FRST Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
durchgeführt von T440p (Administrator) auf THINKPAD-T440P (LENOVO 20AWS2BN00) (27-11-2022 13:30:52)
Gestartet von C:\Users\T440p\Downloads
Geladene Profile: T440p
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.2311 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareUpdaterService.exe ->) (Intel(R) MBIM Toolkit -> ) C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\Tablet\Wacom\WacomHost.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn\sqlservr.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN32EE~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN32EE~1.INF\driver\tpnumlkd.exe
(DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN32EE~1.INF\driver\tposd.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\T440p\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(explorer.exe ->) (Veeam Software Group GmbH -> Veeam Software Group GmbH) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe
(Intel(R) pGFX 2020 -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\Elgato\EpocCam\EpocCamService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) MBIM Toolkit -> ) C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareUpdaterService.exe
(services.exe ->) (Intel(R) Modem Authenticator -> Intel Mobile Communications) C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\IntelModemAuthenticator.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Sierra Wireless, Inc -> Sierra Wireless, Inc.) C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Veeam Software Group GmbH -> Veeam Software Group GmbH) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
(services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2>
(services.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.214.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(valWbioSyncSvc.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2177160 2019-03-03] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Veeam.EndPoint.Tray.exe] => C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe [854040 2022-02-20] (Veeam Software Group GmbH -> Veeam Software Group GmbH)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2266128 2022-09-08] (voidtools -> voidtools)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366944 2022-09-27] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62625080 2020-07-07] (Discord Inc. -> Discord Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3642870759-3763009426-1749550615-1001\...\Run: [f.lux] => C:\Users\T440p\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-3642870759-3763009426-1749550615-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3642870759-3763009426-1749550615-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2022-11-12] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3642870759-3763009426-1749550615-1002\...\Run: [f.lux] => C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-3642870759-3763009426-1749550615-1002\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [4970216 2022-11-10] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-3642870759-3763009426-1749550615-1002\...\Run: [org.whispersystems.signal-desktop] => C:\Users\*****\AppData\Local\Programs\signal-desktop\Signal.exe --start-in-tray (Keine Datei)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-11-14] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\Users\T440p\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\f.lux.lnk [2021-07-10]
ShortcutTarget: f.lux.lnk -> C:\Users\T440p\AppData\Local\FluxSoftware\Flux\flux.exe (F.lux Software LLC -> f.lux Software LLC)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00FA5686-E8D9-4EB6-B641-9FCBF6B70520} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {0A8C6BBC-60E9-43BC-A901-78D9A99C1485} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2610160 2019-09-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {1346216F-720C-4081-8254-95DC2296C7B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {16CFCD7E-7526-4C37-89E7-991300A29EF7} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {1D37C66E-F780-4732-BF15-1D1E4FA45AF3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22FFA487-5166-4ECC-AC9A-3CAAE80B4BF1} - System32\Tasks\Opera scheduled Autoupdate 1516536388 => C:\Users\T440p\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei)
Task: {31B144B9-05D7-4D19-ADC5-7866E62690A7} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {437DD034-FE64-4D1E-B83C-17CEBE95F04B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {44FBD5F2-B9FB-467D-85C4-C89BF0BF11F9} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {4804ED12-E362-47EE-9467-6B8EF7F69205} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3642870759-3763009426-1749550615-1001UA => C:\Users\T440p\AppData\Local\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler (Keine Datei)
Task: {4F166F4C-037C-49BE-B24D-68C533985842} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {4FD4C4CA-F4A0-46D0-B700-CB0A203C0CFE} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {5145EA45-FDFC-442B-833B-A82A81853C84} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {5AFA66EB-A73D-4CD7-9728-609260AC4020} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0ee8a0ac-f5f8-4ff1-b7a6-52f900382e3d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {60C2D8A9-F370-4686-89E2-F5E5C8EAC3FD} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {64ABA3FC-452B-484C-8269-865E69BD957F} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {6FD0045A-0C32-4815-B734-879FA563443A} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (Keine Datei)
Task: {719C0CD2-600B-4413-91E6-ADCBC5F675D4} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {737BA20E-4CD6-4E4E-942A-556EBC54FA26} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (Keine Datei)
Task: {7DBF68E2-710A-419E-9DF7-754F95892F45} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {8030A9F1-79C7-4F15-9282-B2C5A14EA3FC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9ea64018-b520-4ed7-b7cc-27c256a16a51 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {8B17F923-2650-4B95-B9B4-D4E4B33E7013} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {956D9AA6-9471-4CC8-85F3-F2D72FB6A1E9} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (Keine Datei)
Task: {A121644F-05A3-4D27-AFD6-8645842F8395} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Keine Datei)
Task: {a4995f70-75f3-4d58-b300-1d352fae80b2} - kein Dateipfad
Task: {ABB2FBD7-45EB-4CF6-B075-2C820B4D36ED} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {AE7010C1-9DBA-423A-97EF-F9B34D2BA313} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {BE354AE9-1E03-4AE1-A76C-FAE7A7A72DA8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C1FDF56E-4E4B-4676-99FD-FE9A874B1AB2} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [949632 2019-12-11] (Lenovo -> Lenovo.)
Task: {C3F845EE-D6AC-48AD-9334-0A28D07C2596} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {D0444F5B-CBF8-42F8-8199-9904EA652483} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {DC4DD2D6-A02B-48F1-9608-AFA6D839CE35} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3642870759-3763009426-1749550615-1001Core => C:\Users\T440p\AppData\Local\BraveSoftware\Update\BraveUpdate.exe /c (Keine Datei)
Task: {EB23AC06-0050-42E5-8703-57269F760846} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {F4CA7DDE-3541-4684-9126-9B42561A5FFD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\515bed08-9a38-441f-9604-021ed4ede0e8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {F72FCE3B-A74D-4FE1-B0B1-1C16570E3534} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FB34953D-2337-47ED-9EB1-47C312FC277E} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {FE3B4240-87C0-47A3-91EA-7C1A69431917} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.55
Tcpip\..\Interfaces\{4f3960a8-99af-4896-a2d3-ac42bfd96f36}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{9ae3278f-2ac9-4c39-b8f8-899e85f841b6}: [DhcpNameServer] 192.168.178.55
Tcpip\..\Interfaces\{f22d9a0d-e5b8-4f5e-95e9-944c41ef601d}: [DhcpNameServer] 192.168.178.55
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\T440p\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-27]
FireFox:
========
FF DefaultProfile: k49edf7y.default-1616839483361
FF ProfilePath: C:\Users\T440p\AppData\Roaming\Mozilla\Firefox\Profiles\k49edf7y.default-1616839483361 [2022-11-27]
FF Session Restore: Mozilla\Firefox\Profiles\k49edf7y.default-1616839483361 -> ist aktiviert.
FF Extension: (uBlock Origin) - C:\Users\T440p\AppData\Roaming\Mozilla\Firefox\Profiles\k49edf7y.default-1616839483361\Extensions\uBlock0@raymondhill.net.xpi [2022-11-27]
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
Brave:
=======
BRA Profile: C:\Users\T440p\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-01-23]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\T440p\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-01-23]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\T440p\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-01-23]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\T440p\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-01-23]
BRA Extension: (Brave NTP sponsored images) - C:\Users\T440p\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2021-01-23]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\T440p\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-01-23]
Vivaldi:
=======
VIV Profile: C:\Users\T440p\AppData\Local\Vivaldi\User Data\Default [2020-12-25]
VIV Extension: (Chrome Media Router) - C:\Users\T440p\AppData\Local\Vivaldi\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-25]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103264 2022-10-08] (Apple Inc. -> Apple Inc.)
R2 EpocCamService; C:\Program Files (x86)\Elgato\EpocCam\EpocCamService.exe [782336 2020-12-17] () [Datei ist nicht signiert]
R2 Everything; C:\Program Files\Everything\Everything.exe [2266128 2022-09-08] (voidtools -> voidtools)
R2 FirmwareUpdaterService; C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareUpdaterService.exe [108800 2017-05-03] (Intel(R) MBIM Toolkit -> )
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 IntelModemAuthenticator; C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\IntelModemAuthenticator.exe [57096 2017-05-03] (Intel(R) Modem Authenticator -> Intel Mobile Communications)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10097408 2022-11-12] (Logitech Inc -> Logitech, Inc.)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [8872736 2022-11-27] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-11-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SwiService; C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe [1551864 2017-05-03] (Sierra Wireless, Inc -> Sierra Wireless, Inc.)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\TPHKLOAD.exe [465192 2021-03-30] (Lenovo -> Lenovo Group Limited)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 VeeamEndpointBackupSvc; C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe [130072 2022-02-20] (Veeam Software Group GmbH -> Veeam Software Group GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [31744 2017-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Mobile Communications)
R1 HWiNFO; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [59888 2019-11-30] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_150; C:\WINDOWS\system32\drivers\HWiNFO64A_150.SYS [62240 2020-08-14] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_161; C:\WINDOWS\system32\drivers\HWiNFO64A_161.SYS [64528 2021-08-11] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_164; C:\WINDOWS\system32\drivers\HWiNFO64A_164.SYS [55816 2021-10-30] (Microsoft Windows Hardware Compatibility Publisher -> REALiX(tm))
R1 HWiNFO_173; C:\WINDOWS\system32\drivers\HWiNFO64A_173.SYS [56872 2022-11-27] (Microsoft Windows Hardware Compatibility Publisher -> REALiX(tm))
R3 kinonivd; C:\WINDOWS\System32\drivers\kinonivd.sys [283672 2020-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 KINONI_Wave; C:\WINDOWS\system32\drivers\kinonivad.sys [31256 2020-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-11-12] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-11-12] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-11-12] (Logitech Inc -> Logitech)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [757824 2016-12-20] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 SzCCID; C:\WINDOWS\system32\DRIVERS\SzCCID.sys [51352 2015-06-03] (AlcorMicro, Corp. -> Generic)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-11-27 13:30 - 2022-11-27 13:31 - 000033675 _____ C:\Users\T440p\Downloads\FRST.txt
2022-11-27 13:30 - 2022-11-27 13:31 - 000000000 ____D C:\FRST
2022-11-27 13:30 - 2022-11-27 13:30 - 002375680 _____ (Farbar) C:\Users\T440p\Downloads\FRST64.exe
2022-11-27 12:54 - 2022-11-27 12:54 - 000012261 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-27 12:53 - 2022-11-27 12:53 - 000297472 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-27 12:47 - 2022-11-27 12:47 - 000000000 ___HD C:\$WinREAgent
2022-11-27 12:47 - 2022-11-27 12:47 - 000000000 ____D C:\WINDOWS\Panther
2022-11-27 12:42 - 2022-11-27 12:42 - 000000000 ____D C:\Users\*****\AppData\Roaming\com.adobe.dunamis
2022-11-27 12:42 - 2022-11-27 12:42 - 000000000 ____D C:\Users\*****\.ms-ad
2022-11-27 11:44 - 2022-11-27 11:44 - 003353035 _____ C:\Users\T440p\Downloads\Emsiclean(2).zip
2022-11-27 11:44 - 2022-11-27 11:44 - 003353035 _____ C:\Users\T440p\Downloads\Emsiclean(1).zip
2022-11-27 11:40 - 2022-11-27 12:18 - 000000000 ____D C:\ProgramData\RogueKiller
2022-11-27 11:33 - 2022-11-27 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.4
2022-11-27 11:29 - 2022-11-27 11:30 - 355344384 _____ C:\Users\T440p\Downloads\LibreOffice_7.4.3_Win_x64.msi
2022-11-27 11:29 - 2022-11-27 11:29 - 004141056 _____ C:\Users\T440p\Downloads\LibreOffice_7.4.3_Win_x64_helppack_de.msi
2022-11-27 11:29 - 2022-11-27 11:29 - 004141056 _____ C:\Users\T440p\Downloads\LibreOffice_7.4.3_Win_x64_helppack_de(1).msi
2022-11-27 11:24 - 2022-11-27 11:24 - 006169504 _____ (Ghisler Software GmbH) C:\Users\T440p\Downloads\tcmd1052x64.exe
2022-11-27 11:21 - 2022-11-27 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HandBrake
2022-11-27 11:20 - 2022-11-27 11:20 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2022-11-27 11:20 - 2022-11-27 11:20 - 000000000 ____D C:\Users\T440p\AppData\Roaming\HandBrake Team
2022-11-27 11:20 - 2022-11-27 11:20 - 000000000 ____D C:\Users\T440p\AppData\Roaming\HandBrake
2022-11-27 11:19 - 2022-11-27 11:20 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-11-27 11:18 - 2022-11-27 12:21 - 000000000 ____D C:\Users\T440p\AppData\Roaming\com.adobe.dunamis
2022-11-27 11:18 - 2022-11-27 11:18 - 000000000 ____D C:\Users\T440p\.ms-ad
2022-11-27 11:14 - 2022-11-27 12:18 - 000000000 ____D C:\SecurityCheck
2022-11-27 11:14 - 2022-11-27 11:14 - 000547416 _____ (glax24 (safezone.cc)) C:\Users\T440p\Downloads\SecurityCheck.exe
2022-11-27 11:09 - 2022-11-27 11:09 - 034432944 _____ C:\Users\T440p\Desktop\RogueKiller_portable64.exe
2022-11-27 11:08 - 2022-11-27 11:09 - 034432944 _____ C:\Users\T440p\Downloads\RogueKiller_portable64.exe
2022-11-27 10:48 - 2022-11-27 10:48 - 000000000 ____D C:\Users\T440p\AppData\Roaming\BleachBit
2022-11-27 10:48 - 2022-11-27 10:48 - 000000000 ____D C:\Users\T440p\.dbus-keyrings
2022-11-27 10:45 - 2022-11-27 10:45 - 000000000 ____D C:\Users\T440p\AppData\Local\fontconfig
2022-11-27 10:33 - 2022-11-27 10:33 - 000056872 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A_173.SYS
2022-11-27 10:27 - 2022-11-27 10:27 - 004251480 _____ (Lenovo Group Limited ) C:\Users\T440p\Downloads\n1fup99w.exe
2022-11-27 10:26 - 2022-11-27 10:26 - 000000000 ____D C:\Program Files\Shotcut
2022-11-26 22:41 - 2022-11-26 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm-Fotowelt
2022-11-26 22:36 - 2022-11-26 22:36 - 000000000 ____D C:\Users\T440p\AppData\Roaming\hps-install
2022-11-20 16:22 - 2022-11-27 12:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-11-15 21:27 - 2022-11-27 12:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-11-12 12:26 - 2022-11-12 12:29 - 000000000 ____D C:\Users\T440p\AppData\Roaming\LGHUB
2022-11-12 12:26 - 2022-11-12 12:29 - 000000000 ____D C:\Users\T440p\AppData\Local\LGHUB
2022-11-12 12:26 - 2022-11-12 12:26 - 000073040 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2022-11-12 12:26 - 2022-11-12 12:26 - 000044880 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2022-11-12 12:26 - 2022-11-12 12:26 - 000032080 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2022-11-12 12:26 - 2022-11-12 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-11-12 12:26 - 2022-11-12 12:26 - 000000000 ____D C:\Program Files\LGHUB
2022-11-12 12:25 - 2022-11-12 12:26 - 000000000 ____D C:\ProgramData\LGHUB
2022-11-12 12:25 - 2022-11-12 12:25 - 041459968 _____ (Logitech, Inc.) C:\Users\T440p\Downloads\lghub_installer(1).exe
2022-11-12 12:11 - 2022-11-12 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech Kameraeinstellungen
2022-11-12 12:10 - 2022-11-12 12:10 - 103441984 _____ (Logitech Europe S.A.) C:\Users\T440p\Downloads\LogiCameraSettings_2.5.17.exe
2022-11-12 12:09 - 2022-11-12 12:09 - 080277272 _____ (Logitech Europe S.A.) C:\Users\T440p\Downloads\LogiCameraSettings_2.12.8.exe
2022-11-12 12:09 - 2022-11-12 12:09 - 041459968 _____ (Logitech, Inc.) C:\Users\T440p\Downloads\lghub_installer.exe
2022-11-12 12:05 - 2022-11-12 12:05 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk
2022-11-12 12:05 - 2022-11-12 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Krita
2022-11-12 12:04 - 2022-11-12 12:05 - 000000000 ____D C:\Program Files\Krita (x64)
2022-11-06 09:09 - 2022-11-27 12:08 - 000000000 ____D C:\Users\T440p\AppData\Roaming\AnyDesk
2022-11-06 09:09 - 2022-11-06 09:09 - 000001307 _____ C:\Users\T440p\Desktop\AnyDesk - Verknüpfung.lnk
2022-11-05 15:46 - 2022-11-05 15:46 - 000000000 ____D C:\Users\T440p\AppData\Roaming\Remotely
2022-11-05 15:43 - 2022-11-05 15:44 - 161310184 _____ (Translucency Software) C:\Users\T440p\Downloads\Remotely_Desktop.exe
2022-11-05 14:38 - 2022-11-05 14:38 - 000000000 ____D C:\Users\*****\AppData\Roaming\RustDesk
2022-11-05 10:57 - 2022-11-05 10:57 - 000000000 ____D C:\Users\T440p\AppData\Roaming\RustDesk
2022-11-05 10:08 - 2022-11-05 10:08 - 000002220 _____ C:\Users\T440p\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk
2022-11-05 10:07 - 2022-11-05 10:07 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-05 10:07 - 2022-11-05 10:07 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-05 10:07 - 2022-11-05 10:07 - 000000000 ____D C:\Program Files\Eclipse Adoptium
2022-11-05 10:05 - 2022-11-05 10:05 - 000001320 _____ C:\Users\T440p\AppData\Roaming\Microsoft\Windows\Start Menu\PDF Arranger.lnk
2022-11-05 10:01 - 2022-11-05 10:02 - 000000000 ____D C:\Program Files\KeePassXC
2022-11-05 10:01 - 2022-11-05 10:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2022-11-05 10:01 - 2022-11-05 10:01 - 000000000 ____D C:\Program Files\iTunes
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-11-27 13:28 - 2022-02-09 07:55 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-11-27 13:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-27 13:27 - 2018-05-13 21:26 - 000000000 ____D C:\Users\*****\AppData\Roaming\Everything
2022-11-27 13:27 - 2018-05-13 21:26 - 000000000 ____D C:\Users\*****\AppData\Local\Everything
2022-11-27 13:27 - 2018-03-06 18:58 - 000000000 ____D C:\Users\T440p\AppData\Roaming\WTablet
2022-11-27 13:27 - 2018-03-05 21:31 - 000000000 ____D C:\Users\*****\AppData\Roaming\WTablet
2022-11-27 13:27 - 2018-02-03 20:29 - 000000000 ____D C:\Users\T440p\AppData\LocalLow\Mozilla
2022-11-27 13:27 - 2018-01-20 18:28 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-11-27 13:27 - 2018-01-20 18:28 - 000000000 __SHD C:\Users\T440p\IntelGraphicsProfiles
2022-11-27 13:26 - 2022-08-28 14:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-27 13:26 - 2022-08-28 14:14 - 000458992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-27 13:26 - 2020-05-29 16:24 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-27 13:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-11-27 13:26 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-27 13:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-27 13:26 - 2018-02-04 13:30 - 000000000 ____D C:\ProgramData\Veeam
2022-11-27 13:26 - 2018-02-04 12:59 - 000000000 __SHD C:\Users\*****\IntelGraphicsProfiles
2022-11-27 13:26 - 2018-01-20 18:22 - 000000000 ____D C:\ProgramData\Synaptics
2022-11-27 13:25 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-11-27 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-27 13:25 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-11-27 13:25 - 2019-09-04 11:27 - 000000000 ___SD C:\Users\*****\Nextcloud
2022-11-27 13:25 - 2019-09-04 10:53 - 000000000 ____D C:\Users\*****\AppData\Roaming\Nextcloud
2022-11-27 13:24 - 2018-02-04 15:21 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2022-11-27 13:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-27 12:56 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-27 12:53 - 2022-08-28 14:14 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-27 12:42 - 2022-08-28 14:16 - 000000000 ____D C:\Users\*****
2022-11-27 12:42 - 2018-11-11 10:03 - 000000000 ____D C:\ProgramData\tmp
2022-11-27 12:42 - 2018-05-04 13:50 - 000000000 ____D C:\Users\*****\AppData\Local\Adobe
2022-11-27 12:34 - 2022-08-28 14:25 - 001722788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-27 12:34 - 2019-12-07 15:51 - 000744924 _____ C:\WINDOWS\system32\perfh007.dat
2022-11-27 12:34 - 2019-12-07 15:51 - 000150310 _____ C:\WINDOWS\system32\perfc007.dat
2022-11-27 12:33 - 2018-02-17 11:33 - 000000000 ____D C:\Install
2022-11-27 12:29 - 2018-05-12 22:18 - 000000000 ____D C:\Users\T440p\AppData\Local\Everything
2022-11-27 12:29 - 2018-05-12 11:21 - 000000000 ____D C:\Users\T440p\AppData\Roaming\Everything
2022-11-27 12:27 - 2018-02-03 20:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-27 12:25 - 2018-05-04 13:50 - 000000000 ____D C:\Users\T440p\AppData\Local\Adobe
2022-11-27 11:39 - 2018-02-17 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
2022-11-27 11:39 - 2018-02-17 11:29 - 000000000 ____D C:\Program Files\gs
2022-11-27 11:33 - 2020-09-09 18:17 - 000000000 ____D C:\Program Files\LibreOffice
2022-11-27 11:28 - 2020-04-15 13:41 - 000000000 ____D C:\Users\T440p\AppData\Roaming\Signal
2022-11-27 11:25 - 2018-02-04 20:17 - 000000000 ____D C:\Program Files\totalcmd
2022-11-27 11:21 - 2018-03-11 09:07 - 000000000 ____D C:\Program Files\HandBrake
2022-11-27 11:18 - 2022-08-28 14:16 - 000000000 ____D C:\Users\T440p
2022-11-27 11:18 - 2020-06-20 07:20 - 000000000 ____D C:\Users\T440p\AppData\LocalLow\Adobe
2022-11-27 11:00 - 2018-12-04 21:02 - 000000000 ____D C:\Users\*****\AppData\Local\D3DSCache
2022-11-27 10:53 - 2019-01-23 09:13 - 000000000 ____D C:\Users\T440p\AppData\Local\D3DSCache
2022-11-27 10:29 - 2020-02-27 16:55 - 000000000 ____D C:\WINDOWS\TempInst
2022-11-27 10:26 - 2020-05-01 13:41 - 000001896 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk
2022-11-26 21:45 - 2022-08-28 14:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-24 07:13 - 2018-02-04 09:18 - 000000000 ____D C:\ProgramData\capella-software
2022-11-23 06:16 - 2020-11-29 16:20 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-20 16:31 - 2018-02-03 20:55 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2022-11-20 15:17 - 2020-08-06 13:58 - 000000000 ____D C:\Users\*****\AppData\Local\KeePassXC
2022-11-16 09:12 - 2022-08-28 14:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-16 09:12 - 2018-02-03 20:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-11-12 12:30 - 2020-07-11 07:21 - 000000000 ____D C:\Users\T440p\AppData\Roaming\Nextcloud
2022-11-12 12:27 - 2019-05-25 08:42 - 000000000 ____D C:\Program Files\Logitech
2022-11-12 12:26 - 2018-03-06 19:02 - 000000000 ____D C:\ProgramData\Logishrd
2022-11-12 12:11 - 2018-01-20 18:44 - 000000000 ____D C:\ProgramData\Package Cache
2022-11-12 12:05 - 2019-09-04 10:48 - 000000000 ____D C:\Program Files\Nextcloud
2022-11-12 07:58 - 2022-08-28 14:22 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-12 07:58 - 2022-08-28 14:22 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 10:04 - 2018-05-01 22:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-09 09:25 - 2021-02-23 22:59 - 000001927 _____ C:\Users\*****\AppData\Local\okularrc
2022-11-09 09:23 - 2021-02-23 22:59 - 000000000 ____D C:\Users\*****\AppData\Local\okular
2022-11-09 05:59 - 2018-01-20 19:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 05:56 - 2018-01-20 19:27 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-06 11:21 - 2020-05-01 14:12 - 000000000 ____D C:\Users\*****\AppData\Roaming\obs-studio
2022-11-05 10:41 - 2018-01-20 18:21 - 000000000 ____D C:\Users\T440p\AppData\Local\Packages
2022-11-05 10:12 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-05 10:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-05 10:09 - 2018-05-20 14:43 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-11-05 10:09 - 2018-02-03 20:33 - 000000000 ____D C:\ProgramData\chocolatey
2022-11-05 10:04 - 2021-10-02 10:05 - 000000000 ____D C:\Program Files\OpenJDK
2022-11-05 10:02 - 2022-04-02 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePassXC
2022-11-05 09:57 - 2018-05-12 11:21 - 000000000 ____D C:\Program Files\Everything
2022-11-05 09:57 - 2018-02-04 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2022-11-05 09:57 - 2018-02-04 09:30 - 000000000 ____D C:\Program Files\HWiNFO64
2022-11-05 09:56 - 2022-08-28 15:11 - 000001186 _____ C:\Users\T440p\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo.lnk
2022-11-05 09:55 - 2021-07-24 07:10 - 000000000 ____D C:\Users\T440p\AppData\Local\CrashDumps
2022-11-02 08:50 - 2022-07-28 07:49 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2022-10-28 08:05 - 2021-02-13 09:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Addition Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-11-2022
durchgeführt von T440p (27-11-2022 13:32:39)
Gestartet von C:\Users\T440p\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.2311 (X64) (2022-08-28 13:22:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-3642870759-3763009426-1749550615-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3642870759-3763009426-1749550615-503 - Limited - Disabled)
Gast (S-1-5-21-3642870759-3763009426-1749550615-501 - Limited - Disabled)
***** (S-1-5-21-3642870759-3763009426-1749550615-1002 - Limited - Enabled) => C:\Users\*****
T440p (S-1-5-21-3642870759-3763009426-1749550615-1001 - Administrator - Enabled) => C:\Users\T440p
WDAGUtilityAccount (S-1-5-21-3642870759-3763009426-1749550615-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Emsisoft Anti-Malware Home (Enabled - Up to date) {67773CDD-EA83-AD98-A2ED-386463EB3B0D}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {DC16DD39-CCB9-A216-985D-0316186C71B0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat Reader MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AC0F074E4100}) (Version: 22.003.20282 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AG DSP Controller (HKLM-x32\...\{C0D0B3D0-87AA-47A2-91B5-FA11C7F2BAC2}) (Version: 1.1.0.0 - Yamaha Corporation)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3B000044}) (Version: 1.7.44.0 - Alcor Micro Corp.) Hidden
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.44.0 - Alcor Micro Corp.)
Apple Application Support (32-Bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{44325855-D4CA-4994-A27A-39FE50CE6A8E}) (Version: 16.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audiveris 5.2.4 (HKLM-x32\...\Audiveris) (Version: 5.2.4 - Audiveris Team)
balenaEtcher 1.10.2 (HKU\S-1-5-21-3642870759-3763009426-1749550615-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.10.2 - Balena Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-5895CW (HKLM-x32\...\{184BF682-537C-4CAE-8789-6696508A4032}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
CanoScan Toolbox Ver4.1 (HKLM-x32\...\{BCE46757-7674-4416-BEDB-68205A60409E}) (Version: - )
capella 8 (HKLM-x32\...\{bb5746df-3920-4cf1-b3e5-42bd3b4fe06e}) (Version: 8 - capella-software AG)
CDBurnerXP (64 bit) (HKLM\...\{99A4E14B-FC7B-4CB4-B3EC-76E014558D29}) (Version: 4.5.8.7128 - Canneverbe Limited)
Chocolatey GUI (HKLM-x32\...\{371FB148-3A23-4CD3-994C-D7E6B1D173CF}) (Version: 1.1.0.0 - Chocolatey)
Chromium (HKU\S-1-5-21-3642870759-3763009426-1749550615-1002\...\Chromium) (Version: 87.0.4280.141 - Die Chromium-Autoren)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-3642870759-3763009426-1749550615-1002\...\Discord) (Version: 0.0.306 - Discord Inc.)
dm-Fotowelt (HKLM\...\dm-Fotowelt) (Version: 7.3.1 - CEWE Stiftung u Co. KGaA)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Eclipse Temurin JDK mit Hotspot 11.0.17+8 (x64) (HKLM\...\{4729D938-29C0-46F1-9F90-1A66026FE1A7}) (Version: 11.0.17.8 - Eclipse Adoptium)
EpocCam drivers 3.0.0 (HKLM-x32\...\EpocCam drivers) (Version: 3.0.0 - Elgato)
Everything 1.4.1.1020 (x64) (HKLM\...\Everything) (Version: 1.4.1.1020 - voidtools)
Exact Audio Copy 1.6 (HKLM-x32\...\Exact Audio Copy) (Version: 1.6 - Andre Wiethoff)
f.lux (HKU\S-1-5-21-3642870759-3763009426-1749550615-1001\...\Flux) (Version: - f.lux Software LLC)
f.lux (HKU\S-1-5-21-3642870759-3763009426-1749550615-1002\...\Flux) (Version: - f.lux Software LLC)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.458.0 - International GeoGebra Institute)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.50) (Version: 9.50 - Artifex Software Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.52) (Version: 9.52 - Artifex Software Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.53.3) (Version: 9.53.3 - Artifex Software Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.54.0) (Version: 9.54.0 - Artifex Software Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.55.0) (Version: 9.55.0 - Artifex Software Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.56.0) (Version: 9.56.0 - Artifex Software Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.56.1) (Version: 9.56.1 - Artifex Software Inc.)
HandBrake 1.5.1 (HKLM-x32\...\HandBrake) (Version: 1.5.1 - )
HWiNFO64 Version 7.32 (HKLM\...\HWiNFO64_is1) (Version: 7.32 - Martin Malik - REALiX)
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{55398EAC-F58E-4F19-B553-BDF8B9EFD839}) (Version: 10.1.1.9 - Intel Corporation) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{d9e1af9c-46b1-481f-bd13-dffef7b14da2}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{e549f2da-cbe4-4fb5-b792-c16d25588d06}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5171 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1031-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2caa706-dce2-4c91-8d46-b52a3c260b20}) (Version: 21.10.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{07AC08CE-C63D-4FAE-B215-F53E13EA005F}) (Version: 21.10.1.3139 - Intel Corporation) Hidden
IrfanView 4.60 (64-bit) (HKLM\...\IrfanView64) (Version: 4.60 - Irfan Skiljan)
iTunes (HKLM\...\{84C78C95-E053-49F4-8482-E2D27D29E36D}) (Version: 12.12.6.1 - Apple Inc.)
KeePassXC (HKLM\...\{B016A590-4085-406D-BBF6-1A0F181D9571}) (Version: 2.7.4 - KeePassXC Team)
Krita (x64) 5.1.3 (HKLM\...\Krita_x64) (Version: 5.1.3.100 - Krita Foundation)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO A/S)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.20 - Lenovo) Hidden
Lenovo Migration Assistant (HKLM\...\Lenovo Migration Assistant_is1) (Version: 1.0.4.10 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
LibreOffice 7.4 Help Pack (German) (HKLM\...\{6E03D6D0-A067-4E23-8DFE-5E0B30443D61}) (Version: 7.4.3.2 - The Document Foundation)
LibreOffice 7.4.3.2 (HKLM\...\{C724CD98-7AEB-4F85-8C10-9721600CE0DA}) (Version: 7.4.3.2 - The Document Foundation)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2022.10.326382 - Logitech)
Logitech Kameraeinstellungen (HKLM-x32\...\LogiUCDPP) (Version: 2.12.20.0 - Logitech Europe S.A.)
Logitech Options (HKLM\...\LogiOptions) (Version: 7.12.43 - Logitech)
Malwarebytes version 4.5.18.226 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.18.226 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.56 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.56 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{C18B132E-4032-4425-826A-24B1CA9DFF0C}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{7ED2561C-FBC2-421E-A2B5-C7BEFD623145}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{CECCBAE9-1880-411E-9D28-8E562F6DAAE2}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
ModemAuthenticator (HKLM-x32\...\{30F2BC34-BB35-4722-9CE9-B04849D3C934}) (Version: 1.0.25 - Intel Mobile Communications)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 107.0 (x64 de)) (Version: 107.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.4.2 - Mozilla)
Mozilla Thunderbird (x86 de) (HKLM-x32\...\Mozilla Thunderbird 102.5.0 (x86 de)) (Version: 102.5.0 - Mozilla)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
MuseScore 3 (HKLM\...\{FF67E071-104C-4C42-9301-184442745671}) (Version: 3.6.2.548021803 - Werner Schweer and Others)
Nextcloud (HKLM\...\{2AA449B7-A29D-4016-871F-280CA192578B}) (Version: 3.6.2.20221110 - Nextcloud GmbH)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 28.1.2 - OBS Project)
Okular (HKLM-x32\...\Okular) (Version: 22.08.1 - KDE e.V.)
pdfarranger (HKLM\...\{20A130B6-6810-4D59-8BB2-D74FCC2AA1AD}) (Version: 1.9.1 - UNKNOWN)
Photo Common (HKLM-x32\...\{87DABDEA-47A4-4182-AA7C-2C90DAAE3117}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
qBittorrent 4.4.5 (HKLM-x32\...\qBittorrent) (Version: 4.4.5 - The qBittorrent project)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.0.0.100 - Samsung Electronics)
Scribus 1.4.6 (64bit) (HKLM\...\Scribus 1.4.6) (Version: 1.4.6 - The Scribus Team)
Scribus 1.4.8 (64bit) (HKLM\...\Scribus 1.4.8) (Version: 1.4.8 - The Scribus Team)
Shotcut (HKLM\...\Shotcut) (Version: 22.11.25 - Meltytech, LLC)
Shotcut (HKLM-x32\...\Shotcut) (Version: 20.09.27 - Meltytech, LLC)
Sierra Wireless EM7345 4G LTE Software (HKLM-x32\...\SWIIntelDrvInstaller) (Version: 2.36.10970.4674 - Sierra Wireless)
Signal 1.33.0 (HKU\S-1-5-21-3642870759-3763009426-1749550615-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 1.33.0 - Open Whisper Systems)
Simple Sudoku 4.2 (HKLM-x32\...\Simple Sudoku_is1) (Version: - )
Spitfire Audio version 3.3.18 (HKLM-x32\...\{ABC5F486-25BD-4BAA-9FA1-A84152CBB563}_is1) (Version: 3.3.18 - Spitfire Audio Holdings Ltd)
Studio 2.0 version 2.0 (HKLM-x32\...\{BC38679A-F04A-4A76-BE97-F75C890A7429}_is1) (Version: 2.0 - BrickLink Corporation)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.4.6 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.142 - Synaptics Incorporated)
TI Connect CE (HKLM-x32\...\{6FE90E22-9AFA-4895-9115-5565A204C577}) (Version: 5.4.0.1181 - Texas Instruments Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.52 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Veeam Agent for Microsoft Windows (HKLM\...\{7796202E-3320-41ED-9A2C-14613AEED3D3}) (Version: 5.0.3.4708 - Veeam Software Group GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
VueScan x64 (HKLM\...\VueScan x64) (Version: 9.7.47 - Hamrick Software)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.28-3 - Wacom Technology Corp.)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.1703 - Microsoft Corporation)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{66233218-CA57-4AB2-BA43-A97AA4635960}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{FC071B45-4A5F-408F-92F8-4D9D693E866F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Yamaha Steinberg USB Driver (HKLM\...\{0D804065-3B36-4C98-8565-21BECA0A290D}) (Version: 2.0.4 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\yUninstall_{2938B185-2D57-47B0-9FC8-C90A67BA9277}) (Version: 2.0.4 - Yamaha Corporation)
Youtube-DLG Version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos)
Zoom (HKU\S-1-5-21-3642870759-3763009426-1749550615-1002\...\ZoomUMX) (Version: 5.10.7 (6120) - Zoom Video Communications, Inc.)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-08-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-08-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-11-27] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0 [2022-11-27] (Spotify AB) [Startup Task]
Xbox Zubehör -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2209.2209.14005.0_x64__8wekyb3d8bbwe [2022-10-01] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3642870759-3763009426-1749550615-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\T440p\AppData\Local\Microsoft\OneDrive\17.3.7294.0108_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3642870759-3763009426-1749550615-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\T440p\AppData\Local\Microsoft\OneDrive\17.3.7294.0108_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3642870759-3763009426-1749550615-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\T440p\AppData\Local\Microsoft\OneDrive\17.3.7294.0108_1\amd64\FileSyncShell64.dll => Keine Datei
ShellIconOverlayIdentifiers: [ NextcloudError] -> {E0342B74-7593-4C70-9D61-22F294AAFE05} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2022-11-10] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOK] -> {E1094E94-BE93-4EA2-9639-8475C68F3886} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2022-11-10] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOKShared] -> {E243AD85-F71B-496B-B17E-B8091CBE93D2} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2022-11-10] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudSync] -> {E3D6DB20-1D83-4829-B5C9-941B31C0C35A} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2022-11-10] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudWarning] -> {E4977F33-F93A-4A0A-9D3C-83DEA0EE8483} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2022-11-10] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-26] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [NextcloudContextMenuHandler] -> {BC6988AB-ACE2-4B81-84DC-DC34F9B24401} => C:\Program Files\Nextcloud\shellext\NCContextMenu.dll [2022-11-10] (Nextcloud GmbH -> Nextcloud GmbH)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-06-26] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\T440p\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audiveris\Audiveris.lnk -> C:\Program Files\Audiveris\bin\Audiveris.bat ()
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2018-08-16 13:54 - 2018-08-16 13:54 - 001484800 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Elgato\EpocCam\avcodec-58.dll
2018-08-16 13:52 - 2018-08-16 13:52 - 000556544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Elgato\EpocCam\avutil-56.dll
2018-08-16 13:54 - 2018-08-16 13:54 - 000190464 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Elgato\EpocCam\swresample-3.dll
2018-08-16 13:55 - 2018-08-16 13:55 - 000514048 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Elgato\EpocCam\swscale-5.dll
2019-06-02 14:44 - 2005-04-22 12:36 - 000143360 _____ () [Datei ist nicht signiert] C:\WINDOWS\system32\BrSNMP64.dll
2019-06-02 14:44 - 2012-07-05 19:32 - 000084480 _____ (Brother Industries, Ltd.) [Datei ist nicht signiert] C:\WINDOWS\system32\BrNetSti.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKU\S-1-5-21-3642870759-3763009426-1749550615-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Eclipse Adoptium\jdk-11.0.17.8-hotspot\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\ProgramData\chocolatey\bin;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Wiimm\WIT;C:\Program Files\gs\gs9.56.0\bin;C:\Program Files\gs\gs9.56.1\bin;C:\Program Files\OpenJDK\jdk-19.0.1\bin;
HKU\S-1-5-21-3642870759-3763009426-1749550615-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\T440p\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
HKU\S-1-5-21-3642870759-3763009426-1749550615-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.55
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "LogiOptions"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "Discord"
HKU\S-1-5-21-3642870759-3763009426-1749550615-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3642870759-3763009426-1749550615-1001\...\StartupApproved\Run: => "LGHUB"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{1814E0F7-3C47-443D-8BBF-D1D7E5161D05}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{315D08B6-37C3-4D01-998B-F25F5C9DC28F}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{94B5B31C-F100-41E8-BC1F-F17C7F929EFB}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{38E95146-7A63-4543-9604-CF3A24FE8ACA}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{78736130-A5E5-4142-B3E9-9D2D3A41CD61}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{B98FA0DC-EDC4-4E4F-A95D-B24C4EB80956}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{CC7BD406-3370-4F02-A779-20BA23A49E37}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{740DE38B-7DF3-4D1F-B62C-5A71544ACF16}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{1338CB67-CB87-4F83-A6DD-CA565E6AFDAD}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{2F410656-CF22-4BD4-9E29-F4EB3FF1E38E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => Keine Datei
FirewallRules: [{0E6DB209-B519-487E-942D-BD7080AC7C6A}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => Keine Datei
FirewallRules: [UDP Query User{144479DC-BCE5-4A70-B122-B849B0C4BE72}C:\program files\savoir-faire linux\jami\jami.exe] => (Allow) C:\program files\savoir-faire linux\jami\jami.exe => Keine Datei
FirewallRules: [TCP Query User{81A49DC8-5663-4961-B78E-584F1850B487}C:\program files\savoir-faire linux\jami\jami.exe] => (Allow) C:\program files\savoir-faire linux\jami\jami.exe => Keine Datei
FirewallRules: [{63A148AA-B6A5-47FA-AA5D-64C9EE29A622}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{B5F3F566-690D-4C04-99FF-E184C9652892}] => (Allow) LPort=54925
FirewallRules: [{DF258AD8-B8EF-4977-BDE7-69A72169CD17}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{2D01A97C-9A1F-49EE-B429-F5E50A5221FE}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\maService.exe (Lenovo -> )
FirewallRules: [{878AF37D-C744-463F-9D42-EF473AED24C9}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\maService.exe (Lenovo -> )
FirewallRules: [{DA82EACC-DC0E-4580-9027-D17267FD0688}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\MigrationAssistant.exe (Lenovo -> )
FirewallRules: [{9F7F0974-C4E6-41B6-87E7-298B54C234BE}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\MigrationAssistant.exe (Lenovo -> )
FirewallRules: [{930D0D9E-2237-4C93-9EC8-6469B5D7526C}] => (Allow) LPort=1900
FirewallRules: [{C2AEC629-56CA-415E-9266-3EEB5A19A663}] => (Allow) LPort=2869
FirewallRules: [{7738E76E-D979-4BD3-A2B2-D305C9CC728E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0186BB83-1008-4E88-977A-3A214FF824C0}] => (Allow) C:\Users\T440p\AppData\Local\Programs\Opera\48.0.2685.50\opera.exe => Keine Datei
FirewallRules: [{1E162EC1-4E14-4DBC-A062-AB1B06DD16ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{04C04A42-5345-4832-BD5A-B5D0F3321D11}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DFA3E9D6-6929-4EBE-AB8A-D5D3FD000C1F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BC6032AC-769D-4230-9B69-EA4B3DE517F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{110A47DC-D22C-4A7D-8B3D-C15DD40C9DF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{74FAF901-BE51-4171-91C0-3067774A15DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C19671A-59BC-46DB-873A-7DF940807BE7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DAF0F07D-1DB3-422A-8593-B6239C584BF0}] => (Allow) LPort=5055
FirewallRules: [{B8273009-6C9C-45CF-9513-A4FD14C9D728}] => (Allow) LPort=5055
FirewallRules: [{766E2261-4891-4D50-8912-AC82CF04FFD4}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software)
FirewallRules: [{7C0D55BD-D813-4C91-B90E-EB4C6D1C827E}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software)
FirewallRules: [TCP Query User{D39808C2-69BB-4C8F-B363-CF4A3D05823E}C:\users\*****\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\*****\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{63298AC6-474E-4861-B43A-6031C3CF86B0}C:\users\*****\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\*****\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6D975737-1C16-4E4E-8F75-B10ADC63CD26}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Datei ist nicht signiert]
FirewallRules: [{A4B8AEC4-E559-4809-9704-1AF0171133FD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Datei ist nicht signiert]
FirewallRules: [{2C42DA3A-1F9E-49E0-AB9C-FFBD4B6C5A60}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DACC51E6-9D11-43C3-9EAB-692B8FA7A36C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{61A48454-DE14-4824-B072-0E4B70C1C6CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CC680224-0EDB-4BC2-AD96-AEE65F508686}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{683B0A7F-58C1-498A-855C-A388A8D882F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01A8F457-2CE8-4300-83E5-A324FE984CF7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4FB8E9AA-043A-408F-9329-DA32129AE8BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DBEB035-DF3D-4724-91B6-9A18D0F48B1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D72D25D2-07C7-42ED-881A-2D06D7EDBFA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{810D703E-6BF9-421A-88F1-8C5B7ADA51DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{758F3BE2-83F9-4CA9-A90E-F73C1E05C927}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{42F8A0D9-B2D0-4C40-8DA1-D4A49C4E229C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4574E8D3-ED23-4EB1-8EC1-7F40FA9F535C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AC77BAEE-8D12-4751-BF2A-12B4502B1A68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.199.878.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{23130941-74DE-4B9B-A5A2-643F7BA8AE2B}C:\programdata\chocolatey\lib\anydesk.portable\tools\anydesk.exe] => (Allow) C:\programdata\chocolatey\lib\anydesk.portable\tools\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{125F9036-FDD7-4574-93F0-7B0328271A52}C:\programdata\chocolatey\lib\anydesk.portable\tools\anydesk.exe] => (Allow) C:\programdata\chocolatey\lib\anydesk.portable\tools\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
==================== Wiederherstellungspunkte =========================
27-11-2022 12:47:28 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (11/27/2022 01:28:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network.
Error: (11/27/2022 12:29:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network.
Error: (11/27/2022 10:25:33 AM) (Source: Firefox Default Browser Agent) (EventID: 1155) (User: )
Description: Event-ID 1155
Error: (11/26/2022 10:53:35 PM) (Source: EventSystem) (EventID: 4622) (User: )
Description: Das COM+-Ereignissystem konnte den Abonnenten für das Abonnement {3A4D8E9E-2410-49C8-8509-0301011284F4}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} nicht marshallen. HRESULT war 8007071a.
Error: (11/26/2022 12:40:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Veeam.EndPoint.Service.exe, Version: 5.0.3.4708, Zeitstempel: 0x6212bc88
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.2193, Zeitstempel: 0x7f7062e1
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000002cd29
ID des fehlerhaften Prozesses: 0x49d4
Startzeit der fehlerhaften Anwendung: 0x01d9016847998211
Pfad der fehlerhaften Anwendung: C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 3cc34919-7ad9-4943-83a6-5b46ac6deede
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/26/2022 12:40:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Veeam.EndPoint.Service.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Data.SqlClient.SqlException
bei System.Data.SqlClient.SqlConnection.OnError(System.Data.SqlClient.SqlException, Boolean, System.Action`1<System.Action>)
bei System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(System.Data.SqlClient.TdsParserStateObject, Boolean, Boolean)
bei System.Data.SqlClient.TdsParser.TryRun(System.Data.SqlClient.RunBehavior, System.Data.SqlClient.SqlCommand, System.Data.SqlClient.SqlDataReader, System.Data.SqlClient.BulkCopySimpleResultSet, System.Data.SqlClient.TdsParserStateObject, Boolean ByRef)
bei System.Data.SqlClient.SqlDataReader.TryConsumeMetaData()
bei System.Data.SqlClient.SqlDataReader.get_MetaData()
bei System.Data.SqlClient.SqlCommand.FinishExecuteReader(System.Data.SqlClient.SqlDataReader, System.Data.SqlClient.RunBehavior, System.String, Boolean, Boolean, Boolean)
bei System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(System.Data.CommandBehavior, System.Data.SqlClient.RunBehavior, Boolean, Boolean, Int32, System.Threading.Tasks.Task ByRef, Boolean, Boolean, System.Data.SqlClient.SqlDataReader, Boolean)
bei System.Data.SqlClient.SqlCommand.RunExecuteReader(System.Data.CommandBehavior, System.Data.SqlClient.RunBehavior, Boolean, System.String, System.Threading.Tasks.TaskCompletionSource`1<System.Object>, Int32, System.Threading.Tasks.Task ByRef, Boolean ByRef, Boolean, Boolean)
bei System.Data.SqlClient.SqlCommand.RunExecuteReader(System.Data.CommandBehavior, System.Data.SqlClient.RunBehavior, Boolean, System.String)
bei System.Data.SqlClient.SqlCommand.ExecuteReader(System.Data.CommandBehavior, System.String)
bei System.Data.SqlClient.SqlCommand.ExecuteReader(System.Data.CommandBehavior)
bei Veeam.Backup.DBManager.CDbAccessor.ExecDataReader(System.String, System.Data.CommandBehavior, Int32, System.Data.SqlClient.SqlParameter[])
Ausnahmeinformationen: Veeam.Backup.Common.CSqlException
bei Veeam.Backup.Common.CExceptionUtil.ThrowSqlException(System.Exception)
bei Veeam.Backup.DBManager.CDbAccessor.ExecDataReader(System.String, System.Data.CommandBehavior, Int32, System.Data.SqlClient.SqlParameter[])
bei Veeam.Backup.DBManager.CJobsSessionsDbScope.FindSession(System.Guid)
bei Veeam.Backup.Service.CJobRunner.WouldTheFailedJobBeRetried(System.Guid)
bei Veeam.Backup.Service.CJobsMngr.WouldTheFailedJobBeRetried(System.Guid)
bei Veeam.Backup.Service.CJobMgmtService.Veeam.Backup.Interaction.Management.IJobManagementService.WouldTheFailedJobBeRetried(System.Guid)
bei Veeam.Backup.Core.CBackupJob.get_IsRequireRetry()
bei System.Linq.Enumerable.Any[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>)
bei Veeam.EndPoint.CExternalConnectionEstablishedEvent.NetworkAddressChanged(System.Object, System.EventArgs)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.AddressChangedCallback(System.Object, Boolean)
bei System.Threading._ThreadPoolWaitOrTimerCallback.PerformWaitOrTimerCallback(System.Object, Boolean)
Error: (11/26/2022 09:11:46 AM) (Source: Firefox Default Browser Agent) (EventID: 1155) (User: )
Description: Event-ID 1155
Error: (11/25/2022 06:25:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Veeam.EndPoint.Service.exe, Version: 5.0.3.4708, Zeitstempel: 0x6212bc88
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.2193, Zeitstempel: 0x7f7062e1
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000002cd29
ID des fehlerhaften Prozesses: 0xb88
Startzeit der fehlerhaften Anwendung: 0x01d900e1a133d7f8
Pfad der fehlerhaften Anwendung: C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 6e163cee-a6d5-4070-9eb3-29e510588041
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (11/27/2022 01:27:16 PM) (Source: DCOM) (EventID: 10010) (User: THINKPAD-T440P)
Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/27/2022 01:27:16 PM) (Source: DCOM) (EventID: 10010) (User: THINKPAD-T440P)
Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/27/2022 12:27:09 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (11/27/2022 10:52:04 AM) (Source: DCOM) (EventID: 10010) (User: THINKPAD-T440P)
Description: Der Server "{9AA46009-3CE0-458A-A354-715610A075E6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/26/2022 12:40:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Veeam Agent for Microsoft Windows" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert.
Error: (11/25/2022 06:25:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Veeam Agent for Microsoft Windows" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (11/25/2022 04:20:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Veeam Agent for Microsoft Windows" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/25/2022 03:16:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Veeam Agent for Microsoft Windows" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Windows Defender:
================
Date: 2022-11-27 13:12:38
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {FBA1DD47-8C5F-4553-8B86-3F9A1D42B6E0}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2022-11-27 12:41:41
Description:
C:\Program Files\dm\dm-Fotowelt\dm-Fotowelt.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Pictures\Meine Fotos\Danke Konfirmation_mcf-Dateien zu ändern.
Erkennungszeit: 2022-11-27T11:41:41.108Z
Benutzer: THINKPAD-T440P\*****
Pfad: %userprofile%\Pictures\Meine Fotos\Danke Konfirmation_mcf-Dateien
Prozessname: C:\Program Files\dm\dm-Fotowelt\dm-Fotowelt.exe
Sicherheitsversion: 1.379.1034.0
Modulversion: 1.1.19800.4
Produktversion: 4.18.2210.6
Date: 2022-11-27 12:17:11
Description:
C:\ProgramData\chocolatey\lib\anydesk.portable\tools\AnyDesk.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Videos\AnyDesk zu ändern.
Erkennungszeit: 2022-11-27T11:17:11.290Z
Benutzer: THINKPAD-T440P\T440p
Pfad: %userprofile%\Videos\AnyDesk
Prozessname: C:\ProgramData\chocolatey\lib\anydesk.portable\tools\AnyDesk.exe
Sicherheitsversion: 1.379.1030.0
Modulversion: 1.1.19800.4
Produktversion: 4.18.2210.6
Date: 2022-11-27 12:11:22
Description:
C:\ProgramData\chocolatey\lib\anydesk.portable\tools\AnyDesk.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Videos zu ändern.
Erkennungszeit: 2022-11-27T11:11:22.365Z
Benutzer: THINKPAD-T440P\T440p
Pfad: %userprofile%\Videos
Prozessname: C:\ProgramData\chocolatey\lib\anydesk.portable\tools\AnyDesk.exe
Sicherheitsversion: 1.379.1030.0
Modulversion: 1.1.19800.4
Produktversion: 4.18.2210.6
Date: 2022-11-27 12:10:24
Description:
C:\ProgramData\chocolatey\lib\anydesk.portable\tools\AnyDesk.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Videos\AnyDesk zu ändern.
Erkennungszeit: 2022-11-27T11:10:24.416Z
Benutzer: THINKPAD-T440P\T440p
Pfad: %userprofile%\Videos\AnyDesk
Prozessname: C:\ProgramData\chocolatey\lib\anydesk.portable\tools\AnyDesk.exe
Sicherheitsversion: 1.379.1030.0
Modulversion: 1.1.19800.4
Produktversion: 4.18.2210.6
CodeIntegrity:
===============
Date: 2022-11-27 13:29:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.
Date: 2022-11-27 13:29:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: LENOVO GLETA2WW (2.56 ) 07/16/2021
Hauptplatine: LENOVO 20AWS2BN00
Prozessor: Intel(R) Core(TM) i5-4300M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 58%
Installierter physikalischer RAM: 8076.04 MB
Verfügbarer physikalischer RAM: 3329.71 MB
Summe virtueller Speicher: 9356.04 MB
Verfügbarer virtueller Speicher: 4045.3 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:463.47 GB) (Free:121.24 GB) (Model: Samsung SSD 850 EVO 500GB) NTFS
\\?\Volume{5713288c-0dd3-11e8-bd6e-7c7a91c716e5}\ (Wiederherstellung) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS
\\?\Volume{bf8bd3c2-b689-49bd-9b65-923a0d439778}\ () (Fixed) (Total:1.69 GB) (Free:0.94 GB) NTFS
\\?\Volume{7c56b53b-ff41-4530-bb03-b8375d3313e7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt =======================
|
SecurityCheck zeigt gelöschtes AV-Programm als aktiv an
(https://www.trojaner-board.de/205597-securitycheck-zeigt-geloeschtes-av-programm-aktiv.html)