alex_esp | 11.05.2021 16:37 | Hallo Matthias, danke für deine ausführliche Antwort.
Da habe ich/wir Europol wohl etwas zu verdanken.
Die zip. Datei habe ich auf BleepingComputer hochgeladen.
Ich habe alle Logs durchgeführt. Vielen Dank für deine Hilfe.
MBAM: Code:
Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 11.05.21
Scan-Zeit: 16:55
Protokolldatei: e43d31e0-b268-11eb-9875-9cb6d0e08ba8.json
-Softwaredaten-
Version: 4.3.3.116
Komponentenversion: 1.0.1292
Version des Aktualisierungspakets: 1.0.40330
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19041.928)
CPU: x64
Dateisystem: NTFS
Benutzer: WINDELL-788D1Q2\Alexander
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 357091
Erkannte Bedrohungen: 6
In die Quarantäne verschobene Bedrohungen: 6
Abgelaufene Zeit: 6 Min., 48 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 2
Adware.KeenValue, HKLM\SOFTWARE\WOW6432NODE\Updater, In Quarantäne, 7033, 212959, 1.0.40330, , ame, , ,
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Updater, In Quarantäne, 502, 541219, , , , , ,
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 1
PUP.Optional.StartFenster, C:\PROGRAMDATA\UPDATER, In Quarantäne, 502, 541219, 1.0.40330, , ame, , ,
Datei: 3
PUP.Optional.StartFenster, C:\PROGRAMDATA\UPDATER\CHECK-UPDATE.EXE, In Quarantäne, 502, 541219, 1.0.40330, , ame, , 6DAE4EBB66DC2A5B1F9D14B4AA8787BA, BFC9F2E5D39F869702F7A080BE369699264CB82A65FF6C39C1F6951D294A8687
PUP.Optional.StartFenster, C:\ProgramData\Updater\setup.ico, In Quarantäne, 502, 541219, , , , , A60B9AFB2DBC13DBFCFE4172325D1712, B2199B7933227655475B64C50AFE09E1DB10D511A248283DDD8EE88EF794A680
PUP.Optional.StartFenster, C:\ProgramData\Updater\uninstall.exe, In Quarantäne, 502, 541219, , , , , 370E7109FBCCE328A0D926A6BD6E55D9, 569F5E05CED3AF9FA24483176878694C9C2E404433A199D4B88C2FF2CA818B30
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end) AdwCleaner Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-28.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-11-2021
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 4
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\vlc.de
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.vlc.de
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\vlc.de
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.vlc.de
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5160 octets] - [11/05/2021 17:11:57]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## Addition Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-05-2021
durchgeführt von Alexander (11-05-2021 17:22:11)
Gestartet von C:\Users\Alexander\Downloads
Windows 10 Home Version 2004 19041.928 (X64) (2020-10-08 13:14:02)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-648673255-3041033212-2045848966-500 - Administrator - Disabled)
Alexander (S-1-5-21-648673255-3041033212-2045848966-1001 - Administrator - Enabled) => C:\Users\Alexander
DefaultAccount (S-1-5-21-648673255-3041033212-2045848966-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-648673255-3041033212-2045848966-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-648673255-3041033212-2045848966-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-648673255-3041033212-2045848966-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe Animate 2021 (HKLM-x32\...\FLPR_21_0_5) (Version: 21.0.5 - Adobe Inc.)
Adobe Character Animator 2020 (HKLM-x32\...\CHAR_3_5) (Version: 3.5 - Adobe Inc.)
Adobe Character Animator 2021 (HKLM-x32\...\CHAR_4_0) (Version: 4.0 - Adobe Inc.)
Adobe Connect (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Adobe Connect App) (Version: 2020.1.5.32 - Adobe Systems Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_2_3) (Version: 25.2.3 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_1) (Version: 16.1 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_2) (Version: 10.2 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_9) (Version: 14.9 - Adobe Inc.)
Adobe Media Encoder 2021 (HKLM-x32\...\AME_15_1) (Version: 15.1 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_3_1) (Version: 22.3.1.122 - Adobe Inc.)
Adobe Premiere Rush (HKLM-x32\...\RUSH_1_5_58) (Version: 1.5.58 - Adobe Inc.)
ANT Drivers Installer x64 (HKLM\...\{9A9FF300-3725-4934-A0D7-86F109A88ACF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.61.1 - Asmedia Technology)
AutoCAD 2018 - Deutsch (German) (HKLM\...\{28B89EEF-1001-0407-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - Deutsch (German) (HKLM\...\AutoCAD 2018 - Deutsch (German)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk Desktop-App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.378 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.)
Backuptrans Android WhatsApp to iPhone Transfer (x64) 3.2.148 (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Backuptrans Android WhatsApp to iPhone Transfer (x64)) (Version: 3.2.148 - Backuptrans)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.14.74 - Bitdefender)
Cisco Webex Meetings (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\ActiveTouchMeetingClient) (Version: 41.5.3 - Cisco Webex LLC)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.7.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{C5A70974-2F89-4BE0-90F7-749E62468C4D}) (Version: 3.8.1.23 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{6B991B44-B938-4902-BDF3-186CBDC62AD3}) (Version: 5.1.4.11989 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{34685541-a19e-4537-97c9-082238790346}) (Version: 5.1.4.11989 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{3C4F6923-3BE1-4E6C-8DEE-9EEF1E433795}) (Version: 5.2.1.12926 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{8d32f870-d6fd-4420-b5cb-c29ac65f628d}) (Version: 5.2.1.12926 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.1.0 - Dell Inc.)
Discord (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 121.4.4267 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{9427DAC2-91FD-418E-87D4-8914B437CC06}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{0934EADA-3DAF-4A21-829D-1BB3C315DCB4}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{d3b4366e-9163-44f4-a381-d431031c2841}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
iCloud Outlook (HKLM\...\{BF2241BF-20CC-490B-B7BE-761B80E20114}) (Version: 11.6.0.32 - Apple Inc.)
Image Resizer for Windows (64 bit) (HKLM\...\{2A1F3759-5792-469B-B895-7E29680F02F1}) (Version: 3.1.1.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{92916BDF-74CB-479C-B69E-32EACB074FFE}) (Version: 3.1.1.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{c624f5da-779e-4ccb-9ce1-34bc5ef0a6b9}) (Version: 3.1.1.0 - Brice Lambson)
Intel Processor Diagnostic Tool 64bit (HKLM\...\{D011AAF9-F756-43AB-8E91-47ADF0D86394}) (Version: 4.0.0.29 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.372 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 2.2.1.31 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation)
Malwarebytes version 4.3.3.116 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.3.116 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.13929.20296 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox 87.0 (x64 de) (HKLM\...\Mozilla Firefox 87.0 (x64 de)) (Version: 87.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 87.0.0.7747 - Mozilla)
Mozilla Thunderbird 78.10.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 78.10.0 (x86 de)) (Version: 78.10.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden
Opera Stable 76.0.4017.107 (HKLM-x32\...\Opera 76.0.4017.107) (Version: 76.0.4017.107 - Opera Software)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.825 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.21313 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.250 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.39.518.2020 - Realtek)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 - Samsung Electronics Co., Ltd.)
SketchUp 2017 (HKLM\...\{C711666A-E8CC-4E2A-802F-BAA35E76045F}) (Version: 17.2.2555 - Trimble Navigation Limited)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20013.2 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20013.2 - Samsung Electronics Co., Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steuer-Ratgeber 2017-2018 (HKLM-x32\...\{09578E80-CE8C-47E6-A055-8C49C616541F}) (Version: 18.05.1 - Wolters Kluwer Deutschland GmbH)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Vectorworks 2018 (HKLM\...\Vectorworks 2018 SP1 23.0.0) (Version: 23.0.0 - Vectorworks, Inc.)
Vectorworks 2021 (HKLM\...\Vectorworks 2021 26.0.2) (Version: 26.0.2 - Vectorworks, Inc.)
Verfügbare Autodesk-Apps 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Zoom (HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)
Zotero (HKLM-x32\...\Zotero 5.0.96 (x86 en-US)) (Version: 5.0.96 - Corporation for Digital Scholarship)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-10] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-11] (Adobe Systems Incorporated)
Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_39.0.12.12_x64__adky2gkssdxte [2021-04-18] (Adobe Systems Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.7.10.0_x64__htrsf667h5kn2 [2020-10-06] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.8.10.0_x64__htrsf667h5kn2 [2021-02-14] (Dell Inc)
Dropbox für S Modus -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.4.0_x64__xbfy0k16fey96 [2021-03-19] (Dropbox Inc.)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-10] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa [2021-05-07] (Apple Inc.) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-24] (Apple Inc.) [Startup Task]
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.2.3267.0_x64__rh07ty8m5nkag [2021-01-07] (Rivet Networks LLC) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-23] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-10-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.43.41241.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-12-18] (Adobe Systems Incorporated)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0 [2021-05-04] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.8.0_x86__xpfg3f7e9an52 [2021-03-19] (New Work SE)
ZDFmediathek -> C:\Program Files\WindowsApps\ZDFGemeinntzigeAnstaltdes.ZDFmediathek_4.0.0.0_neutral__h3zwtz978ayka [2020-04-11] (ZDF Gemeinnützige Anstalt des öffentlichen Rechts)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-417AC85DF7F7} -> [Creative Cloud Files] => C:\Users\Alexander\Creative Cloud Files [2019-12-16 23:09]
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Alexander\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{14097043-DE9D-461F-BC24-E07F11A17748} -> [iCloud Drive] => C:\Users\Alexander\iCloudDrive [2021-02-14 01:42]
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2B663ECE-5770-491c-A474-F98603C40681}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2B93DB32-8D98-4438-93B5-5C2CC3441999}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{74562BED-63D6-4234-A386-937DB6FA38AE}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{7C90F737-950A-49eb-B6C1-EE1744C75E97}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{868D9612-74A1-405b-9758-369138103193}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{A6589972-5623-4F20-B23A-ACA747BCE141} -> [iCloud-Fotos] => C:\Users\Alexander\Pictures\iCloud Photos\Photos [2021-02-14 01:42]
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{BB9F1D04-94AB-40b7-ABAE-33D2637F6340}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{CC3BE603-926A-40ae-9570-4258474F0364}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{DD0B2199-F2FD-41eb-B744-B06B100B9A43}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\de-DE\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Alexander\Dropbox [2018-06-28 21:37]
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{F5756047-E218-465a-AC4C-FD04238C4896}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{F9748CB6-1CCB-4557-905E-8D42C83AAEB6}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-648673255-3041033212-2045848966-1001_Classes\CLSID\{FC072C1A-25CB-49e7-8F79-F2A8B8C3289D}\InprocServer32 -> c:\program files (x86)\adobe\acrobat dc\pdfmaker\autocad\2018\64\acrobatacadic.dbx (Adobe Inc. -> Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet]
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2018-05-26] (Open Source Developer, Brice Lambson -> Brice Lambson)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet]
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0e885955e29b0a55\igfxDTCM.dll [2020-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-28] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-11] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2021-02-02 07:49 - 2021-02-02 07:49 - 000022016 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu
2019-07-15 11:20 - 2019-07-15 11:20 - 000126976 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\Software\Classes\.scr: AutoCADScriptFile =>
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\sharepoint.com -> hxxps://ittuberlin-files.sharepoint.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2018-01-29 18:40 - 2019-05-15 11:58 - 000000583 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 WINDELL-788D1Q2.mshome.net # 2023 1 6 28 19 50 14 310
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;%INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-648673255-3041033212-2045848966-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alexander\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\WP_20161123_001.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
MSCONFIG\Services: AdAppMgrSvc => 2
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "DellSystemDetect"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\StartupApproved\Run: => "PTOneClick"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{E754BBBD-97EA-4E07-9FB1-AAD2BBDA387B}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{80B9C1B4-A921-41FB-8EF0-B94A648EC0DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{E087B767-2069-4582-8C83-A1B0EF12A2BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{AFF85466-C59C-494D-83E9-7D2C997CF3B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F0D8AC4-7174-4370-8F55-C4551ACFAECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A236464-FD3E-46CB-87F4-72894242EE4A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{35CCB881-813F-4540-AF0F-875762A7FF95}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{48006030-7A54-48DD-B058-CC3C3C4F3947}C:\program files\vectorworks 2018\vectorworks2018e.exe] => (Allow) C:\program files\vectorworks 2018\vectorworks2018e.exe (Vectorworks, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{DD68D86A-7150-47DB-A2EF-5557347A05A9}C:\program files\vectorworks 2018\vectorworks2018e.exe] => (Allow) C:\program files\vectorworks 2018\vectorworks2018e.exe (Vectorworks, Inc.) [Datei ist nicht signiert]
FirewallRules: [{F6B0E415-F85F-437A-82FD-AB5D5004A6B5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EA77759E-B2D3-43B8-93CE-5207C7272500}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{483E5BFB-6D4D-4247-A80A-FBCBCFC31DF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{6690DE8A-F57A-4C1E-883A-93D7D7627001}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{CFE88206-3FCB-49A0-8756-5EBF8A74C424}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{F52E2221-4A06-48BD-9282-7330219466DC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{C25F53E3-4342-48B3-A8F3-6B2CE00396A1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2D271FB1-5269-4B66-BADD-0B67C4F1FCCF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{72AA914A-6EB9-4B07-A461-8DBC44F3AD79}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3E5D7440-F1E5-4319-9100-99C5F566AF1F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7DF98843-DE51-462F-94E1-0178AFEFA45F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1F9AEAF3-976A-4A5B-92B0-CEE354FA968F}] => (Allow) C:\Users\Alexander\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AAB4249F-1C71-47D6-9005-7B299A1AB100}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{222F66A3-40C3-4DBD-8CC3-CD016EEAD05A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F241C3C-4B22-4C66-84C7-D50DD98C6C29}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{82B5D8AD-60A7-4C1B-BA0D-606A97A2FB22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{934D76D1-06D9-4A10-ACDD-9591906EAC38}C:\program files\vectorworks 2021\vectorworks2021.exe] => (Allow) C:\program files\vectorworks 2021\vectorworks2021.exe (Vectorworks, Inc. -> Vectorworks, Inc.)
FirewallRules: [UDP Query User{F1C0FB4F-15D5-4060-B752-52EE18DED36F}C:\program files\vectorworks 2021\vectorworks2021.exe] => (Allow) C:\program files\vectorworks 2021\vectorworks2021.exe (Vectorworks, Inc. -> Vectorworks, Inc.)
FirewallRules: [{EA7B77BC-A7F2-4C7A-B292-8B36E7BBA7D0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C404C255-0D04-4380-8EE6-7EE337F0435E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AA3C7658-CB53-435E-85D8-E2E7E2D885A2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C1ED9B27-2E6F-44A6-A721-EDB8F1A2E289}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4853D7C9-3DF9-42B3-893E-8C0A6ABD402E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E26472D1-F4B4-4AD2-BF4A-FFB62A4F8044}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CD3BD8CA-5099-4F48-A09E-B9B269333FB8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{416ACCDB-4F04-4F56-8F0A-FAB5EF81A9E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9C91020-C778-40FF-9C05-5F289F28C466}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{912EA4AD-C128-4B7E-B1D7-580376052815}] => (Allow) C:\Program Files\Opera\75.0.3969.243\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AE733746-39CC-4EC2-9AD9-6BB4D7C4FE8F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{9A687CCB-9BBC-4D02-8385-6915C4AFB146}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C843FD68-E427-4151-B334-05CF758AF34B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6ADC3378-9FBC-4853-B137-5A36CA3AE6D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F2CDDFD-68DF-4DCF-8563-A309C7DBD164}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FEDCD465-310A-4E37-80B2-491E66E8A578}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9251C962-E2A1-43F8-A124-1FF45B9D72A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB2B392C-7B41-498D-B7BB-D5DADA110316}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C2435453-B77D-4FE9-B490-F8D1AF02015A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{685F4A03-C602-4664-8B8F-41ADB4DB7028}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D84C1348-BCCE-4D64-8315-5F622B978D7D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{629965F4-B3DB-4BF1-9EDC-A90239351E03}] => (Allow) C:\Program Files\Opera\76.0.4017.107\opera.exe (Opera Software AS -> Opera Software)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:475.47 GB) (Free:64.28 GB) (14%)
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (05/11/2021 04:30:05 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
Error: (05/11/2021 04:28:34 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
Error: (05/11/2021 09:59:44 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
Error: (05/11/2021 09:32:23 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
Error: (05/10/2021 09:08:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 2020.20120.4004.0, Zeitstempel: 0x5fcaab3d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.906, Zeitstempel: 0x2f2f77bf
Ausnahmecode: 0x80131623
Fehleroffset: 0x000000000010b2dc
ID des fehlerhaften Prozesses: 0x72e0
Startzeit der fehlerhaften Anwendung: 0x01d7457281e4cab6
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: b07e1f55-5c36-424e-b1f6-0b9b611c26b2
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (05/10/2021 09:08:27 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000008000700000000
Error: (05/10/2021 07:00:03 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "M:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).
Error: (05/10/2021 09:28:59 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "M:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).
Systemfehler:
=============
Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Killer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Killer Analytics Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Print Scan Doctor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Dell Data Vault Processor" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell SupportAssist Remediation" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Dell Data Vault Collector" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/11/2021 05:18:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ProductAgentService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===============
Date: 2021-05-11 16:55:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider64.dll that did not meet the Windows signing level requirements.
Date: 2021-05-11 16:31:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider32.dll that did not meet the Microsoft signing level requirements.
Date: 2021-05-11 09:32:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\265252192172810404\antimalware_provider64.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: Dell Inc. 2.13.0 11/14/2019
Hauptplatine: Dell Inc. 0D4J15
Prozessor: Intel(R) Core(TM) i7-7560U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 16108.16 MB
Verfügbarer physikalischer RAM: 9587.46 MB
Summe virtueller Speicher: 28062.98 MB
Verfügbarer virtueller Speicher: 17862.78 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:475.47 GB) (Free:64.29 GB) NTFS
\\?\Volume{c09336f2-25d2-4235-a503-e804e80b5728}\ (WinRE) (Fixed) (Total:0.39 GB) (Free:0.38 GB) NTFS
\\?\Volume{7d4aa265-23a7-40a9-a30c-986b920e2ba9}\ () (Fixed) (Total:0.85 GB) (Free:0.3 GB) NTFS
\\?\Volume{03b7b388-dc7a-4570-8cb9-5725c646b0a6}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ======================= FRST Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-05-2021
durchgeführt von Alexander (Administrator) auf WINDELL-788D1Q2 (Dell Inc. XPS 13 9360) (11-05-2021 17:20:17)
Gestartet von C:\Users\Alexander\Downloads
Geladene Profile: defaultuser0 & Alexander
Platform: Windows 10 Home Version 2004 19041.928 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_WAVES_SKYLAKE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-07] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-05] (Adobe Inc. -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> )
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680728 2021-05-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [Discord] => C:\Users\Alexander\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30885360 2020-03-04] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [PTOneClick] => C:\Users\Alexander\AppData\Local\Webex\Webex\Applications\ptoneclk.exe [7184192 2020-04-12] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-21] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Alexander\AppData\Local\WebEx\ciscowebexstart.exe [3711704 2021-04-30] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2763952 2021-05-07] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Uninstall 21.062.0328.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\amd64"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\RunOnce: [Uninstall 21.062.0328.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\21.062.0328.0001"
HKU\S-1-5-21-648673255-3041033212-2045848966-1001\...\Policies\Explorer: []
HKLM\...\Windows x64\Print Processors\Canon TS5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDF.DLL [30720 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-23] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC)
Startup: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2019-02-03]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0C93F72A-6F8E-4DC7-A2A9-7CC09D822904} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {16545A9C-9BBF-4739-90C3-D52AD3C1B751} - System32\Tasks\AdobeAAMUpdater-1.0-WINDELL-788D1Q2-Alexander => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {27ED81A3-E23C-4C1D-B463-F7FF65E4FFA6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {33A96379-28BA-479C-A2AA-D467D9A00697} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {36525BF1-C22C-43F8-A6F6-BBEBCD222162} - System32\Tasks\Opera scheduled assistant Autoupdate 1576835173 => C:\Program Files\Opera\launcher.exe [2199704 2021-05-06] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {3880284A-3737-4115-8B6F-0C4168D3F71D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {389BB786-6712-4F94-B108-AF90218D0FB0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E2F6869-CD9F-471D-82C9-B512C28F3F97} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {432DA82D-2E8F-4458-A102-BEFBCCB90C52} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-13] (Google Inc -> Google Inc.)
Task: {4BBC94E0-A0FB-4F40-BA05-F593065E1E78} - System32\Tasks\Opera scheduled Autoupdate 1509559017 => C:\Program Files\Opera\launcher.exe [2199704 2021-05-06] (Opera Software AS -> Opera Software)
Task: {551A3672-B22C-4D83-9A59-45916EBB6540} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1120696 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {55FD2A81-E285-4D47-9EDD-BE982271EB6A} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4071016 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {603C9FB2-6B0B-4052-A084-D42F91AEFCB1} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {66E53798-F95C-43C0-9B72-59E6BF3C2BD5} - System32\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {72686D95-A891-483A-BBE5-A610D06F474A} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {8C5B4ACF-CD23-4F0D-B5F7-31FE68C66242} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B78D7F5-C5C2-454F-BC6C-8F46150FDD01} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {A1BB7DE0-DDD7-4857-95D7-70DE9CE09139} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [888232 2021-01-29] (Bitdefender SRL -> Bitdefender)
Task: {AC221FF3-5AA7-4B8C-8D9E-01382A0E0A2C} - System32\Tasks\Intel\Intel® Management and Security Status => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\\IMSS\PIconStartup.exe [231400 2019-08-05] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\\IMSS\PrivacyIconClient.exe" 60
Task: {B14BC9B8-C9A1-400C-9D91-ECADA2EEFDB5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B9D624D1-2F4B-426E-9A68-BF743D83E344} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {BB06A88E-8A91-44EE-BDFC-91F595D86915} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C711D884-722A-4478-8749-923B42852DB8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CFB28C91-0A06-474B-BA10-1CB262C24C1F} - System32\Tasks\DropboxUpdateTaskMachineUA1d558491a577788 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D3B225DB-F019-45E5-BCBE-680C8314FB87} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5CD3D1D-A4B7-41E3-B1EC-92459A9B4566} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E6E24F68-D2C2-4B80-8B3A-1D141680A236} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-03-04] (Garmin International, Inc. -> )
Task: {EBB517B3-14A4-4CB2-ACD9-DF5465BD94D6} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.)
Task: {EC731A2E-2804-4084-B770-AC2EDECC6A58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-13] (Google Inc -> Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d558491a577788.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0e4f6f48-c261-4dd0-8db2-59bf5a91dfdb}: [DhcpNameServer] 10.106.8.30
Tcpip\..\Interfaces\{19c08f36-edb5-412e-9336-4049871475d5}: [DhcpNameServer] 192.168.0.1 127.0.0.1 128.0.0.1
Tcpip\..\Interfaces\{3f99e3f5-94c9-4ead-8977-2086e6de0d6b}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ca90329d-3cf3-42e6-a062-13ddf94891df}: [DhcpNameServer] 192.168.0.1 127.0.0.1 128.0.0.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Alexander\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-13]
FireFox:
========
FF DefaultProfile: ftt3x0f4.default
FF DefaultProfile: 2y091unm.default
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Zotero\Zotero\Profiles\ftt3x0f4.default [2021-04-23]
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default [2021-04-20]
FF Extension: (Hoxx VPN Proxy) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\@hoxx-vpn.xpi [2021-04-14]
FF Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\hotspot-shield@anchorfree.com.xpi [2020-12-15]
FF Extension: (Touch VPN – Kostenloses VPN und kostenloser Proxy) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\2y091unm.default\Extensions\touch-vpn@anchorfree.com.xpi [2021-01-16]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-07] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-07] (Adobe Inc. -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-07-21] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-07-21] <==== ACHTUNG
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-15]
CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-04-15]
CHR Notifications: Profile 1 -> hxxps://app.houseparty.com
CHR Extension: (Präsentationen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-12]
CHR Extension: (Docs) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-12]
CHR Extension: (Redirect Path) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aomidfkchockcldhbkggjokdkkebmdll [2021-02-25]
CHR Extension: (Google Drive) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-23]
CHR Extension: (YouTube) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-18]
CHR Extension: (Tabellen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-12]
CHR Extension: (Google Docs Offline) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-18]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Google Mail) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-05]
CHR Extension: (Chrome Media Router) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-18]
CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-12]
CHR HKU\S-1-5-21-648673255-3041033212-2045848966-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR Profile: C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable [2021-05-11]
OPR Notifications: Opera Stable -> hxxps://app.houseparty.com; hxxps://book.lufthansa.com; hxxps://business.facebook.com; hxxps://jungesrl.zulipchat.com; hxxps://portal.imice.de; hxxps://web.telegram.org; hxxps://www.facebook.com; hxxps://www.kaufda.de; hxxps://www.laptopmag.com; hxxps://www.wetteronline.de
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Ecosia - Die Suchmaschine, die Bäume pflanzt) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\cjkjohdegdpmepjcgmiafjaanigkkelo [2017-11-01]
OPR Extension: (Zotero Connector) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2021-05-05]
OPR Extension: (Rich Hints Agent) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-05-11]
OPR Extension: (Limit - Set Limits for Distracting Sites) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\idhmmjbmojepanopjakcclphcadaclmk [2020-11-02]
OPR Extension: (Install Chrome Extensions) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-12-23]
OPR Extension: (Desktop Messenger for Telegram™) - C:\Users\Alexander\AppData\Roaming\Opera Software\Opera Stable\Extensions\lamkfhpkhbgfdglofogcdipebpibjbkg [2019-12-16]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk, Inc -> Autodesk Inc.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-07] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AtcHost; C:\Program Files\Bitdefender Antivirus Free\atchost.exe [1475272 2020-10-02] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2461792 2021-04-11] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2020-08-18] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-01-17] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2020-08-19] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{CDBCEBD6-3610-40F0-A782-B593722A86D0} [21312 2020-10-13] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-10] (HP Inc. -> HP Inc.)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73928 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
S2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1775840 2020-04-16] (Rivet Networks LLC -> Rivet Networks)
S2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2663128 2020-04-16] (Rivet Networks LLC -> Rivet Networks)
S3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73928 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-10-13] (Microsoft Windows -> Microsoft Corporation)
S2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1358248 2021-01-29] (Bitdefender SRL -> Bitdefender)
S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [236128 2021-04-11] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [559200 2021-04-11] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [240352 2021-04-11] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-10-16] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2718744 2021-02-26] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2020-12-08] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309120 2020-03-05] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\Gemma.sys [488592 2021-02-26] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [187848 2020-04-16] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-11] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641728 2021-03-10] (Bitdefender SRL -> Bitdefender)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [386800 2020-12-08] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2099-07-04 05:39 - 2117-07-04 05:39 - 000000000 _____ C:\WINDOWS\SysWOW64\wsmand.log.lock
2021-05-11 17:18 - 2021-05-11 17:18 - 000002378 _____ C:\Users\Alexander\Desktop\AdwCleaner[C00].txt
2021-05-11 17:11 - 2021-05-11 17:18 - 000000000 ____D C:\AdwCleaner
2021-05-11 17:11 - 2021-05-11 17:11 - 008534696 _____ (Malwarebytes) C:\Users\Alexander\Desktop\adwcleaner_8.2.exe
2021-05-11 17:08 - 2021-05-11 17:08 - 000002286 _____ C:\Users\Alexander\Desktop\MBAM.txt
2021-05-11 16:54 - 2021-05-11 16:54 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-05-11 16:54 - 2021-05-11 16:54 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-05-11 16:54 - 2021-05-11 16:54 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-05-11 16:54 - 2021-05-11 16:54 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-05-11 16:54 - 2021-05-11 16:54 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-11 16:54 - 2021-05-11 16:54 - 000002036 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-05-11 16:54 - 2021-05-11 16:54 - 000002036 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-05-11 16:54 - 2021-05-11 16:54 - 000000000 ____D C:\Users\Alexander\AppData\Local\mbam
2021-05-11 16:53 - 2021-05-11 16:53 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-11 16:53 - 2021-05-11 16:53 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-11 16:53 - 2021-05-11 16:53 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-05-11 16:53 - 2021-05-11 16:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-05-11 16:53 - 2021-05-11 16:53 - 000000000 ____D C:\Program Files\Malwarebytes
2021-05-11 16:51 - 2021-05-11 16:51 - 002078632 _____ (Malwarebytes) C:\Users\Alexander\Desktop\MBSetup.exe
2021-05-11 10:09 - 2021-05-11 10:10 - 000053350 _____ C:\Users\Alexander\Downloads\Shortcut.txt
2021-05-11 10:06 - 2021-05-11 10:09 - 000067266 _____ C:\Users\Alexander\Downloads\Addition.txt
2021-05-11 09:51 - 2021-05-11 17:21 - 000034797 _____ C:\Users\Alexander\Downloads\FRST.txt
2021-05-11 09:49 - 2021-05-11 17:20 - 000000000 ____D C:\FRST
2021-05-11 09:47 - 2021-05-11 09:47 - 002298880 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2021-05-10 21:18 - 2021-05-10 21:18 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002) (2).pdf
2021-05-10 21:17 - 2021-05-10 21:17 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002).pdf
2021-05-10 21:17 - 2021-05-10 21:17 - 007090901 _____ C:\Users\Alexander\Downloads\21_05_09_Rennsteig 15 bis 21_8 (002) (1).pdf
2021-05-10 21:03 - 2021-05-10 21:03 - 000144035 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-05 at 09.30.39.jpeg
2021-05-10 21:02 - 2021-05-10 21:02 - 000156353 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-10 at 21.01.51.jpeg
2021-05-10 21:02 - 2021-05-10 21:02 - 000156353 _____ C:\Users\Alexander\Downloads\WhatsApp Image 2021-05-10 at 21.01.51 (1).jpeg
2021-05-10 16:45 - 2021-05-10 16:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2021-05-10 16:45 - 2021-05-10 16:45 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-05-10 16:11 - 2021-05-10 16:11 - 000003980 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1509559017
2021-05-10 16:11 - 2021-05-10 16:11 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2021-05-10 09:27 - 2021-05-10 09:27 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-648673255-3041033212-2045848966-1001
2021-05-10 09:27 - 2021-05-10 09:27 - 000002398 _____ C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-07 09:17 - 2021-05-07 09:17 - 000001407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-05-02 11:13 - 2021-05-02 11:13 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk
2021-04-30 08:48 - 2021-04-30 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-04-28 23:17 - 2021-04-28 23:17 - 000234959 _____ C:\Users\Alexander\Downloads\Berechnung-Hauskauf_Aktuell.xlsm
2021-04-24 16:07 - 2021-04-24 16:07 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-04-24 16:07 - 2021-04-24 16:07 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-04-24 12:55 - 2021-04-24 12:55 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-04-23 14:24 - 2021-04-23 14:24 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-22 13:52 - 2021-04-22 13:52 - 000372051 _____ C:\Users\Alexander\Downloads\Satzung_158.PDF
2021-04-21 10:17 - 2021-04-21 10:17 - 001427677 _____ C:\Users\Alexander\Downloads\Kurzbericht_Welt_Erbe_Haus_zur_Barrierefreiheit.PDF
2021-04-20 15:56 - 2021-05-07 09:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-04-19 20:03 - 2021-04-19 20:03 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-19 20:03 - 2021-04-19 20:03 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-19 20:03 - 2021-04-19 20:03 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-18 13:55 - 2021-04-18 13:55 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2021.lnk
2021-04-18 13:51 - 2021-04-18 13:51 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate 2021.lnk
2021-04-18 13:46 - 2021-04-18 13:46 - 000001134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Rush 1.5.lnk
2021-04-18 13:35 - 2021-04-18 13:35 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-04-16 15:58 - 2021-04-16 15:58 - 000048902 _____ C:\Users\Alexander\Downloads\DINPro Bold.zip
2021-04-16 15:56 - 2021-04-16 15:56 - 000017216 _____ C:\Users\Alexander\Downloads\DIN Bold.zip
2021-04-16 15:56 - 2021-04-16 15:56 - 000017216 _____ C:\Users\Alexander\Downloads\DIN Bold (1).zip
2021-04-16 15:55 - 2021-04-16 15:55 - 000000000 ____D C:\Users\Alexander\Downloads\flyer Ordner-20210416T135406Z-001
2021-04-16 15:54 - 2021-04-16 15:54 - 031156564 _____ C:\Users\Alexander\Downloads\flyer Ordner-20210416T135406Z-001.zip
2021-04-16 14:59 - 2021-04-16 14:59 - 000125168 _____ (Zoom Video Communications, Inc.) C:\Users\Alexander\Downloads\Zoom_cm_fo42anktZ9vvrZo4_m47SkS27WCcn4PA0hcQmB23L3OTsAxpSFvcY8@OH9ASUeSMemokc+I_k22b9e1cf54b5db69_.exe
2021-04-14 12:21 - 2021-04-14 12:21 - 000116552 _____ C:\Users\Alexander\Desktop\Snippet_316875325.idms
2021-04-14 10:11 - 2021-04-14 10:11 - 000708273 _____ C:\Users\Alexander\Downloads\HydroTower_Bestellformular und QA_2021.04.14 (1).pdf
2021-04-13 17:35 - 2021-04-13 17:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-13 12:06 - 2021-04-13 12:06 - 000612441 _____ C:\Users\Alexander\Downloads\t200605073 (1).pdf
2021-04-13 12:03 - 2021-04-13 12:03 - 000612441 _____ C:\Users\Alexander\Downloads\t200605073.pdf
2021-04-13 10:27 - 2021-04-13 10:27 - 002523013 _____ C:\Users\Alexander\Downloads\37_CleanTube_.pdf
2021-04-13 10:27 - 2021-04-13 10:27 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Forwarding_Tube.pdf
2021-04-13 10:26 - 2021-04-13 10:26 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Sleeve_Tube.pdf
2021-04-13 10:26 - 2021-04-13 10:26 - 000663032 _____ C:\Users\Alexander\Downloads\06_RP_PVC_Collar.pdf
2021-04-12 20:18 - 2021-04-12 20:18 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecsTier2
2021-04-12 18:18 - 2021-04-12 18:18 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Fahrrohr (1).pdf
2021-04-12 18:18 - 2021-04-12 18:18 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Muffenrohr (1).pdf
2021-04-12 18:17 - 2021-04-12 18:17 - 000806962 _____ C:\Users\Alexander\Downloads\04_RP_PVC_Fahrrohr.pdf
2021-04-12 18:17 - 2021-04-12 18:17 - 000716535 _____ C:\Users\Alexander\Downloads\05_RP_PVC_Muffenrohr.pdf
2021-04-12 18:17 - 2021-04-12 18:17 - 000663032 _____ C:\Users\Alexander\Downloads\06_RP_PVC_Muffen.pdf
2021-04-11 12:17 - 2021-04-11 12:17 - 000022976 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-05-11 17:19 - 2019-01-02 13:41 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2021-05-11 17:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-05-11 17:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-11 17:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-11 16:53 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-11 16:52 - 2018-02-12 19:38 - 000000000 ____D C:\Users\Alexander\AppData\LocalLow\Mozilla
2021-05-11 16:31 - 2019-10-03 22:32 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-05-11 16:28 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-11 16:28 - 2017-10-25 14:39 - 000000000 ___RD C:\Users\Alexander\OneDrive
2021-05-11 14:21 - 2020-10-08 14:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-11 09:41 - 2020-04-16 18:48 - 000000000 ____D C:\Users\Alexander\AppData\Local\WebEx
2021-05-10 21:08 - 2020-11-14 13:35 - 000000000 ____D C:\Users\Alexander\AppData\Local\CrashDumps
2021-05-10 16:11 - 2017-11-01 19:56 - 000000000 ____D C:\Program Files\Opera
2021-05-10 10:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-10 09:29 - 2020-07-07 11:34 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-10 09:29 - 2020-07-07 11:34 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-10 09:29 - 2020-07-07 11:34 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-05-07 09:18 - 2019-12-16 23:09 - 000000000 ___RD C:\Users\Alexander\Creative Cloud Files
2021-05-07 09:17 - 2017-11-08 19:58 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-05-07 09:17 - 2017-11-08 19:57 - 000000000 ____D C:\Program Files\Adobe
2021-05-07 09:17 - 2017-10-25 17:21 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-05-07 09:14 - 2021-02-14 01:42 - 000000000 ___RD C:\Users\Alexander\iCloudDrive
2021-05-07 09:13 - 2019-02-05 15:55 - 000000000 ___RD C:\Users\Alexander\Google Drive
2021-05-07 09:12 - 2017-10-25 14:36 - 000000000 __SHD C:\Users\Alexander\IntelGraphicsProfiles
2021-05-05 21:57 - 2018-03-01 19:54 - 000000000 ____D C:\Users\Alexander\AppData\Local\PlaceholderTileLogoFolder
2021-05-05 21:56 - 2020-10-08 15:13 - 000004344 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA1d558491a577788
2021-05-05 21:56 - 2020-10-08 15:13 - 000004112 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18
2021-05-05 21:56 - 2019-08-21 19:51 - 000001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d558491a577788.job
2021-05-05 21:56 - 2019-08-21 19:51 - 000001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d558491a4a8d18.job
2021-05-05 09:40 - 2020-04-16 18:48 - 000000000 ____D C:\Users\Alexander\AppData\LocalLow\WebEx
2021-05-05 08:25 - 2020-10-08 15:08 - 001723002 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-05 08:25 - 2019-12-07 16:50 - 000746440 _____ C:\WINDOWS\system32\perfh007.dat
2021-05-05 08:25 - 2019-12-07 16:50 - 000150810 _____ C:\WINDOWS\system32\perfc007.dat
2021-05-05 08:01 - 2020-12-08 16:58 - 000000000 ___HD C:\adobeTemp
2021-05-04 01:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-04 00:40 - 2021-02-05 12:34 - 000000000 ____D C:\Users\Alexander\Documents\VW Backup
2021-05-03 23:50 - 2017-10-25 17:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-30 08:48 - 2018-06-28 21:34 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-04-28 23:19 - 2017-11-20 13:33 - 000000000 ____D C:\Users\Alexander\AppData\Local\Packages
2021-04-27 09:06 - 2018-02-12 19:37 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-25 15:59 - 2020-10-08 23:12 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d69d73ac60587a
2021-04-25 15:59 - 2020-10-08 15:13 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-23 03:17 - 2021-02-27 05:18 - 000000000 ____D C:\Users\Alexander\Zotero
2021-04-22 06:04 - 2018-06-28 21:37 - 000000000 ____D C:\Users\Alexander\Dropbox
2021-04-21 17:06 - 2020-09-30 21:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-21 10:48 - 2018-05-12 19:04 - 000001285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-04-21 10:48 - 2018-02-12 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-20 21:14 - 2020-10-08 15:13 - 000003630 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-20 21:14 - 2020-10-08 15:13 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-20 12:18 - 2017-10-25 14:36 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\Adobe
2021-04-20 10:23 - 2019-02-20 22:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-20 10:18 - 2021-03-29 11:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-20 10:03 - 2021-03-03 11:13 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-20 10:03 - 2020-10-08 15:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-20 10:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-20 10:03 - 2017-10-03 08:03 - 000000000 ____D C:\Intel
2021-04-20 03:46 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-04-20 03:45 - 2021-03-03 11:13 - 000671504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-20 03:45 - 2021-02-27 05:16 - 000000000 ____D C:\Program Files (x86)\Zotero
2021-04-20 03:45 - 2019-12-07 11:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-20 03:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-19 20:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-19 20:03 - 2020-10-08 14:58 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-19 19:57 - 2017-10-30 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-19 19:55 - 2017-10-30 15:39 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-16 18:47 - 2019-12-08 14:42 - 000000000 ____D C:\Users\Alexander\Documents\SRL
2021-04-16 15:55 - 2020-09-18 17:22 - 000000000 ____D C:\Users\Alexander\Documents\HydroTower
2021-04-16 00:38 - 2018-12-25 17:13 - 000000000 ____D C:\Program Files (x86)\Steam
2021-04-15 23:24 - 2020-03-15 21:41 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\discord
2021-04-13 17:35 - 2018-02-12 19:37 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-13 17:04 - 2017-11-19 19:24 - 000000000 ____D C:\Users\Alexander\Documents\Textures
2021-04-13 16:54 - 2017-10-25 14:52 - 000000000 ____D C:\Users\Alexander\AppData\Local\Comms
2021-04-13 01:33 - 2020-10-08 15:00 - 000000000 ____D C:\Users\Alexander
2021-04-13 00:50 - 2020-11-25 17:08 - 000000000 ____D C:\Users\Alexander\AppData\Roaming\Apple Computer
2021-04-12 20:15 - 2018-05-31 21:40 - 000000000 ____D C:\Users\Alexander\AppData\Local\D3DSCache
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-01-09 18:45 - 2020-01-09 18:45 - 000000033 _____ () C:\Users\Alexander\AppData\Roaming\AdobeWLCMCache.dat
2018-06-24 13:49 - 2020-10-16 13:37 - 000000028 _____ () C:\Users\Alexander\AppData\Roaming\kulerdata.json
2020-10-05 13:18 - 2021-02-14 20:20 - 000001456 _____ () C:\Users\Alexander\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2018-10-02 08:25 - 2018-10-02 08:25 - 000000000 _____ () C:\Users\Alexander\AppData\Local\oobelibMkey.log
2017-11-01 20:40 - 2020-08-24 13:02 - 000007604 _____ () C:\Users\Alexander\AppData\Local\Resmon.ResmonCfg
2017-12-05 16:00 - 2021-02-03 16:26 - 000000287 _____ () C:\Users\Alexander\AppData\Local\VersionChecker_23.xml
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ======================== |