetzer -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Waves MaxxAudio For Acer -> C:\Program Files\WindowsApps\WavesAudio.20761030F5EAC_1.0.67.0_x64__fh4rh281wavaa [2021-03-15] (Waves Audio)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4274780374-310312604-1853351802-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-10-26] (Open-Shell) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-10-26] (Open-Shell) [Datei ist nicht signiert]
ContextMenuHandlers1: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2021-01-04] (Loaris, LLC -> Loaris Inc.)
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2019-11-29] (Crystal Rich Ltd -> TODO: <Company name>)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-07-11] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2017-12-18] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [Datei ist nicht signiert]
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => c:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2021-01-04] (Loaris, LLC -> Loaris Inc.)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2019-11-29] (Crystal Rich Ltd -> TODO: <Company name>)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Keine Datei
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-07-11] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => c:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2021-01-04] (Loaris, LLC -> Loaris Inc.)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2019-11-29] (Crystal Rich Ltd -> TODO: <Company name>)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-07-11] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => c:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2021-01-04] (Loaris, LLC -> Loaris Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2019-10-26] (Open-Shell) [Datei ist nicht signiert]
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => c:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] () [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Andreas Ebner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reset Windows Update Tool\reset-settings.lnk -> C:\Program Files\wureset\wureset\bin\reset-settings.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2019-07-24 02:15 - 2019-07-24 02:15 - 000100352 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\driverMgr4Transfer.dll
2019-06-26 07:07 - 2019-06-26 07:07 - 001515008 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\DuiLib.dll
2018-03-15 01:55 - 2018-03-15 01:55 - 001487360 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\exiv2.dll
2018-03-15 01:55 - 2018-03-15 01:55 - 000104448 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\expat.dll
2019-07-23 10:11 - 2019-07-23 10:11 - 000034304 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\generalFunc.dll
2018-12-29 03:51 - 2018-12-29 03:51 - 001042432 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\libandroidrecovery.dll
2018-12-26 09:00 - 2018-12-26 09:00 - 004554857 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\libexiv2.dll
2018-12-26 09:00 - 2018-12-26 09:00 - 000121524 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\libgcc_s_dw2-1.dll
2019-04-09 04:02 - 2019-04-09 04:02 - 013525412 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\libheic.dll
2017-10-30 01:42 - 2017-10-30 01:42 - 001970688 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\libplist.dll
2018-12-26 09:00 - 2018-12-26 09:00 - 000594944 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\libsscan.dll
2018-12-26 09:00 - 2018-12-26 09:00 - 001544523 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\libstdc++-6.dll
2019-07-09 07:09 - 2019-07-09 07:09 - 000791552 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\sqlite3.dll
2017-10-30 01:41 - 2017-10-30 01:41 - 000066048 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\zlib1.dll
2020-08-21 19:48 - 2020-12-24 12:48 - 001980928 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\VPN Unlimited\vpnu_private_sdk.dll
2020-09-08 22:51 - 2017-03-14 14:51 - 001714688 _____ () [Datei ist nicht signiert] C:\Program Files\TeraCopy\TeraCopy64.dll
2020-07-11 10:28 - 2020-07-11 10:28 - 000398336 _____ (Florian Heidenreich) [Datei ist nicht signiert] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2020-11-10 18:18 - 2020-11-10 18:18 - 000113664 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2017-10-30 09:06 - 2017-10-30 09:06 - 000065693 _____ (MingW-W64 Project. All rights reserved.) [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\libwinpthread-1.dll
2020-02-06 20:47 - 2017-12-18 16:35 - 000151024 _____ (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll
2018-12-26 09:00 - 2018-12-26 09:00 - 000086070 _____ (Open Source Software community project) [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\pthreadVC2.dll
2019-10-26 18:30 - 2019-10-26 18:30 - 000872960 _____ (Open-Shell) [Datei ist nicht signiert] C:\Program Files\Open-Shell\ClassicExplorer64.dll
2019-10-26 18:31 - 2019-10-26 18:31 - 003388928 _____ (Open-Shell) [Datei ist nicht signiert] C:\Program Files\Open-Shell\StartMenuDLL.dll
2019-10-26 18:31 - 2019-10-26 18:31 - 000312832 _____ (Open-Shell) [Datei ist nicht signiert] C:\WINDOWS\system32\StartMenuHelper64.dll
2017-10-30 01:39 - 2017-10-30 01:39 - 001374720 _____ (Pizzolato Davide - xdp.it) [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\cximage.dll
2018-12-26 09:00 - 2018-12-26 09:00 - 000360448 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\libcurl.dll
2020-08-21 19:48 - 2020-10-12 13:23 - 000361984 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files (x86)\VPN Unlimited\libcurl.dll
2018-12-26 09:00 - 2018-12-26 09:00 - 002106880 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\libcrypto-1_1.dll
2018-12-26 09:00 - 2018-12-26 09:00 - 000370176 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\libssl-1_1.dll
2020-09-15 22:58 - 2020-10-29 20:22 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-09-15 23:00 - 2020-10-29 20:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2020-08-21 19:48 - 2020-10-12 13:23 - 002516480 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\VPN Unlimited\libcrypto-1_1.dll
2020-08-21 19:48 - 2020-10-12 13:23 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\VPN Unlimited\libssl-1_1.dll
2020-09-15 22:59 - 2020-10-29 20:22 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-03-03 19:20 - 2020-10-29 20:22 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-03-03 19:20 - 2020-10-29 20:22 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-03-03 19:20 - 2020-10-29 20:22 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-03-03 19:20 - 2020-10-29 20:22 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-03-03 19:20 - 2020-10-29 20:22 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-03-03 19:20 - 2020-10-29 20:22 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-07-26 02:39 - 2019-07-26 02:39 - 001324544 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\androidSyncCore.dll
2019-07-23 10:11 - 2019-07-23 10:11 - 000016896 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\Anvsoft\Syncios\geneLog.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-4274780374-310312604-1853351802-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-4274780374-310312604-1853351802-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-4274780374-310312604-1853351802-1001 -> DefaultScope {4EEB31BA-3146-4404-A4BB-0DC2183D439F} URL =

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\windows.com -> hxxp://wustat.windows.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\ws.microsoft.com -> hxxp://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\ws.microsoft.com -> hxxps://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\wustat.windows.com -> hxxp://wustat.windows.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-09-29 14:46 - 2021-02-21 11:42 - 000001096 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 hxxp://www.driver-soft.com
127.0.0.1  www.webrip.audials.com
127.0.0.1  www.dialog.audials.com
127.0.0.1  www.geoip.audials.com
0.0.0.0                  telemetry.malwarebytes.com

2019-02-15 09:10 - 2019-03-28 20:19 - 000000575 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
137.1 LAPTOP-CQ0D7NOI.mshome.net # 2024 2 3 14 21 53 0 667
67

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;D:\Program Files\Crucial\Crucial Storage Executive;D:\Program Files\FileBot\;C:\Program Files\wureset
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Acer01.jpg
HKU\S-1-5-21-4274780374-310312604-1853351802-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
mpsdrv => Firewall Dienst läuft nicht.
MpsSvc => Firewall Dienst läuft nicht.

Network Binding:
=============
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
WLAN: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "WSAndroidAppHelper.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WSAppHelper.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Updater"
HKLM\...\StartupApproved\Run32: => "FonePaw iPhone Data RecoveryAppService"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\StartupApproved\Run: => "iFunBox"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{504402C0-952F-43EF-8E92-3F7B494941C6}C:\users\andreas ebner\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\andreas ebner\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [TCP Query User{F321F72E-D15F-4012-BD26-99FC953B991F}C:\users\andreas ebner\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\andreas ebner\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{C308C176-7726-472E-A6D3-4D14FF86E95B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{C9C87789-19DD-4CEB-8199-2324C1D34A74}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{7F5E33CD-D8FE-4335-B002-28A1AA13F765}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{974B154B-686B-4BFF-B8F8-D5059C942E48}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7EA265A9-CD3A-4A75-A653-065FDECEDEF0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FA82174D-2136-48A4-93AF-464DEAE2A526}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDB1787E-2228-4DE9-816A-1D10D10ED1C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B1AA56EC-038D-4AEC-BDF9-D8E4FCD372FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7F9595A6-5D8E-419E-B44A-10CFC3FAAC76}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7DC9EFC8-BCAE-4351-9F5F-5E698AC8DFDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{85049C95-D2F1-4C35-BDEF-E6AC2E2B81D3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C1ED1D87-8906-4CBF-A6F8-D2C6BD0D7CCD}] => (Allow) D:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6421B682-71C8-4C87-8E94-BCDD8774E943}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9C2B70AD-2599-41B0-900E-BC9CA4BDA98A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{230044A1-D40D-4D65-90A9-B1C04DA2488C}D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe] => (Allow) D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe (DeskShare, Inc. -> Deskshare) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{93ED4EA9-752A-4658-8C2C-DBCAB7FAFD5D}D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe] => (Allow) D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe (DeskShare, Inc. -> Deskshare) [Datei ist nicht signiert]
FirewallRules: [{D8F6F522-01F6-41C5-8F04-D445521655B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{471A910C-1C07-45DC-9282-7F3C817F7676}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{AD9F8D1C-551C-452B-A140-7EB8AA6885E1}C:\users\andreas ebner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andreas ebner\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [UDP Query User{09A405AF-CECE-48DF-9E23-424BFBD7A102}C:\users\andreas ebner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andreas ebner\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [TCP Query User{77348E8A-FECF-47A0-926C-A8F2E1D71D82}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{0606A3BD-8835-415D-8230-684493986A4C}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{D2CC1932-B4DE-4FB4-95C2-50DA9BEF0C82}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (KeepSolid Inc.) [Datei ist nicht signiert]
FirewallRules: [{034B9D54-D114-480C-985A-A06AC78A31A9}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (KeepSolid Inc.) [Datei ist nicht signiert]
FirewallRules: [{0D59503D-DABC-4F18-9B62-A11125322336}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [Datei ist nicht signiert]
FirewallRules: [{0BE3BD1D-CEB0-4486-8ED8-B8277AF819C2}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{9BB26EA8-81AF-4DCA-A450-40F08F4B3501}D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe] => (Allow) D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe (DeskShare, Inc. -> Deskshare) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{1F58E78B-56C4-484C-B201-879918FE2CEC}D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe] => (Allow) D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe (DeskShare, Inc. -> Deskshare) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F3A83457-800B-42CB-8F4E-F8221A16B471}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{FA909C65-FD5D-4D63-801F-906C19524937}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{EF7EE8BF-BA7A-4589-8BE3-D95C8F63670D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC01363B-1D0C-4BC9-812B-12C937672184}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A271A209-5186-48DA-A04E-962F42AD35C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DFA3C712-AEA9-4951-BC85-D6149F0A6045}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EE212E3E-1AB9-4E16-87E1-234CA36CF825}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DFF5CD9-7E6C-450C-B563-E2C3877AB4AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{387B5492-B444-4EB0-93C4-C529C69C7574}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9E0B902D-DF22-469E-85E6-A8CB3C5F828E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1D5F0B76-73F3-46B3-971F-7ABE1B5FEE73}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{BA76399B-5053-4C70-B6E9-51F9B00E58A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9E81686D-01A4-48A0-ADD8-0ACF4CFC74B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{18CA7050-E930-454E-8066-AE8D9A220381}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B8A3BD51-9E47-48B3-B927-6C01AE14439F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{532B3716-B10F-42C1-95D1-0AEFC089EEBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{B0B12BF1-ACA2-471F-8BDF-CBBE8F3D69E8}E:\musik\stick kodi lastship destiny\kodi\kodi.exe] => (Allow) E:\musik\stick kodi lastship destiny\kodi\kodi.exe => Keine Datei
FirewallRules: [UDP Query User{E2EA3F2A-793B-46C4-8021-01F186EA13F5}E:\musik\stick kodi lastship destiny\kodi\kodi.exe] => (Allow) E:\musik\stick kodi lastship destiny\kodi\kodi.exe => Keine Datei

==================== Wiederherstellungspunkte =========================

15-03-2021 16:14:56 Prüfpunkt von HitmanPro
15-03-2021 16:16:06 Prüfpunkt von HitmanPro
15-03-2021 19:19:10 Revo Uninstaller Pro's restore point - Oracle VM VirtualBox
15-03-2021 19:36:56 Revo Uninstaller Pro's restore point - IObit Malware Fighter 8
15-03-2021 19:40:34 Revo Uninstaller Pro's restore point - Java 8 Update 281 (64-bit)
15-03-2021 19:40:45 Removed Java 8 Update 281 (64-bit)
15-03-2021 19:56:49 JRT Pre-Junkware Removal
15-03-2021 21:43:10 Revo Uninstaller Pro's restore point - MegaTrainer Ultimate Version 2.4.2.1
15-03-2021 21:43:58 Revo Uninstaller Pro's restore point - Audials 2020
15-03-2021 21:45:44 Revo Uninstaller Pro's restore point - Audacity 2.3.3
15-03-2021 21:47:13 Revo Uninstaller Pro's restore point - TAP-Windows 9.21.2
15-03-2021 21:48:00 Revo Uninstaller Pro's restore point - Need for Speed™ Heat
15-03-2021 21:48:48 Revo Uninstaller Pro's restore point - MediaMonkey 4.1
15-03-2021 21:50:21 Revo Uninstaller Pro's restore point - VdhCoApp 1.3.0
15-03-2021 21:51:02 Revo Uninstaller Pro's restore point - Office 2019 KMS Activator Ultimate 1.5

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: Intel High Definition DSP
Description: Intel High Definition DSP
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (03/15/2021 10:23:19 PM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/15/2021 10:23:19 PM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/15/2021 10:13:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (03/15/2021 10:13:47 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (03/15/2021 10:13:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (03/15/2021 10:13:47 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (03/15/2021 10:08:38 PM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/15/2021 10:08:38 PM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0


Systemfehler:
=============
Error: (03/15/2021 10:23:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecurityServiceMonitor" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (03/15/2021 10:23:07 PM) (Source: iaStorAC) (EventID: 4102) (User: )
Description: Error log: Smart event occured on disk :98DKSETUS

Error: (03/15/2021 10:14:01 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/15/2021 10:13:47 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst App-Vorbereitung konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (03/15/2021 10:13:27 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-CQ0D7NOI)
Description: Ein DCOM-Server konnte nicht gestartet werden: Microsoft.XboxApp_48.72.4001.0_x64__8wekyb3d8bbwe!Microsoft.XboxApp.AppX838f5jjq4n8fh0pd4ps0jjkrvg65ed06.mca als Nicht verfügbar/Nicht verfügbar. Fehler:
"2147942402"
Aufgetreten beim Start dieses Befehls:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:Microsoft.XboxApp.AppXf74jmpwd42x7vxttda454sh29n0qpb8x.mca

Error: (03/15/2021 10:13:07 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-CQ0D7NOI)
Description: Ein DCOM-Server konnte nicht gestartet werden: Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe!App.AppXxxnt3skd41veb34vkvcyva53g0wwk0gg.mca als Nicht verfügbar/Nicht verfügbar. Fehler:
"2147942402"
Aufgetreten beim Start dieses Befehls:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca

Error: (03/15/2021 10:12:42 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-CQ0D7NOI)
Description: Ein DCOM-Server konnte nicht gestartet werden: NcsiUwpApp_1000.19041.423.0_neutral_neutral_8wekyb3d8bbwe!App.AppXxprad5xkpbb5xftzr11e5x3sndmh28zm.mca als Nicht verfügbar/Nicht verfügbar. Fehler:
"2147942402"
Aufgetreten beim Start dieses Befehls:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXxw3e32mpkfkfbh0tznpwwqfw96t0tfx6.mca

Error: (03/15/2021 10:12:29 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-CQ0D7NOI)
Description: Ein DCOM-Server konnte nicht gestartet werden: Microsoft.AAD.BrokerPlugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider als Nicht verfügbar/Nicht verfügbar. Fehler:
"2147942402"
Aufgetreten beim Start dieses Befehls:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider


CodeIntegrity:
===============
Date: 2021-03-16 00:14:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-03-16 00:13:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2021-03-16 00:08:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen ===========================

BIOS: Insyde Corp. V1.16 10/24/2018
Hauptplatine: CFL Cayman_CFS
Prozessor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 16287.8 MB
Verfügbarer physikalischer RAM: 9788.64 MB
Summe virtueller Speicher: 18719.8 MB
Verfügbarer virtueller Speicher: 8651.25 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:237.36 GB) (Free:110.09 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:576.47 GB) NTFS
Drive e: (Filme/Serien) (Fixed) (Total:1863 GB) (Free:1862.84 GB) NTFS
Drive i: (Stick) (Removable) (Total:32 GB) (Free:31.93 GB) NTFS
Drive s: (Spiele SSD) (Fixed) (Total:465.75 GB) (Free:311.94 GB) NTFS

\\?\Volume{0a075890-a07c-4d91-9b23-ccfd1567f38f}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.5 GB) NTFS
\\?\Volume{ef626c3c-fed6-49d9-913d-dee05596b177}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 2 (Size: 238.5 GB) (Disk ID: 065D8751)

Partition: GPT.

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 58.4 GB) (Disk ID: AAAA903F)
Partition 1: (Active) - (Size=32 GB) - (Type=07 NTFS)

==========================================================
Disk: 4 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================
Zitat:
Zitat von cosinus (Beitrag 1750512)
Bitte mal etwas mehr Sorgfalt. Jetzt hast du 2x dasselbe Log gepostet. Korrigiere das und dann machst du am besten morgen weiter, das führt zu nichts mehr.
Entschuldige bitte, passe jetzt besser auf....

Bin noch gar nict müde.... Bin eigentlich ein Nachtmensch, danke für Deine Hilfe

cosinus 16.03.2021 00:43
Jetzt hast du die CODE-Tags verkackt :rofl:
Ich korrigier das

cosinus 16.03.2021 00:48
Störende, veraltete oder unnötige Programme deinstallieren

Bitte über Programme und Features (appwiz.cpl) deinstallieren:


3uTools
7-Zip 18.06
Acer Care Center
Acer Configuration Manager
Acer Jumpstart
Acer Quick Access
Acer UEIP Framework
Adobe Acrobat Reader DC
Adobe Flash Player 32 NPAPI
CrystalDiskMark 6.0.2
Driver Booster 8
FlashFXP 5
Google Chrome

Phaeton 16.03.2021 01:07
Habe die genannten Programme deinstaliert.

cosinus 16.03.2021 08:57
adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner bitte wiederholen falls es Funde gab.

Phaeton 16.03.2021 09:25
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build:    02-15-2021
# Database: 2021-03-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-16-2021
# Duration: 00:00:00
# OS:      Windows 10 Home
# Cleaned:  2
# Failed:  0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted      Preinstalled.AcerUEIPFramework  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Deleted      Preinstalled.AcerUpdater  Folder  C:\ProgramData\ACER\ACER UPDATER


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7078 octets] - [22/01/2020 10:09:20]
AdwCleaner[C00].txt - [2527 octets] - [22/01/2020 10:10:37]
AdwCleaner[S01].txt - [5928 octets] - [22/01/2020 10:12:08]
AdwCleaner[S02].txt - [5989 octets] - [22/01/2020 10:40:07]
AdwCleaner[S03].txt - [6050 octets] - [23/01/2020 00:30:24]
AdwCleaner[S04].txt - [6253 octets] - [24/01/2020 01:25:39]
AdwCleaner[C04].txt - [1921 octets] - [24/01/2020 01:26:17]
AdwCleaner[S05].txt - [6233 octets] - [24/01/2020 01:27:23]
AdwCleaner[S06].txt - [6344 octets] - [25/01/2020 09:09:49]
AdwCleaner[C06].txt - [2032 octets] - [25/01/2020 09:10:05]
AdwCleaner[S07].txt - [6416 octets] - [25/01/2020 14:45:36]
AdwCleaner[S08].txt - [6557 octets] - [03/02/2020 04:04:36]
AdwCleaner[S09].txt - [6618 octets] - [03/02/2020 10:47:02]
AdwCleaner[S10].txt - [6679 octets] - [05/02/2020 23:23:05]
AdwCleaner[S11].txt - [7178 octets] - [18/02/2020 00:30:28]
AdwCleaner[C11].txt - [2792 octets] - [18/02/2020 00:30:54]
AdwCleaner[S12].txt - [6862 octets] - [18/02/2020 00:37:57]
AdwCleaner[S13].txt - [7060 octets] - [07/03/2020 11:23:07]
AdwCleaner[C13].txt - [2730 octets] - [07/03/2020 11:23:50]
AdwCleaner[S14].txt - [7107 octets] - [18/06/2020 14:16:55]
AdwCleaner[C14].txt - [2797 octets] - [18/06/2020 14:17:38]
AdwCleaner[S15].txt - [7167 octets] - [18/06/2020 14:27:43]
AdwCleaner[S16].txt - [7228 octets] - [22/07/2020 01:11:09]
AdwCleaner[S17].txt - [7289 octets] - [22/07/2020 01:12:29]
AdwCleaner[S18].txt - [7350 octets] - [29/08/2020 08:59:24]
AdwCleaner[S19].txt - [7472 octets] - [02/09/2020 21:30:26]
AdwCleaner[S20].txt - [7533 octets] - [23/09/2020 19:47:43]
AdwCleaner[S21].txt - [7533 octets] - [25/09/2020 14:02:45]
AdwCleaner[S22].txt - [7655 octets] - [28/09/2020 17:46:58]
AdwCleaner[C22].txt - [3345 octets] - [28/09/2020 17:47:50]
AdwCleaner[S23].txt - [8311 octets] - [28/09/2020 19:53:04]
AdwCleaner[C23].txt - [3776 octets] - [28/09/2020 19:53:17]
AdwCleaner[S24].txt - [7857 octets] - [28/09/2020 20:00:44]
AdwCleaner[C24].txt - [3547 octets] - [28/09/2020 20:02:05]
AdwCleaner[S25].txt - [7960 octets] - [29/09/2020 04:55:18]
AdwCleaner[S26].txt - [8082 octets] - [08/10/2020 09:40:42]
AdwCleaner[C26].txt - [3772 octets] - [08/10/2020 09:44:40]
AdwCleaner[S27].txt - [8143 octets] - [08/10/2020 10:13:55]
AdwCleaner[S28].txt - [8204 octets] - [09/10/2020 23:44:48]
AdwCleaner[S29].txt - [8265 octets] - [14/10/2020 23:38:57]
AdwCleaner[S30].txt - [8326 octets] - [15/10/2020 00:09:28]
AdwCleaner[S31].txt - [8387 octets] - [17/10/2020 15:02:18]
AdwCleaner[S32].txt - [11244 octets] - [15/03/2021 01:27:19]
AdwCleaner[C32].txt - [7199 octets] - [15/03/2021 01:28:42]
AdwCleaner[S33].txt - [7525 octets] - [15/03/2021 16:18:26]
AdwCleaner[S34].txt - [7586 octets] - [15/03/2021 16:20:08]
AdwCleaner[S35].txt - [4392 octets] - [16/03/2021 09:19:59]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C35].txt ##########
Adware Cleaner Log

cosinus 16.03.2021 09:37
Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.

http://www.trojaner-board.de/picture...&pictureid=611

Phaeton 16.03.2021 10:20
FRST

FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2021
durchgeführt von Andreas Ebner (Administrator) auf LAPTOP-CQ0D7NOI (Acer Predator PH517-51) (16-03-2021 09:50:08)
Gestartet von I:\
Geladene Profile: Andreas Ebner
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\PredatorSense Service\PSAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\PredatorSense Service\PSAgent.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_62a0e7f4cd3e6c99\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(KeepSolid Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe
(Malwarebytes Corporation -> Malwarebytes) C:\ProgramData\MB3Install\MBAMIService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [768448 2018-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\SYSTEM32\DRIVERSTORE\FILEREPOSITORY\WAVESAPO77AC.INF_AMD64_1C72DFBD7A8B521F\WAVESSVC64.EXE [1287440 2018-05-30] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [224768 2019-10-26] (Open-Shell) [Datei ist nicht signiert]
HKLM-x32\...\Run: [GXT155gmmouseRun] => C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\GXT155mon.exe [3435520 2018-06-11] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [2944120 2019-07-11] (Anvsoft Inc. -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Run: [Folder Size] => C:\Program Files\FolderSize\FolderSize.exe [169472 2013-02-12] (Brio) [Datei ist nicht signiert]
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Run: [Amazon Music Helper] => C:\Users\Andreas Ebner\AppData\Local\Amazon Music\Amazon Music Helper.exe [2107848 2020-05-23] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe [492032 2019-11-25] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Run: [Amazon Music] => C:\Users\Andreas Ebner\AppData\Local\Amazon Music\Amazon Music.exe [20373448 2020-05-23] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKLM\...\Windows x64\Print Processors\Canon TS8200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEK.DLL [482816 2018-11-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8200 series: C:\Windows\system32\CNMLMEK.DLL [904192 2018-11-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP B111 Status Monitor: C:\Windows\system32\hpinkstsB111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Control Center.lnk [2019-09-19]
ShortcutTarget: Killer Control Center.lnk -> C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe (Rivet Networks LLC -> Rivet Networks)
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0DBE97F8-6C00-413B-9880-CEF0C3E3144F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {143C69E5-5FD5-4558-A6BA-99056575EC72} - \Microsoft\Windows\Windows Error Reporting\SysInfo -> Keine Datei <==== ACHTUNG
Task: {1C71DCDF-E249-4B96-9C87-81E7B1B18336} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {27B5F7F6-0E1C-499F-9969-B3C9A7176502} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7071000 2019-08-29] (Nero AG -> Nero AG)
Task: {28519E13-FAD4-4EB3-90E6-F16C060A8576} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2AE11AF1-8D11-47DA-8F01-468864E5458B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BED9E85-9FFF-4456-80F4-C0DD0A0DC905} - System32\Tasks\dmci => C:\Users\ANDREA~1\dmci\ohxobu.exe -> C:\Users\ANDREA~1\dmci\fnnd.ssm
Task: {2C20BB6A-F3DD-4ED3-B288-D13FC87029EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {332D52C9-E8FE-45B0-9732-35E8270ED02A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {36972BE7-3BA2-4B90-8F44-1472DE441194} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37ACB099-7453-41AA-9C67-00F332364B07} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {4045B47F-B3BA-4D17-AE11-A97AB0CC7FED} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {48C1D5D3-51A8-40F5-91A6-E91D933AAADB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B980566-1FA1-4317-9B56-39FA8CA885AD} - \PC Cleaner repairing -> Keine Datei <==== ACHTUNG
Task: {4C79F391-64E0-4EEB-A0C5-EAC4C3953168} - System32\Tasks\IMF_SkipUAC_Andreas Ebner => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
Task: {4DCF3553-E408-48F8-967A-ED143F919B23} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {509B46F4-E139-4699-9E8F-7032C6F7B533} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris Trojan Remover\ltr.exe [17908736 2021-01-07] (Loaris Inc.) [Datei ist nicht signiert]
Task: {5413A72E-71CB-47EE-B77C-DBA6849DAD87} - System32\Tasks\IMF_SkipUAC_adm => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
Task: {622E3556-B0D5-4FE0-A048-8C16AEAF86D6} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {63A780BE-553B-4160-8F75-3933807C6F94} - System32\Tasks\BlueStacksHelper => D:\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {669D58B1-FD25-4C91-BD10-8682412158A5} - System32\Tasks\Norton Security Scan for Andreas Ebner => C:\PROGRA~2\NORTON~2\Engine\461~1.150\Nss.exe
Task: {670B7F97-D28A-49D5-A25C-83B58E6DFE93} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {67C67D30-C919-448D-B9C5-4EBDECAD47C0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {6A067CC0-C766-4833-84BA-142539FAE128} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E5E9A48-2165-4040-ABB1-AF7673845C61} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302184 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {7E2D93D1-98CA-4313-8091-AEFCE59ADE76} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {875096B5-CC77-4225-9C3F-0F5B8E826ECA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8B45FE22-1046-47F6-A071-2E6F58937F53} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {8DEF72EB-E500-44BF-9302-FBF0034816DE} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {8F0C014E-4FF3-4186-9948-151E434BA141} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Andreas Ebner\Desktop\esetonlinescanner_enu.exe
Task: {8F476193-8984-4554-96FB-E3927F6404A0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92E1468D-5693-4592-80AD-D3BBFB38B6A4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {9966559E-E12A-4EB0-931D-8365FD62F8A9} - System32\Tasks\PredatorSense UI => C:\Program Files\Acer\PredatorSense Service\PSLauncher.exe [580888 2019-10-09] (Acer Incorporated -> Acer Incorporated)
Task: {C54F7330-639B-4617-9A81-CDB32055B55C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {C8F8901B-498B-4DA8-94E0-904BCD0E96EF} - System32\Tasks\PredatorSense => C:\Program Files\Acer\PredatorSense Service\PSLauncher.exe [580888 2019-10-09] (Acer Incorporated -> Acer Incorporated)
Task: {CEB723EE-D84D-49A9-AB75-9F95C2A08945} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {D0720991-C887-41BE-A650-4A090FA84E12} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [91440 2017-09-26] (Acer Incorporated -> Microsoft)
Task: {D4EE7AFA-FEBC-4C0D-A7B9-4D612AC01FB9} - System32\Tasks\UAC => C:\Users\Andreas [Argument = Ebner\AppData\Roaming\NsMiner\IMG001.exe]
Task: {D9E6FBB8-8C39-4FF2-84F6-EA9A619CB4E7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {DAF737BA-4855-4070-B610-E9D128DFE022} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4274780374-310312604-1853351802-500 => C:\Users\Andreas Ebner\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {DEF9ABC2-8F13-40AD-A0F7-2B3621169028} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Andreas Ebner\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {E113C8C6-B2C3-413F-B2A3-3FCABE397FA4} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Andreas Ebner\Desktop\esetonlinescanner_enu.exe
Task: {F59C6A1E-869F-4078-A9DC-B166C143FE04} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2019-10-09] (Acer Incorporated -> Acer Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\UAC.job => C:\Users\Andreas)Ebner\AppData\Roaming\NsMiner\IMG001.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{046a620e-7093-4d77-b616-2ef61dd65007}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{759d83ac-f5e0-c89b-38c2-ca581e218a0c}: [NameServer] 10.100.0.1

Edge:
=======
Edge Extension: (Amazon Assistant) -> xxx_AmazoncomAmazonAssistant_343d40qqvtj1t => C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1910.9.0_neutral__343d40qqvtj1t [2021-03-15]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Andreas Ebner\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-16]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: dwreqduu.default
FF DefaultProfile: e28ier59.default-1548431725211
FF ProfilePath: C:\Users\Andreas Ebner\AppData\Roaming\Waterfox\Profiles\dwreqduu.default [2020-11-11]
FF ProfilePath: C:\Users\Andreas Ebner\AppData\Roaming\Waterfox\Profiles\biqe5yt2.68-edition-default [2021-03-04]
FF ProfilePath: C:\Users\Andreas Ebner\AppData\Roaming\Mozilla\Firefox\Profiles\e28ier59.default-1548431725211 [2021-03-16]
FF DownloadDir: D:\Downloads
FF Session Restore: Mozilla\Firefox\Profiles\e28ier59.default-1548431725211 -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\e28ier59.default-1548431725211 -> hxxps://crackwatch.com; hxxps://www.instagram.com
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\Andreas Ebner\AppData\Roaming\Mozilla\Firefox\Profiles\e28ier59.default-1548431725211\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-02-25] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Andreas Ebner\AppData\Roaming\Mozilla\Firefox\Profiles\e28ier59.default-1548431725211\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-02-02]
FF Extension: (Dark Fox) - C:\Users\Andreas Ebner\AppData\Roaming\Mozilla\Firefox\Profiles\e28ier59.default-1548431725211\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2021-02-02]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
S2 CdRomAccessAgentService; C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe [96152 2020-10-02] (Shenzhen Moyea Software -> Leawo Software)
S2 ETGMGlcsSrv; C:\Program Files (x86)\Trust GXT 155 Gaming Mouse\ETGMSrv.exe [1181544 2012-04-24] (Eastern Times Technology Co.,Ltd -> )
S2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-12] (Brio) [Datei ist nicht signiert]
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2319320 2018-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Rivet Networks)
R2 MBAMIService; C:\ProgramData\MB3Install\MBAMIService.exe [231120 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-22] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2535000 2021-02-24] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3480152 2021-02-24] (Electronic Arts, Inc. -> Electronic Arts)
S3 PSSvc; C:\Program Files\Acer\PredatorSense Service\PSSvc.exe [979736 2019-10-09] (Acer Incorporated -> Acer Incorporated)
S3 Rockstar Service; D:\Rockstar Games Launcher\RockstarService.exe [474256 2019-12-05] (Rockstar Games, Inc. -> Rockstar Games)
S2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
R2 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [47616 2020-12-24] (KeepSolid Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WireGuardTunnel$VPNUWireguard; C:\Program Files (x86)\VPN Unlimited\WireVPNUImpl.exe [17920 2020-10-12] () [Datei ist nicht signiert]
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 SecurityServiceMonitor; C:\Program Files (x86)\TotalAV\SecurityService.exe --monitor [X] <==== ACHTUNG
S3 VBoxSDS; "C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-11-11] (Martin Malik - REALiX -> REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-03-15] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-14] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2018-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 RfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\RfeCo10X64.sys [150152 2018-04-26] (Rivet Networks LLC -> Rivet Networks, LLC.)
S1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-07-09] (Audials AG -> Audials AG)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (The OpenVPN Project) [Datei ist nicht signiert]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 usbglcs1100302; C:\WINDOWS\system32\drivers\usbglcs1100302.sys [25600 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239872 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249776 2021-01-07] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [38176 2020-08-21] (WireGuard LLC -> WireGuard LLC)
U4 ekrn; kein ImagePath
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-03-16 09:13 - 2021-03-16 09:13 - 008463216 _____ (Malwarebytes) C:\Users\Andreas Ebner\Desktop\adwcleaner_8.1.exe
2021-03-16 01:34 - 2021-03-16 01:34 - 000000000 ___RD C:\Users\Andreas Ebner\iCloudDrive
2021-03-16 01:05 - 2021-03-16 01:05 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\IIIQF
2021-03-16 01:04 - 2021-03-16 01:04 - 000000000 ____D C:\ProgramData\ProductData
2021-03-15 22:19 - 2021-03-16 09:50 - 000000000 ____D C:\FRST
2021-03-15 22:11 - 2021-03-15 22:11 - 000002328 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2021-03-15 21:40 - 2021-03-15 21:40 - 000000000 ____D C:\Users\Andreas Ebner\RevoUninstallerProPortable
2021-03-15 21:37 - 2021-03-15 21:41 - 000000000 ____D C:\Users\Andreas Ebner\Desktop\Topf
2021-03-15 20:35 - 2021-03-15 20:35 - 000003840 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-03-15 20:35 - 2021-03-15 20:35 - 000003398 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-03-15 20:05 - 2021-03-15 20:07 - 000000804 _____ C:\Users\Andreas Ebner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-03-15 20:05 - 2021-03-15 20:05 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\ESET
2021-03-15 19:43 - 2021-03-15 19:54 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2021-03-15 19:43 - 2021-03-15 19:43 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\214197E3.sys
2021-03-15 19:21 - 2021-03-15 19:35 - 000000000 ___HD C:\$WINDOWS.~BT
2021-03-15 16:07 - 2021-03-15 17:25 - 000000000 ____D C:\ProgramData\HitmanPro
2021-03-15 15:52 - 2021-03-15 17:25 - 000000000 ____D C:\Users\Andreas Ebner\AppData\LocalLow\IGDump
2021-03-15 15:19 - 2021-03-15 15:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-03-15 13:50 - 2021-01-07 10:18 - 001037824 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2021-03-15 13:50 - 2021-01-07 10:18 - 000187888 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2021-03-15 13:32 - 2021-03-15 13:32 - 000000000 ___HD C:\$Windows.~WS
2021-03-15 09:17 - 2021-03-15 09:18 - 000000000 ____D C:\ProgramData\EaseUS Todo PCTrans
2021-03-15 09:16 - 2021-03-15 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans
2021-03-15 08:59 - 2021-03-15 08:59 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\DontSleep
2021-03-15 01:30 - 2021-03-15 01:30 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-03-15 00:48 - 2021-03-15 00:48 - 000000000 ____D C:\MATS
2021-03-14 23:11 - 2021-03-14 23:11 - 000002936 _____ C:\WINDOWS\system32\Tasks\IMF_SkipUAC_adm
2021-03-14 23:09 - 2021-03-15 22:12 - 000000000 ____D C:\Users\Administrator\AppData\Local\OpenShell
2021-03-14 23:09 - 2021-03-14 23:11 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2021-03-14 23:09 - 2021-03-14 23:09 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2021-03-14 23:09 - 2021-03-14 23:09 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\OpenShell
2021-03-14 19:02 - 2021-03-15 17:25 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\wureset
2021-03-14 19:02 - 2021-03-14 19:02 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reset Windows Update Tool
2021-03-14 19:02 - 2021-03-14 19:02 - 000000000 ____D C:\Program Files\wureset
2021-03-14 18:51 - 2021-03-14 18:51 - 000000000 ___RD C:\Users\Andreas Ebner\Documents\Scanned Documents
2021-03-14 18:51 - 2021-03-14 18:51 - 000000000 ____D C:\Users\Andreas Ebner\Documents\Fax
2021-03-14 18:19 - 2021-03-14 18:19 - 000214174 _____ C:\Users\Andreas Ebner\Downloads\WindowsFirewall.diagcab
2021-03-14 17:24 - 2021-03-14 17:24 - 000002956 _____ C:\WINDOWS\system32\Tasks\IMF_SkipUAC_Andreas Ebner
2021-03-14 16:56 - 2021-03-14 16:56 - 008823656 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys
2021-03-14 16:56 - 2021-03-14 16:56 - 002673724 _____ C:\WINDOWS\system32\Drivers\Netwfw08.dat
2021-03-14 16:56 - 2021-03-14 16:56 - 001058152 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2021-03-14 16:55 - 2021-03-14 16:55 - 006161712 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2021-03-14 16:55 - 2021-03-14 16:55 - 000539440 _____ (Intel Corporation) C:\WINDOWS\system32\ibtsiva.exe
2021-03-14 16:55 - 2021-03-14 16:55 - 000441648 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2021-03-14 16:26 - 2021-03-14 16:26 - 000000000 ___HD C:\$SysReset
2021-03-14 13:16 - 2021-03-14 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-03-14 13:16 - 2021-03-14 13:16 - 000000000 ____D C:\Program Files\iPod
2021-03-13 09:38 - 2021-03-13 09:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-11 16:58 - 2021-03-11 16:58 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-11 16:58 - 2021-03-11 16:58 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-11 16:58 - 2021-03-11 16:58 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-11 16:58 - 2021-03-11 16:58 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-11 16:58 - 2021-03-11 16:58 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-11 16:58 - 2021-03-11 16:58 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-11 16:58 - 2021-03-11 16:58 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-11 16:58 - 2021-03-11 16:58 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-11 16:58 - 2021-03-11 16:58 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-27 21:35 - 2021-02-24 13:53 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-02-27 21:35 - 2021-02-24 13:53 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-02-27 21:35 - 2021-02-24 13:53 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-02-27 21:35 - 2021-02-24 13:53 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-02-27 21:35 - 2021-02-24 13:53 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-02-27 21:35 - 2021-02-24 13:53 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-02-27 21:35 - 2021-02-24 13:51 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-02-27 21:35 - 2021-02-24 13:51 - 000546096 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 001511192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 001163544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 000671512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 000655664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-02-27 21:35 - 2021-02-24 13:50 - 000556816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 008260880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 007391512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 004610320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 002729776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 001730864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446172.dll
2021-02-27 21:35 - 2021-02-24 13:49 - 001490200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446172.dll
2021-02-27 21:35 - 2021-02-24 13:42 - 006072896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-02-24 14:49 - 2021-02-24 14:49 - 000162958 _____ C:\FolderDescriptions.reg
2021-02-24 14:35 - 2021-02-24 14:35 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\LockHunter
2021-02-24 14:35 - 2021-02-24 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LockHunter
2021-02-24 14:35 - 2021-02-24 14:35 - 000000000 ____D C:\Program Files\LockHunter
2021-02-24 11:28 - 2021-02-24 14:26 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileBot
2021-02-24 10:54 - 2021-02-24 10:54 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\FreeGrabApp
2021-02-24 10:54 - 2021-02-24 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeGrabApp
2021-02-24 10:54 - 2021-02-24 10:54 - 000000000 ____D C:\ProgramData\FreeGrabApp
2021-02-24 10:54 - 2021-02-24 10:54 - 000000000 ____D C:\Program Files (x86)\FreeGrabApp
2021-02-22 12:02 - 2021-02-22 12:02 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-22 11:46 - 2021-02-22 11:46 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\GUI.Win
2021-02-21 10:13 - 2021-02-24 17:12 - 000000000 ____D C:\Program Files\Loaris Trojan Remover
2021-02-21 10:13 - 2021-02-21 10:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loaris Trojan Remover
2021-02-16 08:58 - 2021-02-16 08:58 - 000000000 ____D C:\Users\Andreas Ebner\Downloads\kann_man_bei_tvnow_herunterladen
2021-02-16 08:57 - 2021-02-16 08:57 - 000001877 _____ C:\Users\Andreas Ebner\Downloads\kann_man_bei_tvnow_herunterladen.zip
2021-02-14 13:01 - 2021-02-14 13:01 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\WhatsApp

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-03-16 09:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-16 09:30 - 2019-01-31 09:12 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-16 09:29 - 2019-01-08 13:19 - 000000000 ____D C:\Users\Andreas Ebner\AppData\LocalLow\Mozilla
2021-03-16 09:20 - 2019-01-08 12:58 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-16 09:20 - 2018-10-26 19:00 - 000000000 ____D C:\ProgramData\Acer
2021-03-16 09:18 - 2019-01-08 15:04 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\JDownloader 2.0
2021-03-16 09:11 - 2020-09-27 06:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-16 08:57 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-16 07:46 - 2020-11-10 18:49 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\OpenShell
2021-03-16 05:40 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-16 05:25 - 2019-01-08 16:04 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\CrashDumps
2021-03-16 02:27 - 2019-01-11 17:36 - 000000000 ____D C:\Program Files\KMSpico
2021-03-16 01:41 - 2020-11-10 18:46 - 001733632 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-16 01:41 - 2019-12-07 15:50 - 000748644 _____ C:\WINDOWS\system32\perfh007.dat
2021-03-16 01:41 - 2019-12-07 15:50 - 000151474 _____ C:\WINDOWS\system32\perfc007.dat
2021-03-16 01:34 - 2020-11-10 18:15 - 000000000 ____D C:\Users\Andreas Ebner
2021-03-16 01:34 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-16 01:34 - 2020-09-27 06:50 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-16 01:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-16 01:34 - 2019-11-27 00:25 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\Apple Inc
2021-03-16 01:33 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-16 01:05 - 2020-08-16 22:53 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\Google
2021-03-16 01:05 - 2020-01-18 08:30 - 000000000 ____D C:\Program Files (x86)\Google
2021-03-16 01:04 - 2020-11-11 11:06 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\IObit
2021-03-16 01:04 - 2020-11-11 11:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 8
2021-03-16 01:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-03-16 01:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-03-16 01:02 - 2019-01-09 10:13 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-03-16 01:02 - 2018-10-26 18:59 - 000000000 ____D C:\ProgramData\OEM
2021-03-16 01:02 - 2018-10-26 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2021-03-16 01:02 - 2018-10-26 18:59 - 000000000 ____D C:\Program Files\Acer
2021-03-16 01:00 - 2020-11-10 18:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\CareCenter
2021-03-16 01:00 - 2019-01-08 21:55 - 000000000 ___HD C:\OEM
2021-03-15 22:27 - 2020-11-10 18:44 - 000004186 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{59980136-2A6A-449B-A722-C0892DAA3EB4}
2021-03-15 22:13 - 2019-03-23 09:24 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2021-03-15 22:12 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-15 21:48 - 2019-07-18 19:28 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2021-03-15 20:47 - 2020-09-27 08:53 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-15 20:12 - 2020-09-28 17:40 - 000000000 ____D C:\Users\Andreas Ebner\Documents\VlcpVideoV1.0.1
2021-03-15 19:43 - 2021-02-01 23:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-15 19:37 - 2020-11-11 11:06 - 000000000 ____D C:\ProgramData\IObit
2021-03-15 19:37 - 2020-11-11 11:06 - 000000000 ____D C:\Program Files (x86)\IObit
2021-03-15 19:21 - 2020-11-10 18:43 - 000001890 _____ C:\WINDOWS\diagwrn.xml
2021-03-15 19:21 - 2020-11-10 18:43 - 000001890 _____ C:\WINDOWS\diagerr.xml
2021-03-15 19:21 - 2020-11-10 17:42 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-15 19:14 - 2020-01-22 11:59 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\vlc
2021-03-15 17:25 - 2020-11-10 18:15 - 000000000 ____D C:\Users\Administrator
2021-03-15 17:25 - 2020-04-15 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisPC VideoTube Downloader Pro
2021-03-15 17:25 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-15 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Catroot2.bak
2021-03-15 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2021-03-15 17:25 - 2019-11-25 22:50 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\Backuptrans Android iPhone WhatsApp Transfer + (x64)
2021-03-15 17:25 - 2019-04-10 06:57 - 000000000 ____D C:\Users\Andreas Ebner\Desktop\RevoUninstallerProPortable
2021-03-15 17:25 - 2019-01-08 14:06 - 000000000 ____D C:\Program Files\Common Files\AV
2021-03-15 17:25 - 2018-10-26 19:10 - 000000000 ____D C:\ProgramData\Norton
2021-03-15 17:22 - 2020-11-10 17:20 - 000000000 ____D C:\WINDOWS\SoftwareDistribution.bak
2021-03-15 17:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-03-15 17:22 - 2019-01-11 17:16 - 000000000 __RHD C:\MSOCache
2021-03-15 16:40 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-15 15:33 - 2019-01-08 13:09 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\Packages
2021-03-15 14:05 - 2020-09-27 08:54 - 000000000 ____D C:\ProgramData\Packages
2021-03-15 14:05 - 2019-01-08 13:16 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\PlaceholderTileLogoFolder
2021-03-15 13:40 - 2020-08-10 15:52 - 000000000 ____D C:\ESD
2021-03-15 10:51 - 2019-01-11 09:19 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\D3DSCache
2021-03-15 10:49 - 2019-03-05 13:34 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\ElevatedDiagnostics
2021-03-15 10:22 - 2020-11-10 17:37 - 000000000 ___HD C:\$GetCurrent
2021-03-15 09:16 - 2019-04-14 19:23 - 000000000 ____D C:\ProgramData\SystemAcCrux
2021-03-15 08:40 - 2019-01-08 20:42 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-15 01:21 - 2019-02-20 10:53 - 000000306 __RSH C:\ProgramData\ntuser.pol
2021-03-15 00:48 - 2019-01-08 20:37 - 000000000 ____D C:\Program Files\rempl
2021-03-15 00:32 - 2020-11-10 18:44 - 000000276 _____ C:\WINDOWS\WindowsUpdate.log.bak
2021-03-15 00:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-15 00:12 - 2019-03-23 09:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2021-03-14 23:13 - 2019-06-28 23:34 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\Origin
2021-03-14 23:13 - 2019-01-09 00:06 - 000000000 ____D C:\ProgramData\Origin
2021-03-14 23:09 - 2019-03-23 09:24 - 000000000 ___RD C:\Users\Administrator\3D Objects
2021-03-14 17:35 - 2020-12-14 12:27 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-03-14 16:55 - 2019-08-30 17:35 - 000164600 _____ (Qualcomm Atheros, Inc.) C:\WINDOWS\system32\Drivers\e2xw10x64.sys
2021-03-14 15:14 - 2019-02-14 12:40 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\Apple Computer
2021-03-14 13:26 - 2018-10-26 18:47 - 001755928 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2021-03-14 13:01 - 2021-01-29 10:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-14 13:01 - 2019-01-08 14:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-14 04:27 - 2020-09-08 22:51 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\TeraCopy
2021-03-13 09:38 - 2019-01-08 14:53 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-11 17:11 - 2020-08-12 09:54 - 000000000 ____D C:\Users\Andreas Ebner\.fontconfig
2021-03-11 17:09 - 2020-09-27 06:50 - 000668760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-11 16:54 - 2019-01-08 20:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-11 16:51 - 2019-02-04 17:42 - 000000000 ____D C:\Program Files\dotnet
2021-03-11 16:51 - 2019-01-11 17:17 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-03-11 16:51 - 2018-10-26 18:30 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-11 15:50 - 2020-08-20 00:43 - 000000000 ___HD C:\$WinREAgent
2021-03-10 23:12 - 2020-10-01 13:21 - 000000128 _____ C:\Users\Andreas Ebner\AppData\Roaming\winscp.rnd
2021-03-10 22:45 - 2019-01-08 15:08 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\NVIDIA
2021-03-09 22:05 - 2017-09-29 14:46 - 000000167 _____ C:\WINDOWS\win.ini
2021-03-08 19:34 - 2021-01-04 21:42 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\TunePat Netflix Video Downloader
2021-03-04 06:42 - 2020-11-28 07:58 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b788ddf1b3e0
2021-03-04 06:42 - 2020-09-27 08:52 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-03 19:20 - 2019-07-18 19:07 - 000000000 ____D C:\Program Files (x86)\Origin
2021-02-28 16:47 - 2020-12-29 07:59 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\TuneCable Spotify Downloader
2021-02-24 13:42 - 2020-10-15 14:51 - 007117744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-02-24 11:28 - 2020-09-28 22:09 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\FileBot
2021-02-24 02:51 - 2020-10-15 14:51 - 000061257 _____ C:\WINDOWS\system32\nvinfo.pb
2021-02-23 22:53 - 2020-04-03 22:36 - 005627248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 002635632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 001758064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 000990064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 000120176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-02-23 22:53 - 2020-04-03 22:36 - 000082288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-02-23 01:14 - 2020-06-13 20:25 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\SFDL.NET 3
2021-02-22 12:03 - 2021-02-01 23:36 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-20 23:19 - 2020-08-15 02:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-15 13:46 - 2019-05-02 10:09 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\RenPy
2021-02-14 14:58 - 2020-03-05 14:41 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\WhatsApp
2021-02-14 13:01 - 2020-03-05 14:41 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-02-14 13:01 - 2020-03-05 14:41 - 000000000 ____D C:\Users\Andreas Ebner\AppData\Local\SquirrelTemp

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2019-05-12 08:39 - 2018-09-15 08:29 - 000045136 ___SH (Microsoft Corporation) C:\Users\Andreas Ebner\RegSvcs.exe
2019-03-26 22:06 - 2019-03-26 22:06 - 000000648 _____ () C:\Program Files (x86)\gruppe.txt
2020-03-17 14:24 - 2020-03-17 14:24 - 000000012 _____ () C:\Users\Andreas Ebner\AppData\Roaming\57194d7fac3eeb8711f0ca1082e7e000
2020-03-17 14:20 - 2020-03-17 14:20 - 000000171 _____ () C:\Users\Andreas Ebner\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-04-28 21:44 - 2019-10-28 10:49 - 000000047 _____ () C:\Users\Andreas Ebner\AppData\Roaming\sysvar
2020-10-01 13:21 - 2021-03-10 23:12 - 000000128 _____ () C:\Users\Andreas Ebner\AppData\Roaming\winscp.rnd
2019-10-09 10:44 - 2019-12-16 12:38 - 000000458 _____ () C:\Users\Andreas Ebner\AppData\Local\Tempcheckcoverage_cookie.txt

==================== FCheck ================================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2020-11-11] <==== ACHTUNG (Null Byte Datei/Ordner)

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
--- --- ---

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-03-2021
durchgeführt von Andreas Ebner (16-03-2021 09:51:09)
Gestartet von I:\
Windows 10 Home Version 20H2 19042.867 (X64) (2020-11-10 17:44:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4274780374-310312604-1853351802-500 - Administrator - Enabled) => C:\Users\Administrator
Andreas Ebner (S-1-5-21-4274780374-310312604-1853351802-1001 - Administrator - Enabled) => C:\Users\Andreas Ebner
DefaultAccount (S-1-5-21-4274780374-310312604-1853351802-503 - Limited - Disabled)
Gast (S-1-5-21-4274780374-310312604-1853351802-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4274780374-310312604-1853351802-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AltServer (HKLM-x32\...\{F6FFD3DD-A872-4F18-BD81-334A52EF9BFE}) (Version: 1.4.1 - Riley Testut)
Amazon Music (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Amazon Amazon Music) (Version: 7.12.0.2203 - Amazon.com Services LLC)
Anti-Twin (Installation 04.03.2019) (HKLM-x32\...\Anti-Twin 2019-03-04 18.17.18) (Version:  - Joerg Rosenthal, Germany)
AnyTrans (HKLM-x32\...\AnyTrans) (Version: 8.1.0.0 - iMobie Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Auto FTP Manager 7 (HKLM-x32\...\Auto FTP Manager 7_is1) (Version:  - DeskShare Inc.)
Avidemux VC++ 64bits (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\{8a390b8c-33a4-488b-adb2-1c204cadb2b7}) (Version: 2.7.5 - Mean)
AVS Audio Converter 9.1.2 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 9.1.2.600 - Online Media Technologies Ltd.)
Backuptrans Android iPhone WhatsApp Transfer + (x64) 3.2.129 (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Backuptrans Android iPhone WhatsApp Transfer + (x64)) (Version: 3.2.129 - Backuptrans)
BaZnGa IPTV M3U Editor version 1.2.0.60 (HKLM-x32\...\{24E17CFF-94B3-46A8-B7A6-2EDACB841E03}_is1) (Version: 1.2.0.60 - BaZnGa IPTV)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.260.0.1032 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.5.5 - Canon Inc.)
Canon PosterArtist Lite (HKLM-x32\...\{6C3D298C-B03A-49B9-863E-8E6D182033BB}) (Version: 2.99.00.001 - Ihr Firmenname) Hidden
Canon PosterArtist Lite (HKLM-x32\...\Canon PosterArtist Lite) (Version: 3.20.00 - Canon Inc.)
ChrisPC VideoTube Downloader Pro 12.03.31 (HKLM-x32\...\{6006089C-84B5-4F18-8113-9876543210ED}_is1) (Version:  - Chris P.C. srl)
CopyTrans Control Center nur deinstallieren (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\CopyTrans Suite) (Version: 4.100 - WindSolutions)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Crucial Storage Executive (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Crucial Storage Executive 3.60.082018.04) (Version: 3.60.082018.04 - Crucial)
Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 4.11 - Infonautics GmbH, Switzerland)
Directory List & Print Pro 4.11 (HKLM-x32\...\Directory List & Print Pro 4.11) (Version: 4.11 - Infonautics)
EaseUS Todo PCTrans 11.8 (HKLM-x32\...\EaseUS Todo PCTrans_is1) (Version:  - EaseUS)
ExifCleaner 3.1.0 (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\8457e380-8acb-5e7f-a000-5966971ba7cc) (Version: 3.1.0 - szTheory)
FFMPEG Addon (HKLM-x32\...\{111124AF-1ED4-44EF-B674-111111985342}_is1) (Version: 1.00 - FFMPEG)
FileBot (HKLM\...\{3154A34A-121F-49A4-92E3-BB977772C397}) (Version: 4.9.3 - Reinhard Pointner)
FileZilla Client 3.50.0 (HKLM-x32\...\FileZilla Client) (Version: 3.50.0 - Tim Kosse)
FlixGrab version 5.1.11.217 (HKLM-x32\...\FlixGrab_is1) (Version: 5.1.11.217 - FreeGrabApp Ltd)
FLV-Media-Player (HKLM-x32\...\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}) (Version: 2.0.3.2532 - HYBRIDWEB.de)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
FonePaw 6.2.0 (HKLM-x32\...\{77B09C3A-839E-4ea7-81BA-E5864F6BF388}_is1) (Version: 6.2.0 - FonePaw)
Free M4a to MP3 Converter 9.7 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
GetFLV 13.8558.858 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.1868.0 - Rockstar Games)
H2rename (HKLM-x32\...\H2rename) (Version: 0.7.4 - c't Magazin für Computertechnik)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
IJ Network Device Setup Utility (HKLM-x32\...\IJ Network Device Setup Utility) (Version: 1.10.0 - Canon Inc.)
iMazing 2.7.5.0 (HKLM\...\iMazing_is1) (Version: 2.7.5.0 - DigiDNA)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000000-0210-1031-84C8-B8D95FA3C8C3}) (Version: 21.00.0.4 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{ed99f619-885c-48d6-b971-0bc85013cd92}) (Version: 10.1.18010.8141 - Intel(R) Corporation)
IP-TV Player 49.4 (HKLM-x32\...\IP-TV_Player) (Version: 49.4 - ADSL Club Co Ltd)
IPTV Smarters Player 3.0.0 (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\fee38e36-bd5c-5f8c-a4c4-29d7f942a22c) (Version: 3.0.0 - IPTV Smarters Player)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
iTunes (HKLM\...\{DE0F48FE-04C1-4646-AA58-2BE7A1A58742}) (Version: 12.11.0.26 - Apple Inc.)
Jihosoft iTunes Backup Unlocker version 3.0.4.0 (HKLM-x32\...\{3274F1E0-E2AC-4CA5-883C-6DF994D4C172}_is1) (Version: 3.0.4.0 - Jihosoft Studio)
Killer Performance Driver Suite (HKLM\...\{CF4699BC-19FA-4FDC-A16F-E2A340622F8A}) (Version: 1.5.1852 - Rivet Networks)
Kodi (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Kodi) (Version:  - XBMC-Foundation)
Leawo Blu-ray Player Version  2.2.0.0 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 2.2.0.0 - Leawo Software)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Loaris Trojan Remover 3.1.60 (HKLM\...\{29988DC6-9C4A-49B2-AC86-5C380B29ADB9}_is1) (Version: 3.1.60 - Loaris Inc.)
LockHunter 3.3, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft .NET Core SDK 2.2.103 (x64) (HKLM-x32\...\{730ee99f-7165-41f7-b107-ced51cbb0c19}) (Version: 2.2.103 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.54 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4274780374-310312604-1853351802-500\...\OneDriveSetup.exe) (Version: 20.134.0705.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.13 (x64) (HKLM-x32\...\{df32638d-0722-47cb-b084-3dd851b1146e}) (Version: 3.1.13.29816 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movavi Video Converter 20 Premium (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\Movavi Video Converter 20 Premium) (Version: 20.2.1 - Movavi)
Mozilla Firefox 86.0.1 (x64 de) (HKLM\...\Mozilla Firefox 86.0.1 (x64 de)) (Version: 86.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
Mp3tag v3.02 (HKLM-x32\...\Mp3tag) (Version: 3.02 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Grafiktreiber 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Open-Shell (HKLM\...\{1CAB353D-D3F9-4C5D-A305-33D7BF270F1B}) (Version: 4.4.142 - The Open-Shell Team)
Oracle VM VirtualBox 6.1.18 (HKLM\...\{B1B2878D-9F1A-4403-84E7-6378D7D43C83}) (Version: 6.1.18 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.94.46774 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PassFab iPhone Unlocker 2.1.4.8 (HKLM-x32\...\{PassFab iPhone Unlocker}_is1) (Version: 2.1.4.8 - PassFab, Inc.)
PhotoStage Diashow-Programm (HKLM-x32\...\PhotoStage) (Version: 7.09 - NCH Software)
Pixillion Bildkonverter (HKLM-x32\...\Pixillion) (Version: 7.25 - NCH Software)
PredatorSense Service (HKLM\...\{8D399C7A-8693-4BDE-9D22-D43CBB8BBF62}) (Version: 3.00.3136 - Acer Incorporated)
Reset Windows Update Tool (HKLM\...\Reset Windows Update Tool11.0.0.9) (Version: 11.0.0.9 - Manuel Gil)
Revo Uninstaller Pro (HKLM\...\Revo Uninstaller Pro) (Version:  - VS Revo Group)
Revo Uninstaller Pro 4.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.5 - VS Revo Group, Ltd.)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.17.199 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.3 - Rockstar Games)
SopCast 4.2.0 (HKLM-x32\...\SopCast) (Version: 4.2.0 - www.sopcast.com)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.55254 - Electronic Arts)
Sticky Password 8.2.3.43 (HKLM-x32\...\Sticky Password_is1) (Version: 8.2 - Lamantine Software)
Telegram Desktop version 2.5.1 (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.5.1 - Telegram FZ-LLC)
TeraCopy version 3.4 beta (HKLM\...\TeraCopy_is1) (Version: 3.4 beta - Code Sector)
Thunderbolt™ Software (HKLM-x32\...\{6ECDE40C-4023-419A-8A4E-50FB71275876}) (Version: 17.3.73.350 - Intel Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52 - Ghisler Software GmbH)
Trust GXT 155 Gaming Mouse version 1.2 (HKLM-x32\...\{A523DAD0-3DF2-4FFB-9B36-58A4C2600EDD}_is1) (Version: 1.2 - TRUST)
TuneCable Spotify Downloader 1.2.0 (HKLM-x32\...\TuneCable Spotify Downloader) (Version: 1.2.0 - TuneCable)
TunePat Amazon Music Converter version 1.34 (HKLM-x32\...\{51244439-F4C9-2020-6666-90091911AAA}_is1) (Version: 1.34 - )
TunePat Netflix Video Downloader 1.4.1 (HKLM-x32\...\TunePat Netflix Video Downloader) (Version: 1.4.1 - TunePat)
TunSetupVPNU (HKLM\...\{3E4BC5B7-104F-40B3-BEC4-9CEF0BCD0EF8}) (Version: 1.0.0 - Keepsolid Inc.)
TV-Browser 4.2 (HKLM\...\tvbrowser-full) (Version: 4.2 - TV-Browser Team)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version:  - Microsoft)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VEGAS Pro 17.0 (HKLM\...\{8D4A5730-17CF-11EA-B57F-00155D6302F2}) (Version: 17.0.387 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VLC media player 3.0.8 (64-bit) (HKLM\...\{34A66242-34A2-4049-9808-1A693370FACE}) (Version: 3.0.8.0 - VideoLAN)
VPN Unlimited 8.3.1 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 8.3.1 - KeepSolid Inc.)
WATCHED 0.18.0 (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\6811d8ec-23f6-5ad3-9bb7-0e515c178d2a) (Version: 0.18.0 - WATCHED AG)
WhatsApp (HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\WhatsApp) (Version: 2.2102.9 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.91 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
WinSCP 5.17.9 (HKLM-x32\...\winscp3_is1) (Version: 5.17.9 - Martin Prikryl)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter(Build 11.7.0.3) (HKLM-x32\...\UniConverter_is1) (Version: 11.7.0.3 - Wondershare Software)

Packages:
=========
@{Microsoft.XboxDevices_300.1809.28002.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxDevices/Resources/LandingPageTitle/Text} -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.1809.28002.0_x64__8wekyb3d8bbwe [2019-03-23] (0)
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2021-03-15] (Acer Incorporated)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3024.0_x64__48frkmn4z8aw4 [2021-03-15] (Acer Incorporated)
Amazon Assistant -> C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1910.9.0_neutral__343d40qqvtj1t [2021-03-15] (Amazon.com)
Best Player -> C:\Program Files\WindowsApps\2949193320E78.BestPlayer8.1_7.1.5.0_x64__pg6a145mvhp7p [2021-03-15] (marios g.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2021-03-15] (Canon Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2021-03-15] (Dolby Laboratories)
Dolby Atmos for Headphones -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforHeadphones_2.3.303.0_x64__rz1tebttyb220 [2021-03-15] (Dolby Laboratories)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2020.4.45.0_x64__t5j2fzbtdg37r [2021-03-15] (DTS, Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2021-03-15] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft-Remotedesktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1701.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
MyIPTV Player -> C:\Program Files\WindowsApps\41879VbfnetApps.MyIPTVPlayer_4.2.5.0_x64__7casf8sqhfy78 [2021-03-15] (Vbfnet Apps) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-03-15] (Netflix, Inc.)
Netzkino -> C:\Program Files\WindowsApps\35124netzkino.Netzkino_3.3.1.1_neutral__843rhjq2hbnd4 [2021-03-15] (netzkino) [MS Ad]
PDF Reader - Ansehen, Kommentieren, Teilen -> C:\Program Files\WindowsApps\0D9A1B2D.PDFReaderUWP_1.11.0.0_x64__jhretta7p24aw [2021-03-15] (Kdan Mobile Software Ltd.)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2021-03-15] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2021-03-15] (CYBERLINK COM CORP)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2021-03-16] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0 [2021-03-15] (Spotify AB) [Startup Task]
Übersetzer -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation)
Waves MaxxAudio For Acer -> C:\Program Files\WindowsApps\WavesAudio.20761030F5EAC_1.0.67.0_x64__fh4rh281wavaa [2021-03-15] (Waves Audio)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4274780374-310312604-1853351802-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-10-26] (Open-Shell) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-10-26] (Open-Shell) [Datei ist nicht signiert]
ContextMenuHandlers1: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2021-01-04] (Loaris, LLC -> Loaris Inc.)
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2019-11-29] (Crystal Rich Ltd -> TODO: <Company name>)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-07-11] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2017-12-18] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [Datei ist nicht signiert]
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => c:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2021-01-04] (Loaris, LLC -> Loaris Inc.)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2019-11-29] (Crystal Rich Ltd -> TODO: <Company name>)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Keine Datei
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-07-11] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => c:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2021-01-04] (Loaris, LLC -> Loaris Inc.)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2019-11-29] (Crystal Rich Ltd -> TODO: <Company name>)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-07-11] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => c:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Loaris Trojan Remover] -> {4B884539-D34B-4F5B-B008-3A6F3B213E5C} => C:\Program Files\Loaris Trojan Remover\shellext.dll [2021-01-04] (Loaris, LLC -> Loaris Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2019-10-26] (Open-Shell) [Datei ist nicht signiert]
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => c:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert]
HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] () [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Andreas Ebner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reset Windows Update Tool\reset-settings.lnk -> C:\Program Files\wureset\wureset\bin\reset-settings.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2020-08-21 19:48 - 2020-12-24 12:48 - 001980928 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\VPN Unlimited\vpnu_private_sdk.dll
2020-09-08 22:51 - 2017-03-14 14:51 - 001714688 _____ () [Datei ist nicht signiert] C:\Program Files\TeraCopy\TeraCopy64.dll
2019-10-26 18:30 - 2019-10-26 18:30 - 000872960 _____ (Open-Shell) [Datei ist nicht signiert] C:\Program Files\Open-Shell\ClassicExplorer64.dll
2019-10-26 18:31 - 2019-10-26 18:31 - 003388928 _____ (Open-Shell) [Datei ist nicht signiert] C:\Program Files\Open-Shell\StartMenuDLL.dll
2020-08-21 19:48 - 2020-10-12 13:23 - 000361984 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files (x86)\VPN Unlimited\libcurl.dll
2020-08-21 19:48 - 2020-10-12 13:23 - 002516480 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\VPN Unlimited\libcrypto-1_1.dll
2020-08-21 19:48 - 2020-10-12 13:23 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\VPN Unlimited\libssl-1_1.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-4274780374-310312604-1853351802-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-4274780374-310312604-1853351802-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-4274780374-310312604-1853351802-1001 -> DefaultScope {4EEB31BA-3146-4404-A4BB-0DC2183D439F} URL =

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\windows.com -> hxxp://wustat.windows.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\windowsupdate.com -> hxxp://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\windowsupdate.com -> hxxps://download.windowsupdate.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\ws.microsoft.com -> hxxp://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\ws.microsoft.com -> hxxps://ws.microsoft.com
IE trusted site: HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\wustat.windows.com -> hxxp://wustat.windows.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-09-29 14:46 - 2021-02-21 11:42 - 000001096 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 hxxp://www.driver-soft.com
127.0.0.1  www.webrip.audials.com
127.0.0.1  www.dialog.audials.com
127.0.0.1  www.geoip.audials.com
0.0.0.0                  telemetry.malwarebytes.com

2019-02-15 09:10 - 2019-03-28 20:19 - 000000575 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
137.1 LAPTOP-CQ0D7NOI.mshome.net # 2024 2 3 14 21 53 0 667
67

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;D:\Program Files\Crucial\Crucial Storage Executive;D:\Program Files\FileBot\;C:\Program Files\wureset
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Acer01.jpg
HKU\S-1-5-21-4274780374-310312604-1853351802-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
mpsdrv => Firewall Dienst läuft nicht.
MpsSvc => Firewall Dienst läuft nicht.

Network Binding:
=============
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
WLAN: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "WSAndroidAppHelper.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WSAppHelper.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Updater"
HKLM\...\StartupApproved\Run32: => "FonePaw iPhone Data RecoveryAppService"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-4274780374-310312604-1853351802-1001\...\StartupApproved\Run: => "iFunBox"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{504402C0-952F-43EF-8E92-3F7B494941C6}C:\users\andreas ebner\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\andreas ebner\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [TCP Query User{F321F72E-D15F-4012-BD26-99FC953B991F}C:\users\andreas ebner\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\andreas ebner\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{C308C176-7726-472E-A6D3-4D14FF86E95B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{C9C87789-19DD-4CEB-8199-2324C1D34A74}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{7F5E33CD-D8FE-4335-B002-28A1AA13F765}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{974B154B-686B-4BFF-B8F8-D5059C942E48}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7EA265A9-CD3A-4A75-A653-065FDECEDEF0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FA82174D-2136-48A4-93AF-464DEAE2A526}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDB1787E-2228-4DE9-816A-1D10D10ED1C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B1AA56EC-038D-4AEC-BDF9-D8E4FCD372FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7F9595A6-5D8E-419E-B44A-10CFC3FAAC76}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7DC9EFC8-BCAE-4351-9F5F-5E698AC8DFDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{85049C95-D2F1-4C35-BDEF-E6AC2E2B81D3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C1ED1D87-8906-4CBF-A6F8-D2C6BD0D7CCD}] => (Allow) D:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6421B682-71C8-4C87-8E94-BCDD8774E943}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9C2B70AD-2599-41B0-900E-BC9CA4BDA98A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{230044A1-D40D-4D65-90A9-B1C04DA2488C}D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe] => (Allow) D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe (DeskShare, Inc. -> Deskshare) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{93ED4EA9-752A-4658-8C2C-DBCAB7FAFD5D}D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe] => (Allow) D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe (DeskShare, Inc. -> Deskshare) [Datei ist nicht signiert]
FirewallRules: [{D8F6F522-01F6-41C5-8F04-D445521655B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{471A910C-1C07-45DC-9282-7F3C817F7676}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{AD9F8D1C-551C-452B-A140-7EB8AA6885E1}C:\users\andreas ebner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andreas ebner\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [UDP Query User{09A405AF-CECE-48DF-9E23-424BFBD7A102}C:\users\andreas ebner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andreas ebner\appdata\roaming\spotify\spotify.exe => Keine Datei
FirewallRules: [TCP Query User{77348E8A-FECF-47A0-926C-A8F2E1D71D82}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{0606A3BD-8835-415D-8230-684493986A4C}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{D2CC1932-B4DE-4FB4-95C2-50DA9BEF0C82}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (KeepSolid Inc.) [Datei ist nicht signiert]
FirewallRules: [{034B9D54-D114-480C-985A-A06AC78A31A9}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (KeepSolid Inc.) [Datei ist nicht signiert]
FirewallRules: [{0D59503D-DABC-4F18-9B62-A11125322336}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [Datei ist nicht signiert]
FirewallRules: [{0BE3BD1D-CEB0-4486-8ED8-B8277AF819C2}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{9BB26EA8-81AF-4DCA-A450-40F08F4B3501}D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe] => (Allow) D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe (DeskShare, Inc. -> Deskshare) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{1F58E78B-56C4-484C-B201-879918FE2CEC}D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe] => (Allow) D:\program files (x86)\deskshare\auto ftp manager 7\auto ftp manager.exe (DeskShare, Inc. -> Deskshare) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F3A83457-800B-42CB-8F4E-F8221A16B471}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{FA909C65-FD5D-4D63-801F-906C19524937}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{EF7EE8BF-BA7A-4589-8BE3-D95C8F63670D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC01363B-1D0C-4BC9-812B-12C937672184}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A271A209-5186-48DA-A04E-962F42AD35C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DFA3C712-AEA9-4951-BC85-D6149F0A6045}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EE212E3E-1AB9-4E16-87E1-234CA36CF825}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DFF5CD9-7E6C-450C-B563-E2C3877AB4AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{387B5492-B444-4EB0-93C4-C529C69C7574}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9E0B902D-DF22-469E-85E6-A8CB3C5F828E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1D5F0B76-73F3-46B3-971F-7ABE1B5FEE73}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{BA76399B-5053-4C70-B6E9-51F9B00E58A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe => Keine Datei
FirewallRules: [{9E81686D-01A4-48A0-ADD8-0ACF4CFC74B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{18CA7050-E930-454E-8066-AE8D9A220381}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B8A3BD51-9E47-48B3-B927-6C01AE14439F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{532B3716-B10F-42C1-95D1-0AEFC089EEBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{B0B12BF1-ACA2-471F-8BDF-CBBE8F3D69E8}E:\musik\stick kodi lastship destiny\kodi\kodi.exe] => (Allow) E:\musik\stick kodi lastship destiny\kodi\kodi.exe => Keine Datei
FirewallRules: [UDP Query User{E2EA3F2A-793B-46C4-8021-01F186EA13F5}E:\musik\stick kodi lastship destiny\kodi\kodi.exe] => (Allow) E:\musik\stick kodi lastship destiny\kodi\kodi.exe => Keine Datei

==================== Wiederherstellungspunkte =========================

15-03-2021 19:19:10 Revo Uninstaller Pro's restore point - Oracle VM VirtualBox
15-03-2021 19:36:56 Revo Uninstaller Pro's restore point - IObit Malware Fighter 8
15-03-2021 19:40:34 Revo Uninstaller Pro's restore point - Java 8 Update 281 (64-bit)
15-03-2021 19:40:45 Removed Java 8 Update 281 (64-bit)
15-03-2021 19:56:49 JRT Pre-Junkware Removal
15-03-2021 21:43:10 Revo Uninstaller Pro's restore point - MegaTrainer Ultimate Version 2.4.2.1
15-03-2021 21:43:58 Revo Uninstaller Pro's restore point - Audials 2020
15-03-2021 21:45:44 Revo Uninstaller Pro's restore point - Audacity 2.3.3
15-03-2021 21:47:13 Revo Uninstaller Pro's restore point - TAP-Windows 9.21.2
15-03-2021 21:48:00 Revo Uninstaller Pro's restore point - Need for Speed™ Heat
15-03-2021 21:48:48 Revo Uninstaller Pro's restore point - MediaMonkey 4.1
15-03-2021 21:50:21 Revo Uninstaller Pro's restore point - VdhCoApp 1.3.0
15-03-2021 21:51:02 Revo Uninstaller Pro's restore point - Office 2019 KMS Activator Ultimate 1.5
16-03-2021 01:00:38 Removed Acer Configuration Manager
16-03-2021 01:01:20 Removed Acer Jumpstart
16-03-2021 01:02:30 Removed Adobe Acrobat Reader DC - Deutsch.
16-03-2021 09:20:23 AdwCleaner_BeforeCleaning_16/03/2021_09:20:22

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: Intel High Definition DSP
Description: Intel High Definition DSP
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (03/16/2021 09:28:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm firefox.exe Version 86.0.1.7739 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18a0

Startzeit: 01d71a3d6fdff073

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Bericht-ID: 12cdbc44-db6d-4572-a0b6-84110a1843ec

Vollständiger Name des fehlerhaften Pakets:

Relative Anwendungs-ID des fehlerhaften Pakets:

Absturztyp: Top level window is idle

Error: (03/16/2021 09:19:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm firefox.exe Version 86.0.1.7739 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 276c

Startzeit: 01d719fc23afcf82

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Bericht-ID: 0ea72782-433d-4409-9b32-44a3f4221944

Vollständiger Name des fehlerhaften Pakets:

Relative Anwendungs-ID des fehlerhaften Pakets:

Absturztyp: Top level window is idle

Error: (03/16/2021 05:25:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MyIPTV.exe, Version: 1.0.0.0, Zeitstempel: 0x5f1c30bf
Name des fehlerhaften Moduls: d3d11.dll, Version: 10.0.19041.746, Zeitstempel: 0xfc177b9d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000a7f7
ID des fehlerhaften Prozesses: 0x2728
Startzeit der fehlerhaften Anwendung: 0x01d719fe3c58b7b1
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\41879VbfnetApps.MyIPTVPlayer_4.2.5.0_x64__7casf8sqhfy78\MyIPTV.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\d3d11.dll
Berichtskennung: 3c08e60a-0b5e-4129-8a32-b8106f4582c0
Vollständiger Name des fehlerhaften Pakets: 41879VbfnetApps.MyIPTVPlayer_4.2.5.0_x64__7casf8sqhfy78
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (03/16/2021 01:34:05 AM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/16/2021 01:34:05 AM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/16/2021 01:33:10 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (03/16/2021 01:33:10 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (03/16/2021 01:33:10 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.


Systemfehler:
=============
Error: (03/16/2021 09:20:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel® SGX AESM" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/16/2021 09:20:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/16/2021 09:20:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Killer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/16/2021 09:20:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/16/2021 09:20:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Predator Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/16/2021 09:20:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Capability Licensing Service TCP IP Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/16/2021 09:20:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/16/2021 09:20:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Waves Audio Services" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===============
Date: 2021-03-16 09:50:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-03-16 09:48:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen ===========================

BIOS: Insyde Corp. V1.16 10/24/2018
Hauptplatine: CFL Cayman_CFS
Prozessor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 16287.8 MB
Verfügbarer physikalischer RAM: 10063.71 MB
Summe virtueller Speicher: 18719.8 MB
Verfügbarer virtueller Speicher: 8890.87 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:237.36 GB) (Free:110.85 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:578.21 GB) NTFS
Drive e: (Filme/Serien) (Fixed) (Total:1863 GB) (Free:1798.72 GB) NTFS
Drive i: (Stick) (Removable) (Total:32 GB) (Free:31.93 GB) NTFS
Drive s: (Spiele SSD) (Fixed) (Total:465.75 GB) (Free:289.21 GB) NTFS

\\?\Volume{0a075890-a07c-4d91-9b23-ccfd1567f38f}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.5 GB) NTFS
\\?\Volume{ef626c3c-fed6-49d9-913d-dee05596b177}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 065D87BF)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 00CC3198)

Partition: GPT.

==========================================================
Disk: 2 (Size: 238.5 GB) (Disk ID: 065D8751)

Partition: GPT.

==========================================================
Disk: 3 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 58.4 GB) (Disk ID: AAAA903F)
Partition 1: (Active) - (Size=32 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt =======================
FRST


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:08 Uhr.
Seite 1 von 4 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19